onlinerecerg.online Open in urlscan Pro
2a02:4780:13:1677:0:2084:71a5:2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onlinerecerg.online/
Submission: On June 18 via api (June 18th 2024, 2:22:18 am UTC) from BE — Scanned from GB

Summary HTTP 87 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 35 IPs in 7 countries across 27 domains to perform 87 HTTP transactions. The main IP is 2a02:4780:13:1677:0:2084:71a5:2, located in São Paulo, Brazil and belongs to AS-HOSTINGER, CY. The main domain is onlinerecerg.online.
TLS certificate: Issued by WR1 on June 15th 2024. Valid for: 3 months.

This is the only time onlinerecerg.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a02:4780:13:... 2a02:4780:13:1677:0:2084:71a5:2	47583 (AS-HOSTINGER) (AS-HOSTINGER)
7	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
4	18.172.112.13 18.172.112.13	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.21 99.86.4.21	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:600... 2a04:4e42:600::347	54113 (FASTLY) (FASTLY)
6	2606:4700::68... 2606:4700::6811:dffa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	52.49.44.181 52.49.44.181	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	108.138.26.87 108.138.26.87	16509 (AMAZON-02) (AMAZON-02)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
4	2.21.22.129 2.21.22.129	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a04:4e42:8e::84 2a04:4e42:8e::84	54113 (FASTLY) (FASTLY)
4	104.90.25.54 104.90.25.54	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:400c:c02::9b	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:7a0b::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	93.184.221.165 93.184.221.165	15133 (EDGECAST) (EDGECAST)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	52.18.176.215 52.18.176.215	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:cc00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
5	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
1 1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	216.200.232.249 216.200.232.249	30419 (PAEDAE-INC) (PAEDAE-INC)
1 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	23.219.162.89 23.219.162.89	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.252.40.201 34.252.40.201	16509 (AMAZON-02) (AMAZON-02)
2	92.123.51.152 92.123.51.152	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:249... 2600:9000:2491:d600:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
87	35

2 2a02:4780:13:1677:0:2084:71a5:2 (São Paulo, Brazil)

ASN47583 (AS-HOSTINGER, CY)

onlinerecerg.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.172.112.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-13.fra60.r.cloudfront.net

nubank.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-21.fra6.r.cloudfront.net

cdn.nubank.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::347 (United States)

ASN54113 (FASTLY, US)

tracking-cdn.figpii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking-settings.figpii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:dffa (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:34::36 (United States) 2 redirects

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.44.181 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-44-181.eu-west-1.compute.amazonaws.com

services.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.26.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-87.fra56.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.21.22.129 (Glattbrugg, Switzerland)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-22-129.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8e::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.90.25.54 (Brussels, Belgium)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-25-54.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c02::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.176.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-176-215.eu-west-1.compute.amazonaws.com

resources.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:cc00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.128.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.249 (Frederick, United States) 1 redirects

ASN30419 (PAEDAE-INC, US)

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.219.162.89 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-219-162-89.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.40.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-40-201.eu-west-1.compute.amazonaws.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.51.152 (Brussels, Belgium)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-51-152.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2491:d600:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 68 region1.google-analytics.com — Cisco Umbrella Rank: 2347	21 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	656 KB
6	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 901	5 KB
6	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3078 www.google.com — Cisco Umbrella Rank: 5	748 B
6	bing.com bat.bing.com — Cisco Umbrella Rank: 357	31 KB
6	teads.tv p.teads.tv — Cisco Umbrella Rank: 6044 cm.teads.tv — Cisco Umbrella Rank: 5110 t.teads.tv — Cisco Umbrella Rank: 3351	8 KB
6	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 33660 usr.navdmp.com — Cisco Umbrella Rank: 39484 cdn.navdmp.com — Cisco Umbrella Rank: 25126 sync2.navdmp.com — Cisco Umbrella Rank: 70117 sync.navdmp.com — Cisco Umbrella Rank: 26975	6 KB
6	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 63 stats.g.doubleclick.net — Cisco Umbrella Rank: 132 cm.g.doubleclick.net — Cisco Umbrella Rank: 276	6 KB
5	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3707	318 B
5	nubank.com.br nubank.com.br — Cisco Umbrella Rank: 46522 cdn.nubank.com.br — Cisco Umbrella Rank: 223560	303 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 787	139 KB
3	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1963 ups.analytics.yahoo.com — Cisco Umbrella Rank: 471 sp.analytics.yahoo.com — Cisco Umbrella Rank: 1642	713 B
3	branch.io cdn.branch.io — Cisco Umbrella Rank: 1107 api2.branch.io — Cisco Umbrella Rank: 1264	24 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	4 KB
2	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 953	97 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1101	22 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 697	7 KB
2	xg4ken.com services.xg4ken.com — Cisco Umbrella Rank: 26551 resources.xg4ken.com — Cisco Umbrella Rank: 7944	8 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	75 KB
2	figpii.com tracking-cdn.figpii.com — Cisco Umbrella Rank: 106977 tracking-settings.figpii.com — Cisco Umbrella Rank: 99580	39 KB
2	onlinerecerg.online onlinerecerg.online	5 KB
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 6603	823 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 2802	857 B
1	app.link app.link — Cisco Umbrella Rank: 2512	632 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 938	393 B
1	t.co t.co — Cisco Umbrella Rank: 711	375 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 881	15 KB
87	27

	Domain	Requested by
7	www.googletagmanager.com	onlinerecerg.online www.googletagmanager.com
6	ct.pinterest.com	s.pinimg.com tracking-cdn.figpii.com
6	bat.bing.com	onlinerecerg.online bat.bing.com analytics.tiktok.com
5	www.google.co.uk	onlinerecerg.online
4	www.google.com	onlinerecerg.online
4	analytics.tiktok.com	onlinerecerg.online analytics.tiktok.com
4	region1.google-analytics.com	www.googletagmanager.com onlinerecerg.online
4	nubank.com.br	onlinerecerg.online
3	cm.teads.tv	tracking-cdn.figpii.com onlinerecerg.online
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	googleads.g.doubleclick.net	www.googletagmanager.com
2	api2.branch.io	analytics.tiktok.com
2	t.teads.tv	tracking-cdn.figpii.com onlinerecerg.online
2	www.facebook.com	onlinerecerg.online
2	sessions.bugsnag.com	tracking-cdn.figpii.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	2 redirects
2	s.pinimg.com	onlinerecerg.online s.pinimg.com
2	s.yimg.com	onlinerecerg.online s.yimg.com
2	connect.facebook.net	onlinerecerg.online connect.facebook.net
2	tag.navdmp.com	onlinerecerg.online tag.navdmp.com
2	onlinerecerg.online
1	sp.analytics.yahoo.com	onlinerecerg.online
1	analytics.pangle-ads.com	analytics.tiktok.com
1	ups.analytics.yahoo.com	onlinerecerg.online
1	cms.analytics.yahoo.com	1 redirects
1	sync.navdmp.com	onlinerecerg.online
1	pixel.mathtag.com	1 redirects
1	sync2.navdmp.com	onlinerecerg.online
1	cm.g.doubleclick.net	1 redirects
1	cdn.navdmp.com	tag.navdmp.com
1	app.link	cdn.branch.io
1	resources.xg4ken.com	onlinerecerg.online
1	analytics.twitter.com	onlinerecerg.online
1	t.co	onlinerecerg.online
1	usr.navdmp.com	tag.navdmp.com
1	tracking-settings.figpii.com	tracking-cdn.figpii.com
1	p.teads.tv	www.googletagmanager.com
1	static.ads-twitter.com	onlinerecerg.online
1	cdn.branch.io	onlinerecerg.online
1	services.xg4ken.com	www.googletagmanager.com
1	tracking-cdn.figpii.com	www.googletagmanager.com
1	cdn.nubank.com.br	onlinerecerg.online
87	43

This site contains links to these domains. Also see Links.

Domain
blog.nubank.com.br

Subject Issuer	Validity	Valid
onlinerecerg.online WR1	`2024-06-15` - `2024-09-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
nubank.com.br Amazon RSA 2048 M03	`2023-10-09` - `2024-11-04`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.figpii.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-09` - `2024-12-09`	a year	crt.sh
navdmp.com GTS CA 1P5	`2024-05-31` - `2024-08-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-27` - `2024-06-25`	3 months	crt.sh
*.xg4ken.com Go Daddy Secure Certificate Authority - G2	`2023-10-29` - `2024-11-29`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-05-30` - `2024-07-17`	2 months	crt.sh
*.branch.io Amazon RSA 2048 M01	`2023-09-11` - `2024-10-09`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
teads.tv R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
*.google.co.uk WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-20` - `2025-04-15`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-19` - `2024-09-17`	a year	crt.sh
appipv4.link Amazon RSA 2048 M03	`2024-03-25` - `2025-04-22`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-03-19` - `2024-09-11`	6 months	crt.sh

This page contains 2 frames:

Primary Page: https://onlinerecerg.online/
Frame ID: E47E430CB0A43CA18F0D9A956476D16E
Requests: 89 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 09F7C15BBFA2C305447D695D80E4D06C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

Page Statistics

87
Requests

94 %
HTTPS

50 %
IPv6

27
Domains

43
Subdomains

35
IPs

7
Countries

1468 kB
Transfer

3715 kB
Size

27
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.nubank.com.br/centralpix
Title: Como funciona o Pix? >

