urlscan.io logo urlscan.io
SecurityTrails logo

www.fmrbg.com Open in urlscan Pro
31.11.36.9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.fmrbg.com/nograzie.html
Effective URL: https://www.fmrbg.com/nograzie.html
Submission Tags: phishing malicious Search All
Submission: On August 20 via api from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 6 countries across 11 domains to perform 64 HTTP transactions. The main IP is 31.11.36.9, located in Arezzo, Italy and belongs to ARUBA-ASN, IT. The main domain is www.fmrbg.com.
TLS certificate: Issued by Actalis Domain Validation Server CA G3 on June 17th 2021. Valid for: a year.
This is the only time www.fmrbg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

24    31.11.36.9 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: webx1483.aruba.it
www.fmrbg.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    192.99.0.58 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns500326.ip-192-99-0.net
s4.histats.com
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
8    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
24 www.fmrbg.com 1 redirects www.fmrbg.com
8 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 pagead2.googlesyndication.com www.fmrbg.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
4 fonts.gstatic.com fonts.googleapis.com
3 www.google.com 1 redirects www.fmrbg.com
tpc.googlesyndication.com
3 fonts.googleapis.com www.fmrbg.com
2 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 s10.histats.com www.fmrbg.com
s10.histats.com
2 www.google-analytics.com www.fmrbg.com
www.google-analytics.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 s4.histats.com s10.histats.com
1 www.google.de www.fmrbg.com
1 stats.g.doubleclick.net www.google-analytics.com
64 16

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
www.histats.com
Subject Issuer Validity Valid
*.fmrbg.com
Actalis Domain Validation Server CA G3		 2021-06-17 -
2022-06-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
histats.com
R3		 2021-08-02 -
2021-10-31		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.fmrbg.com/nograzie.html
Frame ID: 94586523EDDA2025DA5731535B080EE7
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html
Frame ID: 084614F6CFEFD9CD05AF3090E42798EC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2623836743073464&output=html&adk=1812271804&adf=3025194257&lmt=1629447479&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629447479276&bpp=3&bdt=258&idt=65&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7815947042695&frm=20&pv=2&ga_vid=940573279.1629447479&ga_sid=1629447479&ga_hid=1729505771&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=3608247404926184&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=77
Frame ID: EFC43710BE4A8AE28128480D5256921E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2623836743073464&output=html&h=280&slotname=5919657199&adk=4291246983&adf=3785589489&pi=t.ma~as.5919657199&w=1156&fwrn=4&fwrnh=100&lmt=1629447479&rafmt=1&psa=0&format=1156x280&url=https%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629447479279&bpp=4&bdt=260&idt=78&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7815947042695&frm=20&pv=1&ga_vid=940573279.1629447479&ga_sid=1629447479&ga_hid=1729505771&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=222&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=3608247404926184&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jJR5q31oBW&p=https%3A//www.fmrbg.com&dtd=82
Frame ID: E1614BFB1739116190A8ADDF44C0A748
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: CCB13026DD438851CD38E358F6C0626A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
Frame ID: 9FEEE9DFC791C87F8FF51F85CF74048A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 428347765936A4341076D19B845773E1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 15439ADCDDCABD281112D25CCCC7A93C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gestione dei consensi - Software professionale italiano

Page URL History Show full URLs

  1. http://www.fmrbg.com/nograzie.html HTTP 301
    https://www.fmrbg.com/nograzie.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /Incomedia WebSite X5 (\w+ [\d.]+)/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

64
Requests

100 %
HTTPS

81 %
IPv6

11
Domains

16
Subdomains

22
IPs

6
Countries

807 kB
Transfer

2488 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.fmrbg.com/nograzie.html HTTP 301
    https://www.fmrbg.com/nograzie.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request nograzie.html
www.fmrbg.com/
Redirect Chain
  • http://www.fmrbg.com/nograzie.html
  • https://www.fmrbg.com/nograzie.html
41 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fmrbg.com/nograzie.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
fa973ef981f22bd568fce91fe672f11334a7132e7d77f1cbfa68f8b4028f7d00

Request headers

:method
GET
:authority
www.fmrbg.com
:scheme
https
:path
/nograzie.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
aruba-proxy
date
Fri, 20 Aug 2021 08:17:58 GMT
content-type
text/html
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
x-servername
ipvsproxy241.ad.aruba.it

Redirect headers

Server
aruba-proxy
Date
Fri, 20 Aug 2021 08:17:58 GMT
Content-Type
text/html
Content-Length
168
Connection
keep-alive
Location
https://www.fmrbg.com/nograzie.html
X-ServerName
ipvsproxy241.ad.aruba.it
reset.css
www.fmrbg.com/style/ 		745 B
631 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fmrbg.com/style/reset.css?2021-3-4-0
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/nograzie.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
6305eef336a353cae68e65200b179fc569b9c7b371484f8c2e7bd632ea4c09a3

Request headers

:path
/style/reset.css?2021-3-4-0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/nograzie.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fmrbg.com/nograzie.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
last-modified
Mon, 09 Aug 2021 14:41:54 GMT
server
aruba-proxy
etag
"2e9-5c92162f3ee62-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
425
style.css
www.fmrbg.com/style/ 		40 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fmrbg.com/style/style.css?2021-3-4-0
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/nograzie.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
8cb6495339f118ecc5f9704ef90f8c3858fddf30ab0178096384ef286805f52b

Request headers

:path
/style/style.css?2021-3-4-0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/nograzie.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fmrbg.com/nograzie.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
last-modified
Tue, 17 Aug 2021 15:00:57 GMT
server
aruba-proxy
etag
"9fb8-5c9c295ca7bd6-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
7548
template.css
www.fmrbg.com/style/ 		6 KB
939 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fmrbg.com/style/template.css?2021-3-4-0
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/nograzie.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
291f440871ba93e05fcd1f72fb2720fb0c152110567741fe948e3c0c72ba98e9

Request headers

:path
/style/template.css?2021-3-4-0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/nograzie.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fmrbg.com/nograzie.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
last-modified
Mon, 09 Aug 2021 14:41:54 GMT
server
aruba-proxy
etag
"1756-5c92162f56578-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
731
custom.css
www.fmrbg.com/pluginAppObj/pluginAppObj_167_525/ 		1 KB
884 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fmrbg.com/pluginAppObj/pluginAppObj_167_525/custom.css
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/nograzie.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
cf15e12ad9126fee683f54b7adc9b05ce82d191ccc166e20d4cff78d18032b17

