urlscan.io logo urlscan.io
SecurityTrails logo

beta.nontiscordardime.ch Open in urlscan Pro
195.201.62.146  Public Scan

Go To Rescan Add Verdict Report
URL: https://beta.nontiscordardime.ch/
Submission Tags: phishingrod
Submission: On January 20 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 24 HTTP transactions. The main IP is 195.201.62.146, located in Gunzenhausen, Germany and belongs to HETZNER-AS, DE. The main domain is beta.nontiscordardime.ch.
TLS certificate: Issued by R3 on January 20th 2023. Valid for: 3 months.
This is the only time beta.nontiscordardime.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

18    195.201.62.146 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sedrun.orcwebhosting.com
beta.nontiscordardime.ch
1    2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:400d:803::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
18 nontiscordardime.ch
beta.nontiscordardime.ch
327 KB
3 gstatic.com
fonts.gstatic.com
62 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2439
353 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
67 KB
24 5
Domain Requested by
18 beta.nontiscordardime.ch beta.nontiscordardime.ch
3 fonts.gstatic.com fonts.googleapis.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com beta.nontiscordardime.ch
1 www.googletagmanager.com beta.nontiscordardime.ch
24 5

This site contains links to these domains. Also see Links.

Domain
www.cdt.ch
anav.ch
amicidelvino.ch
www.facebook.com
www.anavmendrisiotto.ch
alchimedia.ch
Subject Issuer Validity Valid
www.beta.nontiscordardime.ch
R3		 2023-01-20 -
2023-04-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://beta.nontiscordardime.ch/
Frame ID: D68A54EDEA3A7B1691B9C9E91A6E5F5A
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Anav Sezione Luganese Google Reviews