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://region1.analytics.google.com/g/collect?v=2&tid=G-LQFLJDQXD9&gtm=45je46c0v896476121z871007391za200zb71007391&_p=1718677307153&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=919064589.1718677308&ul=en-gb&are=1&frm=0&pscdl=noapi&_geo=1&_rdi=1&_s=1&sid=1718677307&sct=1&seg=0&dl=https%3A%2F%2Fonlinerecerg.online%2F&dt=Pague%20Daniel%20Luis%20de%20Lima&en=page_view&_fv=2&_ss=2&_c=1&ep.is_adblock_enabled=false&ep.country=br&tfd=1725&_z=sendBeacon HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=919064589.1718677308&dbk=11259245038236291830&dma=0&en=page_view&gtm=45je46c0v896476121z871007391za200zb71007391&npa=0&tid=G-LQFLJDQXD9&dl=https%3A%2F%2Fonlinerecerg.online%3F

Request Chain 33

https://region1.analytics.google.com/g/collect?v=2&tid=G-LQFLJDQXD9&gtm=45je46c0v896476121za200zb71007391&_p=1718677307153&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=919064589.1718677308&ul=en-gb&are=1&frm=0&pscdl=noapi&_eu=AEA&_geo=1&_rdi=1&_s=2&sid=1718677307&sct=1&seg=0&dl=https%3A%2F%2Fonlinerecerg.online%2F&dt=Pague%20Daniel%20Luis%20de%20Lima&en=scroll&_c=1&ep.is_adblock_enabled=false&ep.country=br&epn.percent_scrolled=90&_et=18&tfd=1748&_z=sendBeacon HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=919064589.1718677308&dbk=5071706260571837398&dma=0&en=scroll&gtm=45je46c0v896476121za200zb71007391&npa=0&tid=G-LQFLJDQXD9&dl=https%3A%2F%2Fonlinerecerg.online%3F

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=89420255986 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=89420255986&google_gid=CAESEOk3GlQ-l14A49w6Zzn4Lxo&google_cver=1

Request Chain 68

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=d4486670-ef3c-4900-9a44-b49c337625ce

Request Chain 69

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

87 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
onlinerecerg.online/ 19 KB
4 KB 1144ms
408ms Document
text/html 2a02:4780:13:1677:0:2084:71a5:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinerecerg.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1677:0:2084:71a5:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

33cd66d54a4f8ba7268ea1130fc75b4f62596b6eaaef9e98d31977dbc98813de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 4042
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Tue, 18 Jun 2024 02:21:47 GMT
etag: "4d87-666e1994-2ad65d344539cd25;br"
last-modified: Sat, 15 Jun 2024 22:45:40 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
82 KB 228ms
73ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-16611178122

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

03a7ab09581c42ab6765efac0c78c4cb660a619999665cfab263b01cc1f0c9c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83607
x-xss-protection: 0
last-modified: Tue, 18 Jun 2024 00:40:28 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 18 Jun 2024 02:21:47 GMT

GET
H2 200 tachyons.min.css
nubank.com.br/gallywix/tachyons@4.10.0/ 72 KB
72 KB 225ms
63ms Stylesheet
text/css 18.172.112.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nubank.com.br/gallywix/tachyons@4.10.0/tachyons.min.css

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-13.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a070d759b5c8744d50d21c99c55a313777798e42e6c14a2e5d2f3691ea01752c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:11:53 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront), 1.1 e2239bbca97bdb08942ca2cd020caca8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA6-C1, FRA60-P8
age: 18595
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 73539
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 17 Jun 2024 19:29:23 GMT
server: AmazonS3
etag: "c8db36b43e4cf3e01d6bd1f86e996df9"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: xnKVrgeoFWES0sWTsVI1O2bZ0dYQJFWae3_h90D1ibvDYusVSPv73w==

GET
H2 200 5DED0610143E15BC3.css
nubank.com.br/fonts/575335/ 200 KB
200 KB 223ms
63ms Stylesheet
text/css 18.172.112.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nubank.com.br/fonts/575335/5DED0610143E15BC3.css

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-13.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

db50070cbd40f4eb6a1203f189eefaa3ae4cb90a9df828e0c07095b6d5cb6ae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:11:53 GMT
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront), 1.1 e2239bbca97bdb08942ca2cd020caca8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA6-C1, FRA60-P8
age: 18595
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 204501
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 17 Jun 2024 19:29:18 GMT
server: AmazonS3
etag: "39b90d6602cf47295b0038bdfb854cec"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: Ke6Lhe0N9B7DqsR9ZemY4IfpCX4osWYJyjZorW9eW7zr8WAPeU0ZUw==

GET
H2 200 graphik.css
cdn.nubank.com.br/fonts/Graphik/ 1 KB
2 KB 211ms
61ms Stylesheet
text/css 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.nubank.com.br/fonts/Graphik/graphik.css

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

88093799749ef820fd0d1fce6c111ebe4e667de4e4a9b154d5b34ecd4286ae78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 01:15:30 GMT
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA6-C1
age: 3978
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1130
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 Jun 2024 01:11:47 GMT
server: AmazonS3
etag: "284038a4bbd86e77b3978882fd443eee"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: t-pgTTvFKYGYGDFv6_3Qwos_g1SSFBy_L6txBPkP2LzVopXsytiYIw==

GET
H2 200 qrious.min.js Show response
nubank.com.br/gallywix/qrious@4.0.2/ 17 KB
18 KB 223ms
63ms Script
application/javascript 18.172.112.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nubank.com.br/gallywix/qrious@4.0.2/qrious.min.js

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-13.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

db99dcaf40a926181bce4522477c2efc5924f6c4b29111b6a97faea477c9528b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:11:53 GMT
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront), 1.1 e2239bbca97bdb08942ca2cd020caca8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA6-C1, FRA60-P8
age: 18595
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17579
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 17 Jun 2024 19:29:23 GMT
server: AmazonS3
etag: "ea58889c516e953d6e78ca4834f834c4"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: JIH3ryyGJlKScm_MYV_za97INUgpVXmVuUkWDRe8jDsGTyRTsJvlAQ==

GET
H2 200 clipboard.min.js Show response
nubank.com.br/gallywix/clipboard@2.0.6/ 10 KB
11 KB 223ms
64ms Script
application/javascript 18.172.112.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nubank.com.br/gallywix/clipboard@2.0.6/clipboard.min.js

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-13.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:11:54 GMT
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront), 1.1 e2239bbca97bdb08942ca2cd020caca8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA6-C1, FRA60-P8
age: 18594
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 10453
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 17 Jun 2024 19:29:22 GMT
server: AmazonS3
etag: "af8ab36589315582ccdd82f22e84bffb"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: RXVWCixnwPsRBgo1cYibaBcjzHgj_DuTt9hwp5kHtkGr8sdV4jui4A==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 334 KB
100 KB 239ms
109ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGFBFP

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

466e47363b30e31f517b8b4791937ba1277cfe618101d45ca1d65b5adc43884b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102398
x-xss-protection: 0
last-modified: Tue, 18 Jun 2024 00:40:28 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 18 Jun 2024 02:21:47 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/16611178122/ 3 KB
2 KB 211ms
69ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16611178122/?random=1718677307415&cv=11&fst=1718677307415&bg=ffffff&guid=ON&async=1&gtm=45be46c0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fonlinerecerg.online%2F&hn=www.googleadservices.com&frm=0&tiba=Pague%20Daniel%20Luis%20de%20Lima&npa=0&pscdl=noapi&auid=283831013.1718677307&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16611178122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a8a2b2dfb3d59ead1e549d854f78ade05c188b2630b775a16f2a9d692e13a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1427
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 940 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b3824b1bcf19b107255ec31b2fe61c1e357d71e7922c2385c8a14882b23dabe

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 30 KB
30 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38c2d160bc2a7c43e2c7ec2f3ce21056e22c55bcc3bf7f9639e91ff2565dbd63

Request headers

Referer
Origin: https://onlinerecerg.online
Accept-Language: en-GB,en;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 30 KB
30 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ada7db60ffda50544ff2f754cbba9fb96ab6c9dac09af21b40ed1db3e5bf9ce3

Request headers

Referer
Origin: https://onlinerecerg.online
Accept-Language: en-GB,en;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 30 KB
30 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5080b13d642119467d704022f5e07d81d25915512e429eed7d36a7a9b896a68d

Request headers

Referer
Origin: https://onlinerecerg.online
Accept-Language: en-GB,en;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: font/opentype

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
102 KB 63ms
62ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZL76F6HX1P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGFBFP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dfc0956b4bd07d48cd1eb5f3f844e66168600600ef0b3efbb38bb03542a47fa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104828
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jun 2024 02:21:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 343 KB
108 KB 80ms
80ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LQFLJDQXD9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGFBFP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

852e2846d6f09797152db35c74a1e5b2075510a05fce97f99114ea3a255aac0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 110033
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jun 2024 02:21:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 208ms
56ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGFBFP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Jun 2024 00:29:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6759
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 18 Jun 2024 02:29:08 GMT