Request headers

:path
/pluginAppObj/pluginAppObj_167_525/custom.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/nograzie.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fmrbg.com/nograzie.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
last-modified
Mon, 16 Aug 2021 15:12:37 GMT
server
aruba-proxy
etag
"538-5c9aea1a560a7-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
678
custom.css
www.fmrbg.com/pluginAppObj/pluginAppObj_167_690/ 		1 KB
884 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fmrbg.com/pluginAppObj/pluginAppObj_167_690/custom.css
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/nograzie.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
4b67ddb7a09694a707cd8dc3c2befda7e69e95e179a09b1473bdf3f3b7f7747e

Request headers

:path
/pluginAppObj/pluginAppObj_167_690/custom.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/nograzie.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fmrbg.com/nograzie.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
last-modified
Mon, 16 Aug 2021 15:12:37 GMT
server
aruba-proxy
etag
"538-5c9aea1a7e0af-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
678
custom.css
www.fmrbg.com/pluginAppObj/imFooter_pluginAppObj_10/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fmrbg.com/pluginAppObj/imFooter_pluginAppObj_10/custom.css
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/nograzie.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
3f92d0cd39a4b115674b2d8d7218b829150bbbaa9628bc36017487454372c5f6

Request headers

:path
/pluginAppObj/imFooter_pluginAppObj_10/custom.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/nograzie.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fmrbg.com/nograzie.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
last-modified
Mon, 16 Aug 2021 15:12:35 GMT
server
aruba-proxy
etag
"14dc-5c9aea18d6803-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1003
nograzie.css
www.fmrbg.com/pcss/ 		210 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fmrbg.com/pcss/nograzie.css?2021-3-4-0-637648815778922401
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/nograzie.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
9d22f143d47c8d30c826f94f677a7675797016803ed0bafb31954f2f8ec77eab

Request headers

:path
/pcss/nograzie.css?2021-3-4-0-637648815778922401
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/nograzie.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fmrbg.com/nograzie.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 09:05:42 GMT
server
aruba-proxy
etag
"3485a-5c9d1bd25406f-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
11711
jquery.js
www.fmrbg.com/res/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fmrbg.com/res/jquery.js?2021-3-4-0
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/nograzie.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
f8faf6268ca9da413b3efc28fffffb8996fd607afb6658e0bc8fd15ece0dcd2f

Request headers

:path
/res/jquery.js?2021-3-4-0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/nograzie.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fmrbg.com/nograzie.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
last-modified
Mon, 09 Aug 2021 14:41:51 GMT
server
aruba-proxy
etag
"15d41-5c92162bd0be2-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
31483
x5engine.js
www.fmrbg.com/res/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fmrbg.com/res/x5engine.js?2021-3-4-0
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/nograzie.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
251060931ebd3a4e8807211e5b32e002b412e1664105dd393c0a0ac01649ec9f

Request headers

:path
/res/x5engine.js?2021-3-4-0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/nograzie.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fmrbg.com/nograzie.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
last-modified
Mon, 09 Aug 2021 14:41:52 GMT
server
aruba-proxy
etag
"1ae3-5c92162cf8a33-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2984
main.js
www.fmrbg.com/pluginAppObj/imFooter_pluginAppObj_10/ 		2 KB
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fmrbg.com/pluginAppObj/imFooter_pluginAppObj_10/main.js
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/nograzie.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
33bb880e18cd4896df174e8e8bc266f9b071c3c0fe54d124be926c22aba6396a

Request headers

:path
/pluginAppObj/imFooter_pluginAppObj_10/main.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/nograzie.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fmrbg.com/nograzie.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
last-modified
Mon, 16 Aug 2021 15:12:35 GMT
server
aruba-proxy
etag
"655-5c9aea19191f4-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
518
carrello.png
www.fmrbg.com/images/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fmrbg.com/images/carrello.png
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/nograzie.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
0c1ddfcabcf635f8df3c41b92c73eb3592e1e7705aa5d0d1f641b96ed4a50251

Request headers

:path
/images/carrello.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/nograzie.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fmrbg.com/nograzie.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
last-modified
Mon, 09 Aug 2021 14:40:45 GMT
server
aruba-proxy
etag
"340-5c9215ed580f5-gzip"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
content-length
855
7_rg9ytdeg.png
www.fmrbg.com/images/ 		301 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fmrbg.com/images/7_rg9ytdeg.png
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/nograzie.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
bd3fccc561731c3f321e744a436aaef9dd27ea4825f55f3da6fbf5300e0ceaa4

Request headers

:path
/images/7_rg9ytdeg.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/nograzie.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fmrbg.com/nograzie.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
last-modified
Mon, 09 Aug 2021 14:40:40 GMT
server
aruba-proxy
etag
"12d-5c9215e862858-gzip"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
content-length
324
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2623836743073464
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/nograzie.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66c47e95e2ac18d9e71b1eeb1664d31499133817fa93ea09cde1c228eb13a137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.fmrbg.com
Referer
https://www.fmrbg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49909
x-xss-protection
0
server
cafe
etag
7723420151934129076
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 20 Aug 2021 08:17:59 GMT
x5cart.js
www.fmrbg.com/cart/ 		302 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fmrbg.com/cart/x5cart.js?2021-3-4-0-637648815778942319
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/nograzie.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
482e05527b8de9d2504582bfb0737f2fad9be6bfa1aaa6049b324fb24b0f0790

Request headers

:path
/cart/x5cart.js?2021-3-4-0-637648815778942319
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/nograzie.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fmrbg.com/nograzie.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
last-modified
Tue, 17 Aug 2021 15:00:16 GMT
server
aruba-proxy
etag
"4b749-5c9c29358ea96-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
32552
print.css
www.fmrbg.com/style/ 		787 B
484 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fmrbg.com/style/print.css?2021-3-4-0
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/nograzie.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
a3a3f6ac4cd16ba1c4844eeab08567ef56f1213422f2c74ed80bb263b18b9d8c