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

24
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

457 kB
Transfer

1011 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
beta.nontiscordardime.ch/ 		128 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://beta.nontiscordardime.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.201.62.146 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sedrun.orcwebhosting.com
Software
Apache /
Resource Hash
687edbdb8b1c1668a09aac01fc5085a22ac70e7cb0804117ed3d006b4fd2e02d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
22082
content-type
text/html; charset=UTF-8
date
Fri, 20 Jan 2023 01:42:33 GMT
link
<https://beta.nontiscordardime.ch/wp-json/>; rel="https://api.w.org/", <https://beta.nontiscordardime.ch/wp-json/wp/v2/pages/31>; rel="alternate"; type="application/json", <https://beta.nontiscordardime.ch/>; rel=shortlink
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-xss-protection
1; mode=block;
js
www.googletagmanager.com/gtag/ 		180 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DH82T9EKTJ
Requested by
Host: beta.nontiscordardime.ch
URL: https://beta.nontiscordardime.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
29042b6f4b07666fac4eab82543f800d8ec2b46b6df0891c015c886317d49cd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beta.nontiscordardime.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 01:42:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
67847
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Jan 2023 01:42:34 GMT
frontend.min.css
beta.nontiscordardime.ch/wp-content/themes/astra/assets/css/minified/ 		45 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beta.nontiscordardime.ch/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.9.3
Requested by
Host: beta.nontiscordardime.ch
URL: https://beta.nontiscordardime.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.201.62.146 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sedrun.orcwebhosting.com
Software
Apache /
Resource Hash
4b9938bf8b25101b41c401110119babc4b8932180ca98f479ea45d909429aceb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beta.nontiscordardime.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 01:42:34 GMT
last-modified
Sat, 05 Nov 2022 11:47:51 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
8808
x-xss-protection
1; mode=block;
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A400%2C%7CMontserrat%3A700%2C600%7CPoppins%3A500&display=fallback&ver=3.9.3
Requested by
Host: beta.nontiscordardime.ch
URL: https://beta.nontiscordardime.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0211cb488205ac8b77fe634b501d08e07ddc0bacaefeccffe5fc3ecf67a9b0bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beta.nontiscordardime.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Jan 2023 01:42:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 01:42:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Jan 2023 01:42:34 GMT
style.min.css
beta.nontiscordardime.ch/wp-includes/css/dist/block-library/ 		93 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beta.nontiscordardime.ch/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: beta.nontiscordardime.ch
URL: https://beta.nontiscordardime.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.201.62.146 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sedrun.orcwebhosting.com
Software
Apache /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beta.nontiscordardime.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 01:42:34 GMT
last-modified
Wed, 16 Nov 2022 04:08:45 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
12518
x-xss-protection
1; mode=block;
wp-emoji-release.min.js
beta.nontiscordardime.ch/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beta.nontiscordardime.ch/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: beta.nontiscordardime.ch
URL: https://beta.nontiscordardime.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.201.62.146 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sedrun.orcwebhosting.com
Software
Apache /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beta.nontiscordardime.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 01:42:34 GMT
last-modified
Sun, 06 Nov 2022 07:56:22 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
5009
x-xss-protection
1; mode=block;
themify-icons.min.css
beta.nontiscordardime.ch/wp-content/plugins/3d-flipbook-dflip-lite/assets/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beta.nontiscordardime.ch/wp-content/plugins/3d-flipbook-dflip-lite/assets/css/themify-icons.min.css?ver=1.7.33
Requested by
Host: beta.nontiscordardime.ch
URL: https://beta.nontiscordardime.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.201.62.146 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sedrun.orcwebhosting.com
Software
Apache /
Resource Hash
419d6e9bdaf94d2758192e1312e13ffc6b885f2c37a36734f1dd414abee83a2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beta.nontiscordardime.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 01:42:34 GMT
last-modified
Mon, 22 Aug 2022 08:12:15 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
2812
x-xss-protection
1; mode=block;
dflip.min.css
beta.nontiscordardime.ch/wp-content/plugins/3d-flipbook-dflip-lite/assets/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beta.nontiscordardime.ch/wp-content/plugins/3d-flipbook-dflip-lite/assets/css/dflip.min.css?ver=1.7.33
Requested by
Host: beta.nontiscordardime.ch
URL: https://beta.nontiscordardime.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.201.62.146 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sedrun.orcwebhosting.com
Software
Apache /
Resource Hash
e051e0747e00cbf46985db2f3d8017641dd2e9bb729dfbddd01b99ab0d3983f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beta.nontiscordardime.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 01:42:34 GMT
last-modified
Mon, 22 Aug 2022 08:12:15 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
5473
x-xss-protection
1; mode=block;
frontend-gtag.min.js
beta.nontiscordardime.ch/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beta.nontiscordardime.ch/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.1
Requested by
Host: beta.nontiscordardime.ch
URL: https://beta.nontiscordardime.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.201.62.146 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sedrun.orcwebhosting.com
Software
Apache /
Resource Hash
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beta.nontiscordardime.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 01:42:34 GMT
last-modified
Wed, 30 Nov 2022 04:01:00 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
3246
x-xss-protection
1; mode=block;
jquery.min.js
beta.nontiscordardime.ch/wp-includes/js/jquery/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beta.nontiscordardime.ch/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: beta.nontiscordardime.ch
URL: https://beta.nontiscordardime.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.201.62.146 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sedrun.orcwebhosting.com
Software
Apache /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beta.nontiscordardime.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 01:42:34 GMT
last-modified
Sun, 06 Nov 2022 08:01:24 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
30995
x-xss-protection
1; mode=block;
jquery-migrate.min.js
beta.nontiscordardime.ch/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beta.nontiscordardime.ch/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: beta.nontiscordardime.ch
URL: https://beta.nontiscordardime.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.201.62.146 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sedrun.orcwebhosting.com
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beta.nontiscordardime.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 01:42:34 GMT
last-modified
Sun, 06 Nov 2022 07:56:54 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
4169
x-xss-protection
1; mode=block;
email-posts-to-subscribers.js
beta.nontiscordardime.ch/wp-content/plugins/email-posts-to-subscribers//inc/ 		2 KB
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beta.nontiscordardime.ch/wp-content/plugins/email-posts-to-subscribers//inc/email-posts-to-subscribers.js?ver=2.2
Requested by
Host: beta.nontiscordardime.ch
URL: https://beta.nontiscordardime.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.201.62.146 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sedrun.orcwebhosting.com
Software
Apache /
Resource Hash
9a6f09eb19e1a3704e5e1495d29ad243ae1bc0401f90dbf58f2a70b90be4873b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beta.nontiscordardime.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 01:42:34 GMT
last-modified
Mon, 22 Aug 2022 08:15:11 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
870
x-xss-protection
1; mode=block;
logo-pacc-aran-251x100.jpg
beta.nontiscordardime.ch/wp-content/uploads/2022/05/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beta.nontiscordardime.ch/wp-content/uploads/2022/05/logo-pacc-aran-251x100.jpg