GET
H2 200 38739501377e81c62a010d8bbbc58432.js Show response
tracking-cdn.figpii.com/ 129 KB
38 KB 215ms
37ms Script
text/javascript 2a04:4e42:600::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking-cdn.figpii.com/38739501377e81c62a010d8bbbc58432.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGFBFP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c06fb43b96f994d11a9f38fe98a3353ddf7b3b07ae1eb51692e3dc47fb5537a4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:47 GMT
via: 1.1 673d886861bceb7b91087376ca48e9fc.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: br
x-amz-request-id: AD680VT928761PRC
x-amz-cf-pop: LHR61-P4
x-amz-server-side-encryption: AES256
age: 0
x-cache: Miss from cloudfront, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 38252
x-amz-id-2: la7kdhCabDXR9p4GCJxfQmv2rEI0FwvWmsiFt0t6Jl541aJU335LUsIGb9qYVuNa/4JX8vdKFcc=
x-served-by: cache-lcy-eglc8600090-LCY
last-modified: Wed, 12 Jun 2024 13:15:10 GMT
server: AmazonS3
x-timer: S1718677308.701565,VS0,VE0
etag: "bfda2d44d98e925c92eac3591b4f3ccc"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=7200, immutable
accept-ranges: bytes
link: <https://tracking-settings.figpii.com>; rel=preconnect, <https://statics-cdn.figpii.com>; rel=preconnect, <https://rr.figpii.com>; rel=preconnect, <https://variations-cdn.figpii.com>; rel=preconnect; crossorigin
x-amz-cf-id: C7xmKt6Azg_k9H7XXn-hN2UAbfH9kyhrq3B66SKaCdiDwkuCLhCV1g==
x-cache-hits: 3

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 298 KB
98 KB 71ms
71ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2JHZMB&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGFBFP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d841993d643cea34ed7a82a7a206c2e5351e62833d26adcfcee0b6765c8e06b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100409
x-xss-protection: 0
last-modified: Tue, 18 Jun 2024 00:40:28 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 18 Jun 2024 02:21:47 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 14 KB
5 KB 180ms
45ms Script
application/javascript 2606:4700::6811:dffa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: onlinerecerg.online
URL: https://onlinerecerg.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:dffa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 20:59:24 GMT
server: cloudflare
age: 3367
etag: W/"642de12c-36d1"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 8957ced4cb8b4599-LHR
expires: Tue, 18 Jun 2024 02:25:40 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 193ms
60ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZL76F6HX1P&gtm=45je46c0v888803077z871007391za200zb71007391&_p=1718677307153&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=919064589.1718677308&ul=en-gb&are=1&frm=0&pscdl=noapi&_geo=1&_rdi=1&_s=1&sid=1718677307&sct=1&seg=0&dl=https%3A%2F%2Fonlinerecerg.online%2F&dt=Pague%20Daniel%20Luis%20de%20Lima&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=1641&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZL76F6HX1P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://onlinerecerg.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 226 KB
82 KB 76ms
76ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-948317731&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2JHZMB&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee91831bb11f10ead5fd80697c06fef92ab43ed38232055c8a9f02db40e6aae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83652
x-xss-protection: 0
last-modified: Tue, 18 Jun 2024 00:40:28 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 18 Jun 2024 02:21:47 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 234 KB
84 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-963026780&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2JHZMB&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27d85e9c33aceb2a13572b4898e75ce9f17cf8b92c3d6343610b40fe236485c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85775
x-xss-protection: 0
last-modified: Tue, 18 Jun 2024 00:40:28 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 18 Jun 2024 02:21:47 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 193ms
56ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 18 Jun 2024 02:21:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=13, mss=1392, tbw=2771, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: TusaRzy+mQik+UnbULLbWrxJ7jGuUk8nqrz0H88VJwWlXedjBircz/2b9SDXmwMA89Wv6AaYBmXTTqVMcqcQhg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 kenshoo.js Show response
services.xg4ken.com/js/ 10 KB
4 KB 232ms
52ms Script
application/javascript 52.49.44.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.xg4ken.com/js/kenshoo.js?cid=51452f4a-f483-4da2-8cc6-60b2cc17008c
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2JHZMB&l=dataLayer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.44.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-44-181.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4299855c4eb1eb583d8226d6cdbd630896867779831eb78d8bc56e7f942d1a14

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:47 GMT
content-encoding: gzip
last-modified: Thu, 21 Mar 2024 22:48:28 GMT
x-debug-kenshoo-server: ip-10-174-85-239
etag: "ba5cc0f876d766d871f54db26e7686eb--gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 214ms
50ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

ats-carp-promotion: 1, 1
date: Tue, 18 Jun 2024 01:23:05 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: F7SSGMY7STEQGY6G
age: 3523
x-amz-server-side-encryption: AES256
content-length: 6262
x-amz-id-2: sdWpw74LXgRhvSH52N0B3VP5B5jy4iUcY7O/TFzQKKb3Ww3ldwrNJgW+9xNHKFoja1vakSRKR2s=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 75 KB
23 KB 228ms
63ms Script
text/javascript 108.138.26.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: onlinerecerg.online
URL: https://onlinerecerg.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: JdSJSDd4bnNFPjlwdZ2RC7ixUU_rrhPQ
content-encoding: gzip
via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
date: Tue, 18 Jun 2024 02:17:11 GMT
last-modified: Wed, 10 Apr 2024 21:44:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 277
etag: "f4ec9657a3dc111d088e2eca7b9796a4"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
content-length: 23431
x-amz-cf-id: MVRVr9z6chEgW-s61mgzzPT-Qzs9kA9jYNYj977YeWehwVDNrOEcIQ==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 222ms
59ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: onlinerecerg.online
URL: https://onlinerecerg.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:47 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220028-FRA

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 359ms
189ms Script
application/javascript 2.21.22.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1Q5MVUHLSU5AAHCLG10&lib=ttq
Requested by: Host: onlinerecerg.online
URL: https://onlinerecerg.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.22.129 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-22-129.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 516f7dada9733595adab3ca4999ad127b4960a84fa970b0a5ec048723ee1b8fe

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 24166d8a.5f1bb976
date: Tue, 18 Jun 2024 02:21:47 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240618022147AE098F1D80C78556DA72-771C61C3205C6C3A-00
x-cache: TCP_MISS from a2-21-22-125.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time: 102,2.21.22.125
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=9, inner; dur=4
content-length: 1520
pragma: no-cache
server: nginx
x-tt-logid: 20240618022147AE098F1D80C78556DA72
x-cache-remote: TCP_MISS from a184-27-45-61.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,184.27.45.61
x-tt-trace-host: 014d99b60339ab6ed2a5908c9d5ca7c513531573e632ffae1f06397dad58d847db875cb89958d6ef615fbb6eb23fcde99484b5a11913d94a97963497bc6978ac79705c5bdb2f4ffb9e09265530b0542dc3105a8635d1e81d6f83ef20d2afb68651617c753025bfcb819d027631fb819926
expires: Tue, 18 Jun 2024 02:21:47 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 221ms
60ms Script
application/javascript 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: onlinerecerg.online
URL: https://onlinerecerg.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e9632017fc5e1d005631debbcc1b45afcd01834266a49cf8f22bce3140555249

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:47 GMT
content-encoding: br
x-cdn: fastly
etag: "9bc4bd8fd6a7603cc1c91cc83fc17417"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1878

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 18 KB
6 KB 225ms
50ms Script
application/javascript 104.90.25.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2JHZMB&l=dataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.25.54 Brussels, Belgium, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-25-54.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b7ea495618522b5401719ca5b1eaa05da311dcacc6c48b5515f2af1e2351e8f3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 18 Jun 2024 02:21:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Feb 2024 09:45:19 GMT
Server: AmazonS3
x-amz-request-id: PZ981EYCHPGV747A
ETag: "7571f2b08378e73bce1d28a5908d2cd5"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=482
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5930
x-amz-id-2: coQiovzsZSU4N32yqiBMox1cwKwD/pV04sb/ErQ54WaAXaJhReJfoRebvj15l4O2IF2LJKlvpmE=

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 204ms
41ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 18 Jun 2024 02:21:47 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A86D181B5A2A45D3AFA1056A5E61A9D0 Ref B: LTSEDGE0810 Ref C: 2024-06-18T02:21:47Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2

204

https://region1.analytics.google.com/g/collect?v=2&tid=G-LQFLJDQXD9&gtm=45je46c0v896476121z871007391za200zb71007391&_p=1718677307153&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=919064589.171867...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=919064589.1718677308&dbk=11259245038236291830&dma=0&en=page_view&gtm=45je46c0v896476121z871007391za200zb71007391&np...

0
43 B

52ms
50ms

Ping
text/plain

2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=919064589.1718677308&dbk=11259245038236291830&dma=0&en=page_view&gtm=45je46c0v896476121z871007391za200zb71007391&npa=0&tid=G-LQFLJDQXD9&dl=https%3A%2F%2Fonlinerecerg.online%3F
Requested by: Host: onlinerecerg.online
URL: https://onlinerecerg.online/
Protocol: H2
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://onlinerecerg.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:47 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:47 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=919064589.1718677308&dbk=11259245038236291830&dma=0&en=page_view&gtm=45je46c0v896476121z871007391za200zb71007391&npa=0&tid=G-LQFLJDQXD9&dl=https%3A%2F%2Fonlinerecerg.online%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 486
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 57ms
56ms Ping
text/plain 2a00:1450:400c:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LQFLJDQXD9&cid=919064589.1718677308&gtm=45je46c0v896476121z871007391za200zb71007391&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQFLJDQXD9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://onlinerecerg.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 192ms
51ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LQFLJDQXD9&cid=919064589.1718677308&gtm=45je46c0v896476121z871007391za200zb71007391&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=789515156

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

https://region1.analytics.google.com/g/collect?v=2&tid=G-LQFLJDQXD9&gtm=45je46c0v896476121za200zb71007391&_p=1718677307153&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=919064589.1718677308&ul=en-gb&are...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=919064589.1718677308&dbk=5071706260571837398&dma=0&en=scroll&gtm=45je46c0v896476121za200zb71007391&npa=0&tid=G-LQFL...