Request headers

:path
/style/print.css?2021-3-4-0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/nograzie.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fmrbg.com/nograzie.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
last-modified
Mon, 09 Aug 2021 14:41:54 GMT
server
aruba-proxy
etag
"313-5c92162f38894-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
277
css
fonts.googleapis.com/ 		7 KB
807 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:700,regular,italic,700italic&display=swap
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/pcss/nograzie.css?2021-3-4-0-637648815778922401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
27dd1d4c9441cb1d3af3a9bfab77967c6faeb99662786abbd564a0c15228ec14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.fmrbg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 20 Aug 2021 08:17:59 GMT
server
ESF
date
Fri, 20 Aug 2021 08:17:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Aug 2021 08:17:59 GMT
css
fonts.googleapis.com/ 		8 KB
837 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,regular,italic,700italic&display=swap
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/pcss/nograzie.css?2021-3-4-0-637648815778922401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca25a465973b5c37c86527a1874120e5e64cb0d22181ce132a932a91b11e58cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.fmrbg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 20 Aug 2021 08:17:59 GMT
server
ESF
date
Fri, 20 Aug 2021 08:17:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Aug 2021 08:17:59 GMT
css
fonts.googleapis.com/ 		782 B
372 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Orbitron:700,regular&display=swap
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/pcss/nograzie.css?2021-3-4-0-637648815778922401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
215bdde2ad8f19a940dd788fd988c9b39598dc3aec80e208886f85d58dba2c87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.fmrbg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 20 Aug 2021 08:17:59 GMT
server
ESF
date
Fri, 20 Aug 2021 08:17:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Aug 2021 08:17:59 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/nograzie.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fmrbg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
2485
date
Fri, 20 Aug 2021 07:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Fri, 20 Aug 2021 09:36:34 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,regular,italic,700italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.fmrbg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 18:26:24 GMT
x-content-type-options
nosniff
age
309095
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 18:26:24 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700,regular,italic,700italic&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.fmrbg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:36:29 GMT
x-content-type-options
nosniff
age
286890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:36:29 GMT
truncated
/ 		638 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b370500039a7527a08adf45202249e6ac6e5a9fbbb0049d06e8a3c7170c13a78

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
www.fmrbg.com/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fmrbg.com/
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/pcss/nograzie.css?2021-3-4-0-637648815778922401
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/pcss/nograzie.css?2021-3-4-0-637648815778922401
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fmrbg.com/pcss/nograzie.css?2021-3-4-0-637648815778922401
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
server
aruba-proxy
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
yMJRMIlzdpvBhQQL_Qq7dy0.woff2
fonts.gstatic.com/s/orbitron/v17/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/orbitron/v17/yMJRMIlzdpvBhQQL_Qq7dy0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Orbitron:700,regular&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
692b7daa1c6d315a81da7148cdbaab69db13ea2716a9651f6d41079144b9dc51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.fmrbg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 01:32:50 GMT
x-content-type-options
nosniff
age
283509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17948
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:40:40 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 01:32:50 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700,regular,italic,700italic&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.fmrbg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:38:53 GMT
x-content-type-options
nosniff
age
286746
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:38:53 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1729505771&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&ul=en-us&de=UTF-8&dt=Gestione%20dei%20consensi%20-%20Software%20professionale%20italiano&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1179281422&gjid=1515181557&cid=940573279.1629447479&tid=UA-16192902-1&_gid=721138564.1629447479&_r=1&_slc=1&z=1008211385
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fmrbg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 08:17:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.fmrbg.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/nograzie.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer
https://www.fmrbg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 08:13:40 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
application/javascript; charset=UTF-8
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
561578669
collect
stats.g.doubleclick.net/j/ 		4 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-16192902-1&cid=940573279.1629447479&jid=1179281422&gjid=1515181557&_gid=721138564.1629447479&_u=IEBAAEAAAAAAAC~&z=1451882644
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fmrbg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 20 Aug 2021 08:17:59 GMT
content-type
text/plain
access-control-allow-origin
https://www.fmrbg.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/ 		252 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2623836743073464&plah=www.fmrbg.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2623836743073464
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5b3b78060934b27d88d694a3f65e5847097f62d5ffc862ae98e5ce482f74da7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fmrbg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95446
x-xss-protection
0
server
cafe
etag
16230733116024533272
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 20 Aug 2021 08:17:59 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/ Frame 0846 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2623836743073464
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210812/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.fmrbg.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.fmrbg.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 19 Aug 2021 20:11:15 GMT
expires
Thu, 02 Sep 2021 20:11:15 GMT
content-type
text/html; charset=UTF-8
etag
8999110079160743657
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4576
x-xss-protection
0
age
43604
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ga-audiences
www.google.com/ads/ 		42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-16192902-1&cid=940573279.1629447479&jid=1179281422&_u=IEBAAEAAAAAAAC~&z=1423392431
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/nograzie.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fmrbg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 08:17:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-16192902-1&cid=940573279.1629447479&jid=1179281422&_u=IEBAAEAAAAAAAC~&z=1423392431
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/nograzie.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fmrbg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 08:17:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modernizr-custom.js
www.fmrbg.com/res/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fmrbg.com/res/modernizr-custom.js?2021-3-4-0
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/res/x5engine.js?2021-3-4-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
b6ae5622a0ce3fae56d1ec8de61fdf3ccb26e8e892c02e0e31de9a3071f03fde

Request headers

:path
/res/modernizr-custom.js?2021-3-4-0
pragma
no-cache
cookie
_ga=GA1.2.940573279.1629447479; _gid=GA1.2.721138564.1629447479; _gat=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/nograzie.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fmrbg.com/nograzie.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
last-modified
Mon, 09 Aug 2021 14:41:51 GMT
server
aruba-proxy
etag
"1a0a-5c92162c19fb2-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2827
x5engine.deferrable.js
www.fmrbg.com/res/ 		310 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fmrbg.com/res/x5engine.deferrable.js?2021-3-4-0
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/res/x5engine.js?2021-3-4-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
d13003d9889941db8afc185324d0daf532deb5d753139d141d61790de94d9fd7