Requested by
Host: beta.nontiscordardime.ch
URL: https://beta.nontiscordardime.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.201.62.146 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sedrun.orcwebhosting.com
Software
Apache /
Resource Hash
42f89d6618bda546f892e40781a2304b82a41905e64bf4aacaaf74308bec5ee2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beta.nontiscordardime.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Jan 2023 01:42:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 11 Jul 2022 08:51:18 GMT
server
Apache
content-type
image/jpeg
accept-ranges
bytes
content-length
6799
x-xss-protection
1; mode=block;
botti.jpg
beta.nontiscordardime.ch/wp-content/uploads/2022/05/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beta.nontiscordardime.ch/wp-content/uploads/2022/05/botti.jpg
Requested by
Host: beta.nontiscordardime.ch
URL: https://beta.nontiscordardime.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.201.62.146 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sedrun.orcwebhosting.com
Software
Apache /
Resource Hash
fb45b2ea03b7d60fdfab7871e55729dde22843fe03cc0f3023619c1b31174c87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beta.nontiscordardime.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Jan 2023 01:42:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 11 Jul 2022 08:51:18 GMT
server
Apache
content-type
image/jpeg
accept-ranges
bytes
content-length
64835
x-xss-protection
1; mode=block;
logocompleto-aran.jpg
beta.nontiscordardime.ch/wp-content/uploads/2022/05/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beta.nontiscordardime.ch/wp-content/uploads/2022/05/logocompleto-aran.jpg
Requested by
Host: beta.nontiscordardime.ch
URL: https://beta.nontiscordardime.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.201.62.146 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sedrun.orcwebhosting.com
Software
Apache /
Resource Hash
02e04ec3538ddad0e6e6a97d729b9dfba1e4e9c5501b0b48565e7a0ad071a2b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beta.nontiscordardime.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Jan 2023 01:42:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 11 Jul 2022 08:51:18 GMT
server
Apache
content-type
image/jpeg
accept-ranges
bytes
content-length
87510
x-xss-protection
1; mode=block;
logo-news24d.jpg
beta.nontiscordardime.ch/wp-content/uploads/2022/10/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beta.nontiscordardime.ch/wp-content/uploads/2022/10/logo-news24d.jpg
Requested by
Host: beta.nontiscordardime.ch
URL: https://beta.nontiscordardime.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.201.62.146 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sedrun.orcwebhosting.com
Software
Apache /
Resource Hash
88e7f1e5beb7d29d4623245e5dda2d026460af018ac854070ded0980e7b24490
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beta.nontiscordardime.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Jan 2023 01:42:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Oct 2022 14:01:45 GMT
server
Apache
content-type
image/jpeg
accept-ranges
bytes
content-length
21778
x-xss-protection
1; mode=block;
frontend.min.js
beta.nontiscordardime.ch/wp-content/themes/astra/assets/js/minified/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beta.nontiscordardime.ch/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.3
Requested by
Host: beta.nontiscordardime.ch
URL: https://beta.nontiscordardime.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.201.62.146 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sedrun.orcwebhosting.com
Software
Apache /
Resource Hash
d6a23f9c4dec2f455c8e2340a99ad4db01a1d538bb1f2537bab3991ec64e14c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beta.nontiscordardime.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 01:42:34 GMT
last-modified
Sat, 05 Nov 2022 11:47:53 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
4075
x-xss-protection
1; mode=block;
dflip.min.js
beta.nontiscordardime.ch/wp-content/plugins/3d-flipbook-dflip-lite/assets/js/ 		125 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beta.nontiscordardime.ch/wp-content/plugins/3d-flipbook-dflip-lite/assets/js/dflip.min.js?ver=1.7.33
Requested by
Host: beta.nontiscordardime.ch
URL: https://beta.nontiscordardime.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.201.62.146 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sedrun.orcwebhosting.com
Software
Apache /
Resource Hash
a5642a221fb44e5463870bf7cff375270908119420b8cb05a6d77225464f27a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beta.nontiscordardime.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 01:42:34 GMT
last-modified
Mon, 22 Aug 2022 08:12:15 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
40422
x-xss-protection
1; mode=block;
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C%7CMontserrat%3A700%2C600%7CPoppins%3A500&display=fallback&ver=3.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://beta.nontiscordardime.ch
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 17:08:09 GMT
x-content-type-options
nosniff
age
203665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 17:08:09 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C%7CMontserrat%3A700%2C600%7CPoppins%3A500&display=fallback&ver=3.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://beta.nontiscordardime.ch
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 06:43:46 GMT
x-content-type-options
nosniff
age
241128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 06:43:46 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C%7CMontserrat%3A700%2C600%7CPoppins%3A500&display=fallback&ver=3.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://beta.nontiscordardime.ch
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 19:25:01 GMT
x-content-type-options
nosniff
age
109053
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jan 2024 19:25:01 GMT
CDT-logo.jpg
beta.nontiscordardime.ch/wp-content/uploads/2022/11/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beta.nontiscordardime.ch/wp-content/uploads/2022/11/CDT-logo.jpg
Requested by
Host: beta.nontiscordardime.ch
URL: https://beta.nontiscordardime.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.201.62.146 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sedrun.orcwebhosting.com
Software
Apache /
Resource Hash
3bcdddd5ac5da45935447d1d41b2ca063ec199eab24c37451ae4075e440fe263
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beta.nontiscordardime.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Jan 2023 01:42:34 GMT
x-content-type-options
nosniff
last-modified
Sat, 05 Nov 2022 11:53:25 GMT
server
Apache
content-type
image/jpeg
accept-ranges
bytes
content-length
7396
x-xss-protection
1; mode=block;
newslettlogo3.webp
beta.nontiscordardime.ch/wp-content/uploads/2022/05/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beta.nontiscordardime.ch/wp-content/uploads/2022/05/newslettlogo3.webp
Requested by
Host: beta.nontiscordardime.ch
URL: https://beta.nontiscordardime.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.201.62.146 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sedrun.orcwebhosting.com
Software
Apache /
Resource Hash
d93be376adc34e9fa9ee9e99371ed9be175cceab11b37a3d9f6df8692e384d80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beta.nontiscordardime.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 01:42:34 GMT
last-modified
Mon, 11 Jul 2022 08:51:18 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/webp
accept-ranges
bytes
content-length
2529
x-xss-protection
1; mode=block;
collect
region1.google-analytics.com/g/ 		0
353 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DH82T9EKTJ&gtm=2oe1i0&_p=1277750278&gdid=dZGIzZG&cid=950205355.1674178955&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674178954&sct=1&seg=0&dl=https%3A%2F%2Fbeta.nontiscordardime.ch%2F&dt=Home%20-%20Anav%20Sezione%20Luganese&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DH82T9EKTJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beta.nontiscordardime.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 01:42:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://beta.nontiscordardime.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange string| mi_version boolean| mi_track_user string| mi_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings function| MonsterInsights object| MonsterInsightsObject object| monsterinsights_frontend undefined| $ function| jQuery object| elp_data string| dFlipLocation object| dFlipWPGlobal object| astra function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| popupTriggerClick function| AstraToggleSubMenu function| AstraToggleSetup function| astraNavMenuToggle object| twemoji object| wp object| DFLIP object| PRESENTATION function| ThumbList function| BookMarkViewer function| DFLightBox function| PDFLinkService object| FindStates number| FIND_SCROLL_OFFSET_TOP number| FIND_SCROLL_OFFSET_LEFT object| CHARACTERS_TO_NORMALIZE object| TWEEN object| google_tag_manager object| google_tag_data number| link number| len object| gaGlobal