0
43 B

50ms
50ms

Ping
text/plain

2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=919064589.1718677308&dbk=5071706260571837398&dma=0&en=scroll&gtm=45je46c0v896476121za200zb71007391&npa=0&tid=G-LQFLJDQXD9&dl=https%3A%2F%2Fonlinerecerg.online%3F
Requested by: Host: onlinerecerg.online
URL: https://onlinerecerg.online/
Protocol: H2
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://onlinerecerg.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:47 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:47 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=919064589.1718677308&dbk=5071706260571837398&dma=0&en=scroll&gtm=45je46c0v896476121za200zb71007391&npa=0&tid=G-LQFLJDQXD9&dl=https%3A%2F%2Fonlinerecerg.online%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 472
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/16611178122/ 42 B
64 B 214ms
55ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/16611178122/?random=1718677307415&cv=11&fst=1718676000000&bg=ffffff&guid=ON&async=1&gtm=45be46c0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fonlinerecerg.online%2F&hn=www.googleadservices.com&frm=0&tiba=Pague%20Daniel%20Luis%20de%20Lima&npa=0&pscdl=noapi&auid=283831013.1718677307&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLJdjRhbCAup0guWO0IloJSUn5qgOwBg&random=1278356026&rmt_tld=0&ipr=y

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/16611178122/ 42 B
64 B 121ms
53ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/16611178122/?random=1718677307415&cv=11&fst=1718676000000&bg=ffffff&guid=ON&async=1&gtm=45be46c0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fonlinerecerg.online%2F&hn=www.googleadservices.com&frm=0&tiba=Pague%20Daniel%20Luis%20de%20Lima&npa=0&pscdl=noapi&auid=283831013.1718677307&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLJdjRhbCAup0guWO0IloJSUn5qgOwBg&random=1278356026&rmt_tld=1&ipr=y

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 53215 Show response
tag.navdmp.com/u/ 783 B
639 B 143ms
142ms Script
application/javascript 2606:4700::6811:dffa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/53215
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:dffa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae210c00ab59b27f51eb4287087bc6fb877083ffd9a758c33a36a0149eb9d9d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 07 Sep 2021 18:44:57 GMT
server: cloudflare
etag: W/"6137b329-30f"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 8957ced56bdd4599-LHR
expires: Tue, 18 Jun 2024 03:21:47 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
210 B 49ms
48ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=181359502&t=pageview&_s=1&dl=https%3A%2F%2Fonlinerecerg.online%2F&dp=%2F&ul=en-gb&de=UTF-8&dt=Pague%20Daniel%20Luis%20de%20Lima&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAAI~&jid=1983792644&gjid=957432747&cid=919064589.1718677308&tid=UA-54526048-9&_gid=1751727840.1718677308&_slc=1&gtm=45He46c0n71KGFBFPv71007391za200&cd6=0&cd7=www&cd9=&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1613597714

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://onlinerecerg.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
354 B 212ms
62ms XHR
text/plain 2a00:1450:400c:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-54526048-9&cid=919064589.1718677308&jid=1983792644&gjid=957432747&_gid=1751727840.1718677308&_u=YCDAgEABAAAAAGAAI~&z=1097737500

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jun 2024 02:21:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://onlinerecerg.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 294ms
160ms Preflight 2600:1901:0:7a0b::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://onlinerecerg.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 18 Jun 2024 02:21:47 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
97 B 165ms
164ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: tracking-cdn.figpii.com
URL: https://tracking-cdn.figpii.com/38739501377e81c62a010d8bbbc58432.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Bugsnag-Api-Key: 465ea043759a7e320b7a44e46a8aa7c2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Bugsnag-Payload-Version: 1
Referer: https://onlinerecerg.online/
Bugsnag-Sent-At: 2024-06-18T02:21:47.759Z
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 18 Jun 2024 02:21:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 38739501377e81c62a010d8bbbc58432.json Show response
tracking-settings.figpii.com/ 142 B
937 B 261ms
136ms Fetch
application/json 2a04:4e42:600::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking-settings.figpii.com/38739501377e81c62a010d8bbbc58432.json
Requested by: Host: tracking-cdn.figpii.com
URL: https://tracking-cdn.figpii.com/38739501377e81c62a010d8bbbc58432.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c2894ee9873bb305c8d0af29846eec04cee17c3ecfcbd338af356e6ce9b1500

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-amz-request-id: 46G06VR28817Q4S6
age: 0
x-amz-server-side-encryption: AES256
x-figpii-city: camden
x-is-identified: 0
x-is-mobile: 0
x-client-ip: 2a00:2381:5374:1c::82
x-served-by: cache-lga13623-LGA, cache-lcy-eglc8600099-LCY
x-timer: S1718677308.899455,VS0,VE106
etag: "a39e32a2b7bb80af87b12d3cfcfc8e99"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=90, immutable
x-cache-hits: 2474, 0
x-figpii-country: GB
date: Tue, 18 Jun 2024 02:21:48 GMT
via: 1.1 b759e26bde22770788987f2078515d9a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront, HIT, MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 115
x-amz-id-2: CxvdO4i7q9z1+kYSolv4YAwfS0ucIzf2s4O6HiOqA4+tzKncbuOTcYKJW8g1OP1XKMDbSuvQ9mA=
x-is-tablet: 0
x-client-hwtype: Desktop
last-modified: Tue, 11 Jun 2024 18:30:28 GMT
server: AmazonS3
x-figpii-region: CMD
x-is-crawler: 0
accept-ranges: bytes
x-amz-cf-id: FkmBp5F5SAKM7cdizwSFFymXf-QQSc1gfCjL5_w_sbfI6SDktxJQnA==

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/963026780/ 3 KB
1 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963026780/?random=1718677307828&cv=11&fst=1718677307828&bg=ffffff&guid=ON&async=1&gtm=45be46c0v882500677z8811626569za201zb811626569&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fonlinerecerg.online%2F&hn=www.googleadservices.com&frm=0&tiba=Pague%20Daniel%20Luis%20de%20Lima&npa=0&pscdl=noapi&auid=283831013.1718677307&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-963026780&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb8ca50c10f3b6bef2faa9ed1906300c05886a1beac03d6720a99946582196e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1444
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/948317731/ 3 KB
1 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/948317731/?random=1718677307849&cv=11&fst=1718677307849&bg=ffffff&guid=ON&async=1&gtm=45be46c0z8811626569za201zb811626569&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fonlinerecerg.online%2F&hn=www.googleadservices.com&frm=0&tiba=Pague%20Daniel%20Luis%20de%20Lima&npa=0&pscdl=noapi&auid=283831013.1718677307&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-948317731&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d899794be8dcd526e935bb74a39d412acfac3b84007f82d282aacba320c3b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1438
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10074207.json Show response
s.yimg.com/wi/config/ 46 B
678 B 285ms
144ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10074207.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e4beb03fc1729ebd935a1e8c5fc2789434e9d2d3189875ca79cc73353a5a9bab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:49 GMT
x-amz-version-id: UTTnBE_nsAO_tL9lLoXDOLw_47kw9Kgh
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: DZJV8XSH4WK5E101
age: 0
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: BS0LQ4xpLkV9To0dJtxUHF6Uo2zstN0hV4vEybmAtOk4kCMYNClxyCXhEeVFBW0xNiRs38ZlNxQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 24 Jul 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 18 Jun 2024 01:35:44 GMT
server: ATS
etag: "456a0ca85eb46743641580b9fac322f8"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 usr Show response
usr.navdmp.com/ 359 B
453 B 159ms
149ms Script
application/javascript 2606:4700::6811:dffa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=9&acc=53215&u=1&new=1&wst=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:dffa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eead2db985b70f2f691ddfb91254a457e3d76746a704b018d5f38d6d33c3c5cf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Tue, 18 Jun 2024 02:21:48 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 8957ced66c8c4599-LHR
expires: Tue, 18 Jun 2024 03:21:47 GMT

GET
H2 200 1438448073136396 Show response
connect.facebook.net/signals/config/ 72 KB
16 KB 179ms
178ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1438448073136396?v=2.9.158&r=stable&domain=onlinerecerg.online&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2e9c545836a949830be9feefa2d8ebc3688fcfdb9a5a845b9edb3bae822c462a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 18 Jun 2024 02:21:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=61, mss=1392, tbw=63551, tp=-1, tpl=-1, uplat=132, ullat=0
pragma: public
x-fb-debug: 5OgPRC63DDU0vdWHa648LQx3Q0XsZ/dT8xHVKtEMLxRvTboGbJznYnJt9Ay7wWjE1vgg20rz4iqHVj7L+yFtYA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
375 B 296ms
154ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=91d1d8df-466b-4d81-a017-9672af0556cd&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c9fcf956-f1bc-491a-b6a5-5310e30da05d&tw_document_href=https%3A%2F%2Fonlinerecerg.online%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4inn&type=javascript&version=2.3.30