Request headers

:path
/res/x5engine.deferrable.js?2021-3-4-0
pragma
no-cache
cookie
_ga=GA1.2.940573279.1629447479; _gid=GA1.2.721138564.1629447479; _gat=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/nograzie.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fmrbg.com/nograzie.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
last-modified
Mon, 09 Aug 2021 14:41:53 GMT
server
aruba-proxy
etag
"4d737-5c92162e4fa7d-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
l10n.js
www.fmrbg.com/res/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fmrbg.com/res/l10n.js?2021-3-4-0
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/res/x5engine.js?2021-3-4-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
04ca4bf9bfb204ad74a39811d4a654251d6fdf59346a3629696415a2813d3b2f

Request headers

:path
/res/l10n.js?2021-3-4-0
pragma
no-cache
cookie
_ga=GA1.2.940573279.1629447479; _gid=GA1.2.721138564.1629447479; _gat=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/nograzie.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fmrbg.com/nograzie.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
last-modified
Mon, 09 Aug 2021 14:41:51 GMT
server
aruba-proxy
etag
"811e-5c92162bcd530-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
11102
x5cartengine.js
www.fmrbg.com/res/ 		304 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fmrbg.com/res/x5cartengine.js?2021-3-4-0
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/res/x5engine.js?2021-3-4-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
5d27335e4b9f94dc015d2e70a0e55e0563ed3749c13c3928c2a1ca94a558cde1

Request headers

:path
/res/x5cartengine.js?2021-3-4-0
pragma
no-cache
cookie
_ga=GA1.2.940573279.1629447479; _gid=GA1.2.721138564.1629447479; _gat=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/nograzie.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fmrbg.com/nograzie.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
last-modified
Mon, 09 Aug 2021 14:41:53 GMT
server
aruba-proxy
etag
"4be10-5c92162e4b39e-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x5settings.js
www.fmrbg.com/res/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fmrbg.com/res/x5settings.js?2021-3-4-0
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/res/x5engine.js?2021-3-4-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
2f149d02e6e902b283536ad187718b70cad4b52e77416578fe7a412d67a627e3

Request headers

:path
/res/x5settings.js?2021-3-4-0
pragma
no-cache
cookie
_ga=GA1.2.940573279.1629447479; _gid=GA1.2.721138564.1629447479; _gat=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/nograzie.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fmrbg.com/nograzie.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
last-modified
Tue, 17 Aug 2021 15:00:56 GMT
server
aruba-proxy
etag
"2582-5c9c295bd7ede-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3070
2217290.php
s4.histats.com/stats/ 		102 B
237 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/2217290.php?2217290&@f16&@g1&@h1&@i1&@j1629447479332&@k0&@l1&@mGestione%20dei%20consensi%20-%20Software%20professionale%20italiano&@n0&@o1000&@q0&@r0&@s1035&@ten-US&@u1600&@b1:130101277&@b3:1629447479&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.0.58 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns500326.ip-192-99-0.net
Software
/
Resource Hash
e2208f4100352e68889e599327818ead6abff9543b1d4a4206b6cc783559f905