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 114
date: Tue, 18 Jun 2024 02:21:47 GMT
strict-transport-security: max-age=0
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 2d2f5973bebacac0
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d6acbb212892bb84813ca6f1fccc7d79fdeddcb18b0e52e329518d6b786de0a2
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 317ms
178ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=91d1d8df-466b-4d81-a017-9672af0556cd&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c9fcf956-f1bc-491a-b6a5-5310e30da05d&tw_document_href=https%3A%2F%2Fonlinerecerg.online%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4inn&type=javascript&version=2.3.30

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 114
date: Tue, 18 Jun 2024 02:21:47 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 49747c8b4a71786d
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 6763feb318fb49c7313aae2f9f8c1684c05a06dcd69b2d23b6129f2613b0ee35
content-length: 43

GET
H2 200 ktag.js Show response
resources.xg4ken.com/js/v2/ 10 KB
4 KB 245ms
56ms Script
application/javascript 52.18.176.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N34AB-3EA

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.176.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-176-215.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

df1f82104ebe5a87273b4791a66047cee1782f947e1325fb49307aef02980160

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:48 GMT
content-encoding: gzip
last-modified: Sun, 16 Jun 2024 08:02:52 GMT
server: nginx
etag: "666e9c2c-e70"
content-type: application/javascript
cache-control: max-age=86400, public
content-length: 3696
x-xss-protection: 1; mode=block
expires: Wed, 19 Jun 2024 02:21:48 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/963026780/ 42 B
64 B 83ms
54ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/963026780/?random=1718677307828&cv=11&fst=1718676000000&bg=ffffff&guid=ON&async=1&gtm=45be46c0v882500677z8811626569za201zb811626569&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fonlinerecerg.online%2F&hn=www.googleadservices.com&frm=0&tiba=Pague%20Daniel%20Luis%20de%20Lima&npa=0&pscdl=noapi&auid=283831013.1718677307&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooL0c58Rgg0fPQreD9EHok7uZiKMxcpQElc9igMbvT5BLMvtiod&random=3980208806&rmt_tld=0&ipr=y

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/963026780/ 42 B
64 B 51ms
50ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/963026780/?random=1718677307828&cv=11&fst=1718676000000&bg=ffffff&guid=ON&async=1&gtm=45be46c0v882500677z8811626569za201zb811626569&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fonlinerecerg.online%2F&hn=www.googleadservices.com&frm=0&tiba=Pague%20Daniel%20Luis%20de%20Lima&npa=0&pscdl=noapi&auid=283831013.1718677307&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooL0c58Rgg0fPQreD9EHok7uZiKMxcpQElc9igMbvT5BLMvtiod&random=3980208806&rmt_tld=1&ipr=y

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _r Show response
app.link/ 91 B
632 B 387ms
216ms Script
text/javascript 2600:9000:2057:cc00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.85.0&branch_key=key_live_imKCPsW6WgTDmeZ9wqpK4hdlFqb0Dbcm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:cc00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

9f5a5968021abb64271e0fc5804962f806be5bbce21b67efb5d8a1708fd057a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
server: openresty
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
x-amz-cf-pop: FRA6-C1
etag: W/"5b-hzgJKZ4w5C6UgSqRUNYws9LB6N0"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: crQn0GiLC8LwUUrzo6Q9c7TSH6GQOcI6w0ilMrtzdgE5o614OD-Pig==

GET
H2 200 main.f74ed22b.js Show response
s.pinimg.com/ct/lib/ 70 KB
20 KB 44ms
44ms Script
application/javascript 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 35f4108ae4ee8a216ba179119f2d4dc2b020947c23a5455cf90472f2f40432f5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:47 GMT
content-encoding: br
x-cdn: fastly
etag: "446a72b73c00f6022c92a764d3c540bb"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 20114

GET
H3 200 /
www.google.com/pagead/1p-user-list/948317731/ 42 B
64 B 81ms
53ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/948317731/?random=1718677307849&cv=11&fst=1718676000000&bg=ffffff&guid=ON&async=1&gtm=45be46c0z8811626569za201zb811626569&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fonlinerecerg.online%2F&hn=www.googleadservices.com&frm=0&tiba=Pague%20Daniel%20Luis%20de%20Lima&npa=0&pscdl=noapi&auid=283831013.1718677307&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLiO27BeEokbBRI5P9Kcq6xM3ccEs45AFG9ZPwbKcHB6fCAOmQ&random=147727298&rmt_tld=0&ipr=y

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/948317731/ 42 B
64 B 52ms
52ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/948317731/?random=1718677307849&cv=11&fst=1718676000000&bg=ffffff&guid=ON&async=1&gtm=45be46c0z8811626569za201zb811626569&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fonlinerecerg.online%2F&hn=www.googleadservices.com&frm=0&tiba=Pague%20Daniel%20Luis%20de%20Lima&npa=0&pscdl=noapi&auid=283831013.1718677307&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLiO27BeEokbBRI5P9Kcq6xM3ccEs45AFG9ZPwbKcHB6fCAOmQ&random=147727298&rmt_tld=1&ipr=y

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 79ms
52ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-54526048-9&cid=919064589.1718677308&jid=1983792644&_u=YCDAgEABAAAAAGAAI~&z=2100480266

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 51ms
51ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-54526048-9&cid=919064589.1718677308&jid=1983792644&_u=YCDAgEABAAAAAGAAI~&z=2100480266

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 142 B
586 B 266ms
98ms Fetch
application/json 104.90.25.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fonlinerecerg.online%2F&buyer_pixel_id=3897
Requested by: Host: tracking-cdn.figpii.com
URL: https://tracking-cdn.figpii.com/38739501377e81c62a010d8bbbc58432.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.25.54 Brussels, Belgium, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-25-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0403fcc88f5c86bb389606f4b9ab2c222de047f432561433c9395f3d806a3ced

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 18 Jun 2024 02:21:48 GMT
Observe-Browsing-Topics: ?1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://onlinerecerg.online
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 142
Expires: Tue, 18 Jun 2024 02:21:48 GMT

GET
H2 200 52003682.js Show response
bat.bing.com/p/action/ 1 KB
839 B 39ms
39ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/52003682.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0f71613ed9273c1b560ac8755bd882f13224d19e0ca5ba06658e801659ba2969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Tue, 18 Jun 2024 02:21:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D5D9E038DE14402B83848945951131B1 Ref B: LTSEDGE0810 Ref C: 2024-06-18T02:21:47Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
285 B 62ms
62ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=52003682&Ver=2&mid=48de1c97-32b5-48cc-9c9f-d90ab6a6f9e0&sid=83c0db802d1911efb5f0cdca1e4afe6f&vid=83c113c02d1911efa199d7071a4dfa28&vids=1&msclkid=N&pi=918639831&lg=en-GB&sw=1600&sh=1200&sc=24&tl=Pague%20Daniel%20Luis%20de%20Lima&p=https%3A%2F%2Fonlinerecerg.online%2F&r=&lt=1536&evt=pageLoad&sv=1&rn=610883

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jun 2024 02:21:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E408EEB99A9A4B15AA0E55F22FA3FCF0 Ref B: LTSEDGE0810 Ref C: 2024-06-18T02:21:47Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 325 B
306 B 180ms
49ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613819446648&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1718677307977&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:48 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 3
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1844602265566564
content-length: 188
pin-unauth: dWlkPU1qVTJaVGd3WWpVdE5UUmlPQzAwWkRSaUxUazJOak10TURrMFpHSTFaREU1TVRrMA
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onlinerecerg.online
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 275429db13fe9c80de8a863bf33caf35d9136bc7
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 325 B
636 B 178ms
48ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22line_items%22%3A%5B%7B%22product_id%22%3A%221414%22%7D%5D%2C%22event_id%22%3A%227d181335-56f5-4109-9069-cd9323f01e47%22%7D&tid=2613819446648&cb=1718677307978&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:48 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=600
x-pinterest-rid: 5661717442672243
content-length: 188
pin-unauth: dWlkPVlXTmhNVGczTjJVdE5XSTVOQzAwWlRNeUxUaGhZall0TTJJMk9UWTNaVGRqT1dKaA
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onlinerecerg.online
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 275429db13fe9c80de8a863bf33caf35d9136bc7
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
0 177ms
49ms Fetch
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2613819446648&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fonlinerecerg.online%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22f74ed22b%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22126.0.6478.61%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1718677307980
Requested by: Host: tracking-cdn.figpii.com
URL: https://tracking-cdn.figpii.com/38739501377e81c62a010d8bbbc58432.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:48 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: https://onlinerecerg.online
pinterest-version: d80afdeb0d64359b34f4a708f18dc7ee1019dc51
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=600
x-pinterest-rid: 4787438629775244
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 52003682 Show response
bat.bing.com/p/insights/t/ 711 B
900 B 209ms
209ms Script
application/x-javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/t/52003682

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/action/52003682.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

31a676d624509f3b4fe28ed2bd89c7b2a103e27d92b66e56b8a3b087cb34665d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 18 Jun 2024 02:21:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CEEF32A4942F4874992250FDC523C1E3 Ref B: LTSEDGE0810 Ref C: 2024-06-18T02:21:48Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-azure-ref: 20240618T022148Z-165f984f687v2qmf8zx39kr32s00000004n0000000002b3r
content-type: application/x-javascript
x-cache: CONFIG_NOCACHE
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 604
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 main.MTRjNGQxOTc5MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 339 KB
97 KB 68ms
67ms Script
application/javascript 2.21.22.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRjNGQxOTc5MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1Q5MVUHLSU5AAHCLG10&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.22.129 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-22-129.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 957dac2a20e4ebb559bbc26b1e3736717588f0e14a8d8b0760f981cf318759e9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 5f1bb9f9
date: Tue, 18 Jun 2024 02:21:48 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240617111433F3180CA2976F7F06C32A
x-tt-trace-id: 00-240617111433F3180CA2976F7F06C32A-1BB16A9631159B1F-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-21-22-125.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01cbf782c9925b067c4885d08c207989350a6f86df5d0e1b15b3848154d34b519b21e141504f3e0f0cf035903fec958dd125689823a3c430a935223ecb84edb82ff7c33c404321bb113bffa851de87536403e5f208180e7e5a5a9b91345fccb2b4
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=20
content-length: 98798