Request headers

Referer
https://www.fmrbg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 08:17:59 GMT
Connection
close
Content-Length
102
Content-Type
text/html;charset=UTF-8
cookie.js
partner.googleadservices.com/gampad/ 		199 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.fmrbg.com&callback=_gfp_s_&client=ca-pub-2623836743073464
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2623836743073464&plah=www.fmrbg.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
7912b5517a1eaba49dee236ae32ce281b557b3832bfa8bbe45d024863ea57158
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fmrbg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
189
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.fmrbg.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2623836743073464&plah=www.fmrbg.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fmrbg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.fmrbg.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2623836743073464&plah=www.fmrbg.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fmrbg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EFC4 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2623836743073464&output=html&adk=1812271804&adf=3025194257&lmt=1629447479&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629447479276&bpp=3&bdt=258&idt=65&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7815947042695&frm=20&pv=2&ga_vid=940573279.1629447479&ga_sid=1629447479&ga_hid=1729505771&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=3608247404926184&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=77
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2623836743073464&plah=www.fmrbg.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2623836743073464&output=html&adk=1812271804&adf=3025194257&lmt=1629447479&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629447479276&bpp=3&bdt=258&idt=65&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7815947042695&frm=20&pv=2&ga_vid=940573279.1629447479&ga_sid=1629447479&ga_hid=1729505771&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=3608247404926184&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=77
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.fmrbg.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.fmrbg.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 20 Aug 2021 08:17:59 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 20-Aug-2021 08:32:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Aug 2021 08:17:59 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2623836743073464&plah=www.fmrbg.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fmrbg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629286089745720"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27752
x-xss-protection
0
expires
Fri, 20 Aug 2021 08:17:59 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E161 		89 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2623836743073464&output=html&h=280&slotname=5919657199&adk=4291246983&adf=3785589489&pi=t.ma~as.5919657199&w=1156&fwrn=4&fwrnh=100&lmt=1629447479&rafmt=1&psa=0&format=1156x280&url=https%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629447479279&bpp=4&bdt=260&idt=78&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7815947042695&frm=20&pv=1&ga_vid=940573279.1629447479&ga_sid=1629447479&ga_hid=1729505771&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=222&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=3608247404926184&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jJR5q31oBW&p=https%3A//www.fmrbg.com&dtd=82
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2623836743073464&plah=www.fmrbg.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
74ff9cc7e33cd969cde8b89726f44cdd2bc1d9f5596dd4aac21f78601a34ae55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2623836743073464&output=html&h=280&slotname=5919657199&adk=4291246983&adf=3785589489&pi=t.ma~as.5919657199&w=1156&fwrn=4&fwrnh=100&lmt=1629447479&rafmt=1&psa=0&format=1156x280&url=https%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629447479279&bpp=4&bdt=260&idt=78&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7815947042695&frm=20&pv=1&ga_vid=940573279.1629447479&ga_sid=1629447479&ga_hid=1729505771&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=222&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=3608247404926184&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jJR5q31oBW&p=https%3A//www.fmrbg.com&dtd=82
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.fmrbg.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.fmrbg.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 20 Aug 2021 08:17:59 GMT
server
cafe
content-length
27816
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 20-Aug-2021 08:32:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Aug 2021 08:17:59 GMT
cache-control
private
11455320262328853069
tpc.googlesyndication.com/simgad/ Frame E161 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11455320262328853069?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmb4qTLqbTZymonR337jg4EGedtDQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2623836743073464&output=html&h=280&slotname=5919657199&adk=4291246983&adf=3785589489&pi=t.ma~as.5919657199&w=1156&fwrn=4&fwrnh=100&lmt=1629447479&rafmt=1&psa=0&format=1156x280&url=https%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629447479279&bpp=4&bdt=260&idt=78&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7815947042695&frm=20&pv=1&ga_vid=940573279.1629447479&ga_sid=1629447479&ga_hid=1729505771&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=222&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=3608247404926184&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jJR5q31oBW&p=https%3A//www.fmrbg.com&dtd=82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3e33bd3eeb6d3e82825ca5990e311ada69b68575d9c5d5d205719adaf3a1618
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 20:55:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jun 2020 16:03:32 GMT
server
sffe
age
300171
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35280
x-xss-protection
0
expires
Tue, 16 Aug 2022 20:55:08 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame E161 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2623836743073464&output=html&h=280&slotname=5919657199&adk=4291246983&adf=3785589489&pi=t.ma~as.5919657199&w=1156&fwrn=4&fwrnh=100&lmt=1629447479&rafmt=1&psa=0&format=1156x280&url=https%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629447479279&bpp=4&bdt=260&idt=78&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7815947042695&frm=20&pv=1&ga_vid=940573279.1629447479&ga_sid=1629447479&ga_hid=1729505771&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=222&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=3608247404926184&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jJR5q31oBW&p=https%3A//www.fmrbg.com&dtd=82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 05:14:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11033
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
11770686601635027189
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 05:14:06 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame E161 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2623836743073464&output=html&h=280&slotname=5919657199&adk=4291246983&adf=3785589489&pi=t.ma~as.5919657199&w=1156&fwrn=4&fwrnh=100&lmt=1629447479&rafmt=1&psa=0&format=1156x280&url=https%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629447479279&bpp=4&bdt=260&idt=78&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7815947042695&frm=20&pv=1&ga_vid=940573279.1629447479&ga_sid=1629447479&ga_hid=1729505771&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=222&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=3608247404926184&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jJR5q31oBW&p=https%3A//www.fmrbg.com&dtd=82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 07:30:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2867
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 07:30:12 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame E161 		67 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2623836743073464&output=html&h=280&slotname=5919657199&adk=4291246983&adf=3785589489&pi=t.ma~as.5919657199&w=1156&fwrn=4&fwrnh=100&lmt=1629447479&rafmt=1&psa=0&format=1156x280&url=https%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629447479279&bpp=4&bdt=260&idt=78&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7815947042695&frm=20&pv=1&ga_vid=940573279.1629447479&ga_sid=1629447479&ga_hid=1729505771&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=222&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=3608247404926184&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jJR5q31oBW&p=https%3A//www.fmrbg.com&dtd=82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 19 Aug 2021 12:06:16 GMT
x-content-type-options
nosniff
server
cafe
age
72703
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Fri, 20 Aug 2021 12:06:16 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E161 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CDiC4N2UfYZiZF4Xd7_UP-M2cgAz_56jFZMq_z5b9DL_hHhABIJbdwU9glQKgAZ3NpfsCyAECqQIt59UoUJizPqgDAcgDyQSqBMgBT9D9og7_ZS1zKpAYAXZIbmcmqXeoOHmQCeqopUGQyItoJsM0OscLqRsUSgu8kXOVERCdltDWtRQHFOJ5lr3U8QK1ldHaGD9yoCRnqe5f4VcCiwVKAUJFI32fFuYVi6xaGzkr3VQxEv4IwdlkjgPha54DlwowgolmovBxfa1m65I4N78KGh4E1D9SRdl14YjWx4njro4UXuE1qM6An8tlcUhHnUVQsBBsZO26rXQU3QDgz8J0IZ360EmGTXmBcSxtccEp3tclW2bABPCVxbGmA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfLstqEAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCp2gPSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMjYyMzgzNjc0MzA3MzQ2NBgA&sigh=bnQ7o8tTfck
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2623836743073464&output=html&h=280&slotname=5919657199&adk=4291246983&adf=3785589489&pi=t.ma~as.5919657199&w=1156&fwrn=4&fwrnh=100&lmt=1629447479&rafmt=1&psa=0&format=1156x280&url=https%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629447479279&bpp=4&bdt=260&idt=78&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7815947042695&frm=20&pv=1&ga_vid=940573279.1629447479&ga_sid=1629447479&ga_hid=1729505771&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=222&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=3608247404926184&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jJR5q31oBW&p=https%3A//www.fmrbg.com&dtd=82
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2623836743073464&output=html&h=280&slotname=5919657199&adk=4291246983&adf=3785589489&pi=t.ma~as.5919657199&w=1156&fwrn=4&fwrnh=100&lmt=1629447479&rafmt=1&psa=0&format=1156x280&url=https%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629447479279&bpp=4&bdt=260&idt=78&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7815947042695&frm=20&pv=1&ga_vid=940573279.1629447479&ga_sid=1629447479&ga_hid=1729505771&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=222&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=3608247404926184&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jJR5q31oBW&p=https%3A//www.fmrbg.com&dtd=82
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 20 Aug 2021 08:17:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 20 Aug 2021 08:17:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E161 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2623836743073464&output=html&h=280&slotname=5919657199&adk=4291246983&adf=3785589489&pi=t.ma~as.5919657199&w=1156&fwrn=4&fwrnh=100&lmt=1629447479&rafmt=1&psa=0&format=1156x280&url=https%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629447479279&bpp=4&bdt=260&idt=78&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7815947042695&frm=20&pv=1&ga_vid=940573279.1629447479&ga_sid=1629447479&ga_hid=1729505771&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=222&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=3608247404926184&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jJR5q31oBW&p=https%3A//www.fmrbg.com&dtd=82
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629286078051219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38195
x-xss-protection
0
expires
Fri, 20 Aug 2021 08:17:59 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame E161 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2623836743073464&output=html&h=280&slotname=5919657199&adk=4291246983&adf=3785589489&pi=t.ma~as.5919657199&w=1156&fwrn=4&fwrnh=100&lmt=1629447479&rafmt=1&psa=0&format=1156x280&url=https%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629447479279&bpp=4&bdt=260&idt=78&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7815947042695&frm=20&pv=1&ga_vid=940573279.1629447479&ga_sid=1629447479&ga_hid=1729505771&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=222&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=3608247404926184&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jJR5q31oBW&p=https%3A//www.fmrbg.com&dtd=82
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 08:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
295
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 08:13:04 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame E161 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2623836743073464&output=html&h=280&slotname=5919657199&adk=4291246983&adf=3785589489&pi=t.ma~as.5919657199&w=1156&fwrn=4&fwrnh=100&lmt=1629447479&rafmt=1&psa=0&format=1156x280&url=https%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629447479279&bpp=4&bdt=260&idt=78&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7815947042695&frm=20&pv=1&ga_vid=940573279.1629447479&ga_sid=1629447479&ga_hid=1729505771&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=222&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=3608247404926184&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jJR5q31oBW&p=https%3A//www.fmrbg.com&dtd=82
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2964eaaa17b81ff911681e57089511c35c7ebbbb8cce98e8c64bad2de197149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 10:52:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77137
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10743
x-xss-protection
0
server
cafe
etag
8915488205478863544
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Sep 2021 10:52:22 GMT
page-to-top.png
www.fmrbg.com/style/ 		468 B
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fmrbg.com/style/page-to-top.png
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/nograzie.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
d9882c23a03b07993599b908187ce8c98445d2d4d6b4fbf675478d506ead99f9

Request headers

:path
/style/page-to-top.png
pragma
no-cache
cookie
_ga=GA1.2.940573279.1629447479; _gid=GA1.2.721138564.1629447479; _gat=1; HstCfa2217290=1629447479332; HstCla2217290=1629447479332; HstCmu2217290=1629447479332; HstPn2217290=1; HstPt2217290=1; HstCnv2217290=1; HstCns2217290=1; __gads=ID=3a230a8ad0f07a64-22e407fda4c800ed:T=1629447479:RT=1629447479:S=ALNI_MadaLU9UgtCYrbSi3u69IfOT10OrA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/nograzie.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fmrbg.com/nograzie.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
last-modified
Mon, 09 Aug 2021 14:41:54 GMT
server
aruba-proxy
etag
"1d4-5c92162f32b16-gzip"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
content-length
491
x5cart.php
www.fmrbg.com/cart/ 		49 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.fmrbg.com/cart/x5cart.php?action=crtvrs
Requested by
Host: www.fmrbg.com
URL: https://www.fmrbg.com/res/jquery.js?2021-3-4-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1483.aruba.it
Software
aruba-proxy /
Resource Hash
f7a8e3561162b0a02406c4cf8e7aed09c27c9134bcfd0df5ccc79c60973696a6

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.940573279.1629447479; _gid=GA1.2.721138564.1629447479; _gat=1; HstCfa2217290=1629447479332; HstCla2217290=1629447479332; HstCmu2217290=1629447479332; HstPn2217290=1; HstPt2217290=1; HstCnv2217290=1; HstCns2217290=1; __gads=ID=3a230a8ad0f07a64-22e407fda4c800ed:T=1629447479:RT=1629447479:S=ALNI_MadaLU9UgtCYrbSi3u69IfOT10OrA
:path
/cart/x5cart.php?action=crtvrs
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.fmrbg.com
referer
https://www.fmrbg.com/nograzie.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://www.fmrbg.com/nograzie.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
pragma
no-cache
date
Fri, 20 Aug 2021 08:17:59 GMT
server
aruba-proxy
content-type
application/json
cache-control
no-store, no-cache, must-revalidate
set-cookie
PHPSESSID=70c88a9635953e6ab4ba1b4ab46ebdf0; path=/
content-length
49
expires
Thu, 19 Nov 1981 08:52:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame CCB1 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2623836743073464&output=html&h=280&slotname=5919657199&adk=4291246983&adf=3785589489&pi=t.ma~as.5919657199&w=1156&fwrn=4&fwrnh=100&lmt=1629447479&rafmt=1&psa=0&format=1156x280&url=https%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629447479279&bpp=4&bdt=260&idt=78&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7815947042695&frm=20&pv=1&ga_vid=940573279.1629447479&ga_sid=1629447479&ga_hid=1729505771&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=222&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=3608247404926184&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jJR5q31oBW&p=https%3A//www.fmrbg.com&dtd=82
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2623836743073464&output=html&h=280&slotname=5919657199&adk=4291246983&adf=3785589489&pi=t.ma~as.5919657199&w=1156&fwrn=4&fwrnh=100&lmt=1629447479&rafmt=1&psa=0&format=1156x280&url=https%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629447479279&bpp=4&bdt=260&idt=78&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7815947042695&frm=20&pv=1&ga_vid=940573279.1629447479&ga_sid=1629447479&ga_hid=1729505771&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=222&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=3608247404926184&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jJR5q31oBW&p=https%3A//www.fmrbg.com&dtd=82
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlYI4f8lyF22XqbkcOIhOo9luIPMTsf8o-3OQ2BLV2nykeQZIhFDggjKq74I4M
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2623836743073464&output=html&h=280&slotname=5919657199&adk=4291246983&adf=3785589489&pi=t.ma~as.5919657199&w=1156&fwrn=4&fwrnh=100&lmt=1629447479&rafmt=1&psa=0&format=1156x280&url=https%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629447479279&bpp=4&bdt=260&idt=78&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7815947042695&frm=20&pv=1&ga_vid=940573279.1629447479&ga_sid=1629447479&ga_hid=1729505771&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=222&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=3608247404926184&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jJR5q31oBW&p=https%3A//www.fmrbg.com&dtd=82

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 20 Aug 2021 08:16:33 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
86
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame E161 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0edb5f8d5df72d4a2142e01794d05fda0681d0f483d49c02f04d53d31c7c195b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cc_1035.js
s10.histats.com/counters/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/counters/cc_1035.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
806bb68ff1fc51daf3a2926fc017099f7f4c6e5d36c9ee2f063b6fb60a2c397b