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 159ms
150ms Script
application/x-javascript 2606:4700::6811:dffa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=9&id=14d1dcd2f2d8fa9d94fd39e6a910%7C0&acc=53215&tit=Pague%2520Daniel%2520Luis%2520de%2520Lima&url=https%253A%2F%2Fonlinerecerg.online%2F&upd=1&new=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:dffa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8957ced76d264599-LHR
content-length: 6
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=89420255986
https://sync2.navdmp.com/sync?prtid=2&id=89420255986&google_gid=CAESEOk3GlQ-l14A49w6Zzn4Lxo&google_cver=1

6 B
57 B

276ms
266ms

Script
application/javascript

2606:4700::6811:dffa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=89420255986&google_gid=CAESEOk3GlQ-l14A49w6Zzn4Lxo&google_cver=1
Requested by: Host: onlinerecerg.online
URL: https://onlinerecerg.online/
Protocol: H2
Server: 2606:4700::6811:dffa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://onlinerecerg.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 18 Jun 2024 02:21:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8957ced8de384599-LHR
content-length: 6
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync2.navdmp.com/sync?prtid=2&id=89420255986&google_gid=CAESEOk3GlQ-l14A49w6Zzn4Lxo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=d4486670-ef3c-4900-9a44-b49c337625ce

43 B
129 B

173ms
164ms

Image
image/gif

2606:4700::6811:dffa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=d4486670-ef3c-4900-9a44-b49c337625ce
Requested by: Host: onlinerecerg.online
URL: https://onlinerecerg.online/
Protocol: H2
Server: 2606:4700::6811:dffa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://onlinerecerg.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 18 Jun 2024 02:21:48 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 8957cedb2fe84599-LHR
content-length: 43
content-type: image/gif

Redirect headers

Date: Tue, 18 Jun 2024 02:21:48 GMT
Strict-Transport-Security: 31536000
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: all
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: strict-origin
Server: MT3 1624 115fb92 master ord ord-pixel-x14 config_version:"748"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://sync.navdmp.com/sync?img=1&mdia=d4486670-ef3c-4900-9a44-b49c337625ce
Cache-Control: no-cache,no-store,must-revalidate
Keep-Alive: timeout=360

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

0
87 B

137ms
128ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.121 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://onlinerecerg.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 18 Jun 2024 02:21:48 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.121
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
date: Tue, 18 Jun 2024 02:21:48 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.121
content-length: 344
content-language: en

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 204ms
63ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1438448073136396&ev=PageView&dl=https%3A%2F%2Fonlinerecerg.online&rl=&if=false&ts=1718677308107&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4124&fbp=fb.1.1718677308106.52810082919562247&pm=1&hrl=7c26f6&ler=empty&cdl=API_unavailable&it=1718677307894&coo=false&cs_cc=1&cas=6051034971687911%2C7235344959896673%2C7789415314414465%2C8232033106823435%2C7037900069643680%2C5223978487674596%2C3645280215484169%2C3078121378942182%2C3032550130192099%2C3046609475425427%2C2220694298059870%2C2271634516245713%2C2184627138316928%2C2424744907593235%2C2584488571562228%2C2978870642176503%2C2760327354038333%2C2789902597718237%2C2519030551469931&rqm=GET

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=10, mss=1392, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 18 Jun 2024 02:21:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 347ms
207ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1438448073136396&ev=PageView&dl=https%3A%2F%2Fonlinerecerg.online&rl=&if=false&ts=1718677308107&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4124&fbp=fb.1.1718677308106.52810082919562247&pm=1&hrl=7c26f6&ler=empty&cdl=API_unavailable&it=1718677307894&coo=false&cs_cc=1&cas=6051034971687911%2C7235344959896673%2C7789415314414465%2C8232033106823435%2C7037900069643680%2C5223978487674596%2C3645280215484169%2C3078121378942182%2C3032550130192099%2C3046609475425427%2C2220694298059870%2C2271634516245713%2C2184627138316928%2C2424744907593235%2C2584488571562228%2C2978870642176503%2C2760327354038333%2C2789902597718237%2C2519030551469931&rqm=FGET

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xbfc1819ca65c7d74","source_keys":["1","2"]},{"key_piece":"0x11bc4579bdb2b1f5","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 18 Jun 2024 02:21:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7381662831920711465", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=10, mss=1392, tbw=3095, tp=-1, tpl=-1, uplat=165, ullat=0
pragma: no-cache
x-fb-debug: IakA+U3wZU1ku5Ro9q53IMRX9skgKFCipi0wQ3s/sj9hThVFGEM4S/gDsQxtdSI9s4p9OL6I1sIho8trKrBS7w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7381662831920711465"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify_ce1d8843.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 51ms
48ms Script
application/javascript 2.21.22.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRjNGQxOTc5MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.22.129 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-22-129.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 5f1bba5e
date: Tue, 18 Jun 2024 02:21:48 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240521140000D3507D8966F8CA3F721C
x-tt-trace-id: 00-240521140000D3507D8966F8CA3F721C-53401A5F639B10CD-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-21-22-125.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01c5a5d10613cf2c0e3ab536904a9b982b1c91e727bbf4731b8adb1e52a37513418b9ba80e842ca5a3baec404988943293a5f2df8ad9ba15255eb2d47620b65867b6652832d70a2f7e8f4052095ca240616d772f5b331b1db37f1b24cc39471cea
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 39469

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
823 B 573ms
261ms Ping
text/plain 23.219.162.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRjNGQxOTc5MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.219.162.89 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-219-162-89.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: ec7bf07
date: Tue, 18 Jun 2024 02:21:48 GMT
x-bytefaas-request-id: 2024061802214871D9534F8BD62E59ED99
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24061802214871D9534F8BD62E59ED99-7FADB927FB8178D7-00
x-cache: TCP_MISS from a23-219-162-85.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56655770) (-)
server-timing: inner; dur=10, cdn-cache; desc=MISS, edge; dur=1, origin; dur=53
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024061802214871D9534F8BD62E59ED99
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 8.75
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 014d99b60339ab6ed2a5908c9d5ca7c513f5df02a0a4d08c4e10d85c805d4c09a1ae1f1f3c6ae9e099f50f204613a18f570eb03ba68a06593a71d761bd0b255275c9b07cb72221ce6635847d6a9ca0aa5faff846ce90128f5348932f349a34be26
x-origin-response-time: 53,23.219.162.85
access-control-allow-headers: *
expires: Tue, 18 Jun 2024 02:21:48 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
835 B 190ms
190ms Ping
text/plain 2.21.22.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRjNGQxOTc5MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.22.129 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-22-129.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1d7c0e52.5f1bba75
date: Tue, 18 Jun 2024 02:21:48 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2406180221487C15672E5A5B1454CC16-6F01168C167B6F98-00
x-cache: TCP_MISS from a2-21-22-125.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time: 122,2.21.22.125
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=30, inner; dur=27
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202406180221487C15672E5A5B1454CC16
x-cache-remote: TCP_MISS from a23-32-16-71.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 30,23.32.16.71
x-tt-trace-host: 014d99b60339ab6ed2a5908c9d5ca7c513026939e2a48f114e7166709aa1d75be31cc425081111b0c1184bae6612738e26cdb7f89e570365df2a3f395b0824299dc292d1c6ef47036e1b51720b1e4d907b89d9d49110ff087261acffd2f2d819d3a08bbe6c15a19775aebe6bb348f492d2
access-control-allow-headers: Authorization,*
expires: Tue, 18 Jun 2024 02:21:48 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
500 B 204ms
61ms Image
image/gif 34.252.40.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2018%20Jun%202024%2002%3A21%3A48%20GMT&n=-1d&b=Pague%20Daniel%20Luis%20de%20Lima&.yp=10074207&f=https%3A%2F%2Fonlinerecerg.online%2F&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Host: onlinerecerg.online
URL: https://onlinerecerg.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.252.40.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-40-201.eu-west-1.compute.amazonaws.com

Software

ATS/9.1.10.121 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:48 GMT
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.121)
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS/9.1.10.121
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 18 Jun 2024 02:21:48 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
0 39ms
38ms Fetch
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22line_items%22%3A%5B%7B%22product_id%22%3A%221414%22%7D%5D%2C%22event_id%22%3A%227d181335-56f5-4109-9069-cd9323f01e47%22%7D&tid=2613819446648&cb=1718677308185&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fonlinerecerg.online%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22f74ed22b%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22126.0.6478.61%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by: Host: tracking-cdn.figpii.com
URL: https://tracking-cdn.figpii.com/38739501377e81c62a010d8bbbc58432.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:48 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: https://onlinerecerg.online
pinterest-version: d80afdeb0d64359b34f4a708f18dc7ee1019dc51
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1197176615698675
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 0.7.34 Show response
bat.bing.com/p/insights/s/ 35 KB
15 KB 45ms
45ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/s/0.7.34