Request headers

Referer
https://www.fmrbg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 08:07:29 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:42 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"219609985"
x-cacheable
Matched cache
content-type
application/javascript; charset=UTF-8
x-grace
full
x-cdn-pop
sbg
accept-ranges
bytes
content-length
5391
x-request-id
537233801
si
googleads.g.doubleclick.net/pagead/drt/ Frame CCB1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2623836743073464&output=html&h=280&slotname=5919657199&adk=4291246983&adf=3785589489&pi=t.ma~as.5919657199&w=1156&fwrn=4&fwrnh=100&lmt=1629447479&rafmt=1&psa=0&format=1156x280&url=https%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629447479279&bpp=4&bdt=260&idt=78&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7815947042695&frm=20&pv=1&ga_vid=940573279.1629447479&ga_sid=1629447479&ga_hid=1729505771&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=222&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=3608247404926184&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jJR5q31oBW&p=https%3A//www.fmrbg.com&dtd=82
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlYI4f8lyF22XqbkcOIhOo9luIPMTsf8o-3OQ2BLV2nykeQZIhFDggjKq74I4M
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 20 Aug 2021 08:17:59 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 20-Aug-2021 09:17:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Aug 2021 08:17:59 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 20 Aug 2021 08:17:59 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
pagead2.googlesyndication.com/bg/ Frame 9FEE 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2623836743073464&output=html&h=280&slotname=5919657199&adk=4291246983&adf=3785589489&pi=t.ma~as.5919657199&w=1156&fwrn=4&fwrnh=100&lmt=1629447479&rafmt=1&psa=0&format=1156x280&url=https%3A%2F%2Fwww.fmrbg.com%2Fnograzie.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629447479279&bpp=4&bdt=260&idt=78&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7815947042695&frm=20&pv=1&ga_vid=940573279.1629447479&ga_sid=1629447479&ga_hid=1729505771&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=222&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062297&oid=3&pvsid=3608247404926184&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jJR5q31oBW&p=https%3A//www.fmrbg.com&dtd=82
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 07:21:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
3372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13491
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 07:21:47 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210812&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2623836743073464&plah=www.fmrbg.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aca8890a0dcfb85ea9ca21f06a4d8d10bdb67c9dc0aadd739d49c8f370d91556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fmrbg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8510
x-xss-protection
0
truncated
/ 		508 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
952b84769779f92897d7c13f0e64f60ed645b4ef886e9154a12916ab1e60c7fe

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2623836743073464&plah=www.fmrbg.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fmrbg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 08:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 20 Aug 2021 08:17:59 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4283 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.fmrbg.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.fmrbg.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 20 Aug 2021 08:03:56 GMT
expires
Sat, 20 Aug 2022 08:03:56 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
843
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1543 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d27dc7ddeb20e4871002e9eb00fb5430273c613a74058e01d29b48620a546707
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BtxGCeKY6Bv13Y6zmcIzuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.fmrbg.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.fmrbg.com/

Response headers

expires
Fri, 20 Aug 2021 08:17:59 GMT
date
Fri, 20 Aug 2021 08:17:59 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-BtxGCeKY6Bv13Y6zmcIzuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
pagead2.googlesyndication.com/bg/ Frame 4283 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 07:21:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
3372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13491
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 07:21:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210812&jk=3608247404926184&bg=!WFulWx_NAAZvV8FTb1c7ACkAdvg8WvFt5qyPeFpv3PGpIXKXCYAmp83IXJehNgv1T44Tlt5Lp-IBpAIAAABNUgAAAAxoAQcKAJ_FaU3agIjUv8InsoNKW_6SymBfFf6Cm2osu7H5dCwR2vKjOVyY9bkwPte-VvNwx32rRiTUXAPFlHAWg1-J1D5n1UnKZfjlxsl6KY0L9GR0neq3oLDJI7QusoDKT4qqyFfQT-b-_hpYyINGpd0ibLPuc_iZTqupZkmtM2hyraLpIro6t4-4Ll1orSMWxwBRk4dGEmb5PAyl23bITTccQMyZAoAe8MVCCu0iBT65nY43O62nblF9pj3fqYkv27ZQY_LFQqbU_oynX6FJxsU0t4VCLhBXsHOBC3Y4uFucPn_1xZq3_erio4mt7W4s-WQpQRs46pta0s4A2yk9-HzNW31fNPHEi4s6F2pHGpYbJInJNBmbWrfuopvfD6OVs0knP0Z5wyylaGHcoSBBDylRy5h9SaUCL3hmtOMCdku-bNUPf3bhDxgXOkyxaiEtP6wGXbujfMQ6sVyX81WBscUNAxBqkLaFlOVzaK-sAC_1QXBUwmdcYfBr9cLu8uC5OS9iQKHnwSECOKwaoPswInjdETyl1msx9bB3qyHUxUttIpM1EFIV6wpggp5t05zeWOtHqnnSlOX1uDaN0ky8642NpfItOIgYV4Z1e2ZP4qYpwcY5n-dnwme8a64MISeSklmyYPS_Z-qpKmN5VFgFcMgi6przYPkEBJF_fYL7fxd3BvWcDlHMfal8JMo18-JCsroI4PjBMXyTSUNrKAeSUJT2c-_qckNOzdYd7HNfq2PF_ya-KvrkBGxhfoHbwrwaOcaXAA_2aXbca2j7iQJcyS4XvaYTHSeoA5cxFdPFu_iC1TZ_s74j3a6p8PNSDFE-C-P3wcZgUuDvgLTiMkIQPDoBvcsmIthdzcwBCuAYyXoNWkBAM-wki53I8to59nUCG6ccbGxBeWTjMgGLpIS9eAFc6a1-tUY69u7PuNFVK91BTd-z3kX8vIeFh-NkRM1AC-Iue0b4Z8yrnX1-ArhysCj-PUx2uzcf675xHCKJ0LuShzLV3KZP9COCU1QkLAvB6T-mPE2Kf0RDbYw3bq1rohtgaGK71rH7cOyNFiU-sLbXamzpqEhl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fmrbg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 08:18:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| checkBrowserCompatibility function| isSupportedBrowser function| getCookie function| setCookie function| proceedClicked function| _jq object| x5engine object| swfobject function| socialicons_imFooter_pluginAppObj_10 string| GoogleAnalyticsObject function| ga object| imHeader_imMenuObject_04_settings object| imStickyBar_imMenuObject_01_settings object| adsbygoogle object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _Hasync object| x5CartData object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint function| chfh function| chfh2 string| _HST_cntval object| Histats function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| Modernizr function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| requestAnimFrame function| cancelAnimFrame object| imStorage object| kendo object| _HistatsCounterGraphics_1035_setValues object| googletag boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_1035 function| histats_canvascounters_base.js object| GoogleGcLKhOms object| google_image_requests

13 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUlYI4f8lyF22XqbkcOIhOo9luIPMTsf8o-3OQ2BLV2nykeQZIhFDggjKq74I4M
www.fmrbg.com/ Name: HstPn2217290
Value: 1
.fmrbg.com/ Name: __gads
Value: ID=3a230a8ad0f07a64-22e407fda4c800ed:T=1629447479:RT=1629447479:S=ALNI_MadaLU9UgtCYrbSi3u69IfOT10OrA
www.fmrbg.com/ Name: HstCns2217290
Value: 1
www.fmrbg.com/ Name: HstPt2217290
Value: 1
www.fmrbg.com/ Name: HstCmu2217290
Value: 1629447479332
www.fmrbg.com/ Name: HstCla2217290
Value: 1629447479332
www.fmrbg.com/ Name: HstCnv2217290
Value: 1
.fmrbg.com/ Name: _gat
Value: 1
www.fmrbg.com/ Name: HstCfa2217290
Value: 1629447479332
.fmrbg.com/ Name: _gid
Value: GA1.2.721138564.1629447479
.fmrbg.com/ Name: _ga
Value: GA1.2.940573279.1629447479

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s10.histats.com
s4.histats.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.fmrbg.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
142.250.185.130
192.99.0.58
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:400c:c08::9c
31.11.36.9
46.105.201.240
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
04ca4bf9bfb204ad74a39811d4a654251d6fdf59346a3629696415a2813d3b2f
0c1ddfcabcf635f8df3c41b92c73eb3592e1e7705aa5d0d1f641b96ed4a50251
0edb5f8d5df72d4a2142e01794d05fda0681d0f483d49c02f04d53d31c7c195b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
215bdde2ad8f19a940dd788fd988c9b39598dc3aec80e208886f85d58dba2c87
251060931ebd3a4e8807211e5b32e002b412e1664105dd393c0a0ac01649ec9f
27dd1d4c9441cb1d3af3a9bfab77967c6faeb99662786abbd564a0c15228ec14
291f440871ba93e05fcd1f72fb2720fb0c152110567741fe948e3c0c72ba98e9
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f149d02e6e902b283536ad187718b70cad4b52e77416578fe7a412d67a627e3
33bb880e18cd4896df174e8e8bc266f9b071c3c0fe54d124be926c22aba6396a
3f92d0cd39a4b115674b2d8d7218b829150bbbaa9628bc36017487454372c5f6
4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f
482e05527b8de9d2504582bfb0737f2fad9be6bfa1aaa6049b324fb24b0f0790
4b67ddb7a09694a707cd8dc3c2befda7e69e95e179a09b1473bdf3f3b7f7747e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5d27335e4b9f94dc015d2e70a0e55e0563ed3749c13c3928c2a1ca94a558cde1
6305eef336a353cae68e65200b179fc569b9c7b371484f8c2e7bd632ea4c09a3
66c47e95e2ac18d9e71b1eeb1664d31499133817fa93ea09cde1c228eb13a137
692b7daa1c6d315a81da7148cdbaab69db13ea2716a9651f6d41079144b9dc51
74ff9cc7e33cd969cde8b89726f44cdd2bc1d9f5596dd4aac21f78601a34ae55
7912b5517a1eaba49dee236ae32ce281b557b3832bfa8bbe45d024863ea57158
806bb68ff1fc51daf3a2926fc017099f7f4c6e5d36c9ee2f063b6fb60a2c397b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8cb6495339f118ecc5f9704ef90f8c3858fddf30ab0178096384ef286805f52b
952b84769779f92897d7c13f0e64f60ed645b4ef886e9154a12916ab1e60c7fe
9d22f143d47c8d30c826f94f677a7675797016803ed0bafb31954f2f8ec77eab
a3a3f6ac4cd16ba1c4844eeab08567ef56f1213422f2c74ed80bb263b18b9d8c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aca8890a0dcfb85ea9ca21f06a4d8d10bdb67c9dc0aadd739d49c8f370d91556
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b370500039a7527a08adf45202249e6ac6e5a9fbbb0049d06e8a3c7170c13a78
b5b3b78060934b27d88d694a3f65e5847097f62d5ffc862ae98e5ce482f74da7
b6ae5622a0ce3fae56d1ec8de61fdf3ccb26e8e892c02e0e31de9a3071f03fde
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bd3fccc561731c3f321e744a436aaef9dd27ea4825f55f3da6fbf5300e0ceaa4
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
ca25a465973b5c37c86527a1874120e5e64cb0d22181ce132a932a91b11e58cb
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf15e12ad9126fee683f54b7adc9b05ce82d191ccc166e20d4cff78d18032b17
d13003d9889941db8afc185324d0daf532deb5d753139d141d61790de94d9fd7
d27dc7ddeb20e4871002e9eb00fb5430273c613a74058e01d29b48620a546707
d3e33bd3eeb6d3e82825ca5990e311ada69b68575d9c5d5d205719adaf3a1618
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d9882c23a03b07993599b908187ce8c98445d2d4d6b4fbf675478d506ead99f9
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784
e2208f4100352e68889e599327818ead6abff9543b1d4a4206b6cc783559f905
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2964eaaa17b81ff911681e57089511c35c7ebbbb8cce98e8c64bad2de197149
f7a8e3561162b0a02406c4cf8e7aed09c27c9134bcfd0df5ccc79c60973696a6
f8faf6268ca9da413b3efc28fffffb8996fd607afb6658e0bc8fd15ece0dcd2f
fa973ef981f22bd568fce91fe672f11334a7132e7d77f1cbfa68f8b4028f7d00