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/52003682

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

05196bbc70bbbb7e8b6775fd38c82a3eedff7ee9a81c2b330083f8086df45754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Tue, 18 Jun 2024 02:21:47 GMT
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
x-fd-int-roxy-purgeid: 51562430
content-length: 15075
last-modified: Thu, 23 May 2024 23:20:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 223070D7A1A5420CA3567ECF0677D417 Ref B: LTSEDGE0810 Ref C: 2024-06-18T02:21:48Z
etag: W/"0x8DC7B7EEE48270A"
vary: Accept-Encoding
x-azure-ref: 20240618T022148Z-17f6bdb7977b8jd9aw2fm9pa4g000000076g000000005x5g
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 9215759c-401e-0078-5d66-ba8d23000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28

GET
H2 200 track
t.teads.tv/ 23 B
0 270ms
97ms Fetch
image/gif 92.123.51.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t.teads.tv/track?action=browser-topics&env=js-web&tag_version=6.17.6_ee47857&provider=tag&buyer_pixel_id=3897&referer=https%3A%2F%2Fonlinerecerg.online%2F&user_session_id=631a8e4a-008c-47d4-9eb7-ca6c8ae876f2
Requested by: Host: tracking-cdn.figpii.com
URL: https://tracking-cdn.figpii.com/38739501377e81c62a010d8bbbc58432.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.51.152 Brussels, Belgium, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-51-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:48 GMT
observe-browsing-topics: ?1
content-type: image/gif
access-control-allow-origin: https://onlinerecerg.online
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
134 B 232ms
96ms Image
image/gif 92.123.51.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-web&tag_version=6.17.6_ee47857&provider=tag&buyer_pixel_id=3897&referer=https%3A%2F%2Fonlinerecerg.online%2F&user_session_id=631a8e4a-008c-47d4-9eb7-ca6c8ae876f2
Requested by: Host: onlinerecerg.online
URL: https://onlinerecerg.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.51.152 Brussels, Belgium, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-51-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 18 Jun 2024 02:21:48 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H/1.1 200
OK conversion
cm.teads.tv/v3/ 0
529 B 237ms
99ms Image
text/plain 104.90.25.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.teads.tv/v3/conversion?action=pageView&env=js-web&tag_version=6.17.6_ee47857&provider=tag&buyer_pixel_id=3897&referer=https%3A%2F%2Fonlinerecerg.online%2F&user_session_id=631a8e4a-008c-47d4-9eb7-ca6c8ae876f2
Requested by: Host: onlinerecerg.online
URL: https://onlinerecerg.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.25.54 Brussels, Belgium, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-25-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Attribution-Reporting-Register-Trigger: {"event_trigger_data":[{"trigger_data":"6","priority":"0","deduplication_key":"1718677308","filters":[{"trigger_data_label":["visit"],"source_type":["navigation"]}]}],"debug_reporting":true}
Date: Tue, 18 Jun 2024 02:21:48 GMT
Observe-Browsing-Topics: ?1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Tue, 18 Jun 2024 02:21:48 GMT

POST
H2 204 q Show response
bat.bing.com/p/insights/c/ 0
211 B 131ms
131ms XHR
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/c/q

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRjNGQxOTc5MA.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-webinsights-gzip
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jun 2024 02:21:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AAF7B5479ACA4053AAA30DD99F8F5A44 Ref B: LTSEDGE0810 Ref C: 2024-06-18T02:21:48Z
vary: Origin
x-cache: CONFIG_NOCACHE
access-control-allow-origin: https://onlinerecerg.online
access-control-allow-credentials: true
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

POST
H2 200 open Show response
api2.branch.io/v1/ 319 B
710 B 407ms
225ms XHR
application/json 2600:9000:2491:d600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRjNGQxOTc5MA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:d600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Branch

Resource Hash

c54857dfd22f089fc066c7fb9e29c21becf470068e1ca3e8057a2b008c9f1ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 18 Jun 2024 02:21:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-powered-by: Branch
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 3518d58b-0c51-42de-a6bc-7443c371f897-2024061802
content-length: 319
x-amz-cf-id: ZWmQhrzC6TTo12LkWo5tg042ei0_d1LXE3qqQhc7sfFh3e6Et2DCTA==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 29 B
352 B 360ms
359ms XHR
application/json 2600:9000:2491:d600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRjNGQxOTc5MA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:d600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Branch

Resource Hash

c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 18 Jun 2024 02:21:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-powered-by: Branch
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 29
x-amz-cf-id: q3GrnbAFWcw-4Le7_RQdXAB_lxpzSD8gJ8UMIp7xPQLjHnI0w4yIdA==

GET
H3 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 37ms
35ms Script
application/javascript 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:48 GMT
x-cdn: fastly
age: 3373
etag: "19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
alt-svc: h3=":443";ma=600
content-length: 4103

GET
H2 200 ct.html
ct.pinterest.com/ Frame 09F7 0
0 176ms
56ms Document
text/html 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://onlinerecerg.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Tue, 18 Jun 2024 02:21:48 GMT
pinterest-version: 275429db13fe9c80de8a863bf33caf35d9136bc7
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1821025021942077

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 44ms
44ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=181359502&t=event&ni=0&_s=2&dl=https%3A%2F%2Fonlinerecerg.online%2F&dp=%2F&ul=en-gb&de=UTF-8&dt=Pague%20Daniel%20Luis%20de%20Lima&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll_tracking&ea=scrolled_20&el=%2F&_u=aCDAgEABAAAAAGAAI~&jid=&gjid=&cid=919064589.1718677308&tid=UA-54526048-9&_gid=1751727840.1718677308&gtm=45He46c0n71KGFBFPv71007391za200&cd6=0&cd7=www&cd9=&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1593903193

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 11:51:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52245
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 404 nu-icon.png
onlinerecerg.online/images/ 2 KB
1018 B 217ms
215ms Other
text/html 2a02:4780:13:1677:0:2084:71a5:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinerecerg.online/images/nu-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1677:0:2084:71a5:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 02:21:49 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 11 Jan 2023 12:29:40 GMT
server: LiteSpeed
etag: "999-63beabb4-23e3e772980c41a6;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 46ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZL76F6HX1P&gtm=45je46c0v888803077za200zb71007391&_p=1718677307153&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=919064589.1718677308&ul=en-gb&are=1&frm=0&pscdl=noapi&_eu=AEA&_geo=1&_rdi=1&_s=2&sid=1718677307&sct=1&seg=0&dl=https%3A%2F%2Fonlinerecerg.online%2F&dt=Pague%20Daniel%20Luis%20de%20Lima&en=scroll&epn.percent_scrolled=90&_et=15&tfd=6659&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZL76F6HX1P&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 02:21:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://onlinerecerg.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK conversion
cm.teads.tv/v3/ 0
535 B 308ms
307ms Image
text/plain 104.90.25.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.teads.tv/v3/conversion?action=timeSpent10&env=js-web&tag_version=6.17.6_ee47857&provider=tag&buyer_pixel_id=3897&referer=https%3A%2F%2Fonlinerecerg.online%2F&user_session_id=631a8e4a-008c-47d4-9eb7-ca6c8ae876f2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.25.54 Brussels, Belgium, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-25-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onlinerecerg.online/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Attribution-Reporting-Register-Trigger: {"event_trigger_data":[{"trigger_data":"7","priority":"0","deduplication_key":"3437354636","filters":[{"trigger_data_label":["timespent10"],"source_type":["navigation"]}]}],"debug_reporting":true}
Date: Tue, 18 Jun 2024 02:21:58 GMT
Observe-Browsing-Topics: ?1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Tue, 18 Jun 2024 02:21:58 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onlinerecerg.online/	1970-01-20 23:34:13	Name: _gcl_au Value: 1.1.283831013.1718677307
.onlinerecerg.online/	1970-01-21 07:00:37	Name: _ga_ZL76F6HX1P Value: GS1.1.1718677307.1.0.1718677307.0.0.0
.onlinerecerg.online/	1970-01-21 07:00:37	Name: _ga_LQFLJDQXD9 Value: GS1.1.1718677307.1.0.1718677307.60.0.0
.onlinerecerg.online/	1970-01-21 07:00:37	Name: _ga Value: GA1.2.919064589.1718677308
.onlinerecerg.online/	1970-01-20 21:26:03	Name: _gid Value: GA1.2.1751727840.1718677308
.onlinerecerg.online/	1970-01-20 21:24:37	Name: _dc_gtm_UA-54526048-9 Value: 1
.navdmp.com/	1970-01-21 06:10:34	Name: ac3 Value: 1
.doubleclick.net/	1970-01-21 06:46:13	Name: IDE Value: AHWqTUkqyPr5Bi-TSyYMXqhj9KW0BtSr2J7fOEkwIFZjihheqfF-DHq8kQFzBkzg
.tiktok.com/	1970-01-21 06:46:13	Name: _ttp Value: 2i28S6oEX9DzCebbh4HKcjiyNAv
.bing.com/	1970-01-21 06:46:13	Name: MUID Value: 38ACCD5081426C263200D9F280B96D99
.navdmp.com/	1970-01-21 07:00:37	Name: nid Value: 14d1dcd2f2539e03a8c3f51a0310\|1\|197
.onlinerecerg.online/	1970-01-21 06:10:13	Name: nvg53215 Value: 14d1dcd2f2d8fa9d94fd39e6a910\|0_171
.onlinerecerg.online/	1970-01-20 23:34:13	Name: _fbp Value: fb.1.1718677308106.52810082919562247
.pinterest.com/	1970-01-21 06:10:13	Name: ar_debug Value: 1
.onlinerecerg.online/	1970-01-21 06:46:13	Name: _tt_enable_cookie Value: 1
.onlinerecerg.online/	1970-01-21 06:46:13	Name: _ttp Value: 4u20UFVm7tRAWpuqZF9h8tl3C-D
.onlinerecerg.online/	1970-01-21 06:10:13	Name: _pin_unauth Value: dWlkPU1qVTJaVGd3WWpVdE5UUmlPQzAwWkRSaUxUazJOak10TURrMFpHSTFaREU1TVRrMA
.t.co/	1970-01-21 07:00:37	Name: muc_ads Value: 5651076f-d9b3-40a2-b7bb-f167a1744bd6
.ct.pinterest.com/	1970-01-21 06:10:13	Name: _pinterest_ct_ua Value: "TWc9PSZmRTBuYjdGSlBkWmxBQUttbEhmZi9BT292TWZyNlg0cWdSWDlBSmFTWUluZU5NcXh4THd4MHNMYllveDY1czlIRGFIQ0hYVnJBb2JPaHNPbEt0ZXE4UDV3Mi93UnBUVXFBOFg0Q0toTnIxdz0mR0RocWh1SnNHRWNEOEM4Z25VVTB3WXovSDZVPQ=="
.onlinerecerg.online/	1970-01-20 21:24:39	Name: tfpsi Value: 631a8e4a-008c-47d4-9eb7-ca6c8ae876f2
.bat.bing.com/	1970-01-21 06:46:13	Name: MSPTC Value: vu9WcHVW6mT9Rflhm0nq106oYjXyL4QKUmAmj2_QGUo
.twitter.com/	1970-01-21 07:00:37	Name: personalization_id Value: "v1_TNPrulPPdEtyfsHhaPVaWQ=="
.onlinerecerg.online/	1970-01-20 21:26:03	Name: _uetsid Value: 83c0db802d1911efb5f0cdca1e4afe6f\|ez77kp\|2\|fmq\|0\|1630
.app.link/	1970-01-21 06:10:13	Name: _s Value: ruefNw9b5cY4jFVnoVlOircMC9zCG%2FwgWNQuTDM56A12oRfllyncgWK0KYVTIdA5
cm.teads.tv/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.onlinerecerg.online/	1970-01-21 06:46:13	Name: _uetvid Value: 83c113c02d1911efa199d7071a4dfa28\|1nhikj\|1718677308506\|1\|1\|bat.bing.com/p/insights/c/q
.mathtag.com/	1970-01-21 06:50:32	Name: uuid Value: d4486670-ef3c-4900-9a44-b49c337625ce

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://onlinerecerg.online/images/nu-icon.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.pangle-ads.com
analytics.tiktok.com
analytics.twitter.com
api2.branch.io
app.link
bat.bing.com
cdn.branch.io
cdn.navdmp.com
cdn.nubank.com.br
cm.g.doubleclick.net
cm.teads.tv
cms.analytics.yahoo.com
connect.facebook.net
ct.pinterest.com
googleads.g.doubleclick.net
nubank.com.br
onlinerecerg.online
p.teads.tv
pixel.mathtag.com
region1.analytics.google.com
region1.google-analytics.com
resources.xg4ken.com
s.pinimg.com
s.yimg.com
services.xg4ken.com
sessions.bugsnag.com
sp.analytics.yahoo.com
static.ads-twitter.com
stats.g.doubleclick.net
sync.navdmp.com
sync2.navdmp.com
t.co
t.teads.tv
tag.navdmp.com
tracking-cdn.figpii.com
tracking-settings.figpii.com
ups.analytics.yahoo.com
usr.navdmp.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
104.244.42.3
104.90.25.54
108.138.26.87
142.250.186.66
146.75.120.157
151.101.128.84
151.101.192.84
18.172.112.13
2.21.22.129
2001:4860:4802:34::36
216.200.232.249
23.219.162.89
2600:1901:0:7a0b::
2600:9000:2057:cc00:19:9934:6a80:93a1
2600:9000:2491:d600:11:f728:3040:93a1
2606:4700::6811:dffa
2620:1ec:c11::237
2a00:1288:80:807::2
2a00:1450:4001:806::2004
2a00:1450:4001:808::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2008
2a00:1450:400c:c02::9b
2a02:4780:13:1677:0:2084:71a5:2
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:600::347
2a04:4e42:8e::84
3.75.62.37
34.252.40.201
52.18.176.215
52.49.44.181
92.123.51.152
93.184.221.165
99.86.4.21
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
03a7ab09581c42ab6765efac0c78c4cb660a619999665cfab263b01cc1f0c9c4
0403fcc88f5c86bb389606f4b9ab2c222de047f432561433c9395f3d806a3ced
05196bbc70bbbb7e8b6775fd38c82a3eedff7ee9a81c2b330083f8086df45754
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f71613ed9273c1b560ac8755bd882f13224d19e0ca5ba06658e801659ba2969
1a8a2b2dfb3d59ead1e549d854f78ade05c188b2630b775a16f2a9d692e13a1d
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
27d85e9c33aceb2a13572b4898e75ce9f17cf8b92c3d6343610b40fe236485c8
2e9c545836a949830be9feefa2d8ebc3688fcfdb9a5a845b9edb3bae822c462a
31a676d624509f3b4fe28ed2bd89c7b2a103e27d92b66e56b8a3b087cb34665d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33cd66d54a4f8ba7268ea1130fc75b4f62596b6eaaef9e98d31977dbc98813de
35f4108ae4ee8a216ba179119f2d4dc2b020947c23a5455cf90472f2f40432f5
38c2d160bc2a7c43e2c7ec2f3ce21056e22c55bcc3bf7f9639e91ff2565dbd63
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
4299855c4eb1eb583d8226d6cdbd630896867779831eb78d8bc56e7f942d1a14
466e47363b30e31f517b8b4791937ba1277cfe618101d45ca1d65b5adc43884b
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
5080b13d642119467d704022f5e07d81d25915512e429eed7d36a7a9b896a68d
516f7dada9733595adab3ca4999ad127b4960a84fa970b0a5ec048723ee1b8fe
5b3824b1bcf19b107255ec31b2fe61c1e357d71e7922c2385c8a14882b23dabe
7d899794be8dcd526e935bb74a39d412acfac3b84007f82d282aacba320c3b22
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852e2846d6f09797152db35c74a1e5b2075510a05fce97f99114ea3a255aac0b
88093799749ef820fd0d1fce6c111ebe4e667de4e4a9b154d5b34ecd4286ae78
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2
8c2894ee9873bb305c8d0af29846eec04cee17c3ecfcbd338af356e6ce9b1500
957dac2a20e4ebb559bbc26b1e3736717588f0e14a8d8b0760f981cf318759e9
9f5a5968021abb64271e0fc5804962f806be5bbce21b67efb5d8a1708fd057a7
a070d759b5c8744d50d21c99c55a313777798e42e6c14a2e5d2f3691ea01752c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aae210c00ab59b27f51eb4287087bc6fb877083ffd9a758c33a36a0149eb9d9d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ada7db60ffda50544ff2f754cbba9fb96ab6c9dac09af21b40ed1db3e5bf9ce3
b7ea495618522b5401719ca5b1eaa05da311dcacc6c48b5515f2af1e2351e8f3
c06fb43b96f994d11a9f38fe98a3353ddf7b3b07ae1eb51692e3dc47fb5537a4
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
c54857dfd22f089fc066c7fb9e29c21becf470068e1ca3e8057a2b008c9f1ea3
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d841993d643cea34ed7a82a7a206c2e5351e62833d26adcfcee0b6765c8e06b8
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a
db50070cbd40f4eb6a1203f189eefaa3ae4cb90a9df828e0c07095b6d5cb6ae7
db99dcaf40a926181bce4522477c2efc5924f6c4b29111b6a97faea477c9528b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df1f82104ebe5a87273b4791a66047cee1782f947e1325fb49307aef02980160
dfc0956b4bd07d48cd1eb5f3f844e66168600600ef0b3efbb38bb03542a47fa8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4beb03fc1729ebd935a1e8c5fc2789434e9d2d3189875ca79cc73353a5a9bab
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621
e9632017fc5e1d005631debbcc1b45afcd01834266a49cf8f22bce3140555249
eb8ca50c10f3b6bef2faa9ed1906300c05886a1beac03d6720a99946582196e1
ee91831bb11f10ead5fd80697c06fef92ab43ed38232055c8a9f02db40e6aae2
eead2db985b70f2f691ddfb91254a457e3d76746a704b018d5f38d6d33c3c5cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

onlinerecerg.online Open in urlscan Pro 2a02:4780:13:1677:0:2084:71a5:2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

87 Requests

94 %HTTPS

50 %IPv6

27 Domains

43 Subdomains

35 IPs

7 Countries

1468 kBTransfer

3715 kBSize

27 Cookies

1 Outgoing links

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

onlinerecerg.online Open in urlscan Pro
2a02:4780:13:1677:0:2084:71a5:2 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

94 %
HTTPS

50 %
IPv6

27
Domains

43
Subdomains

35
IPs

7
Countries

1468 kB
Transfer

3715 kB
Size

27
Cookies

87 HTTP transactions
4 data transactions