3 Cookies

Domain/Path Name / Value
beta.nontiscordardime.ch/ Name: pdb-sess
Value: 26586ef627b0b21ad5f4764d503beee3
.nontiscordardime.ch/ Name: _ga_DH82T9EKTJ
Value: GS1.1.1674178954.1.0.1674178954.0.0.0
.nontiscordardime.ch/ Name: _ga
Value: GA1.1.950205355.1674178955

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beta.nontiscordardime.ch
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
www.googletagmanager.com
195.201.62.146
2001:4860:4802:34::36
2a00:1450:4001:812::2003
2a00:1450:400d:803::200a
2a00:1450:400d:80d::2008
0211cb488205ac8b77fe634b501d08e07ddc0bacaefeccffe5fc3ecf67a9b0bb
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02e04ec3538ddad0e6e6a97d729b9dfba1e4e9c5501b0b48565e7a0ad071a2b4
29042b6f4b07666fac4eab82543f800d8ec2b46b6df0891c015c886317d49cd9
3bcdddd5ac5da45935447d1d41b2ca063ec199eab24c37451ae4075e440fe263
419d6e9bdaf94d2758192e1312e13ffc6b885f2c37a36734f1dd414abee83a2c
42f89d6618bda546f892e40781a2304b82a41905e64bf4aacaaf74308bec5ee2
4b9938bf8b25101b41c401110119babc4b8932180ca98f479ea45d909429aceb
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
687edbdb8b1c1668a09aac01fc5085a22ac70e7cb0804117ed3d006b4fd2e02d
88e7f1e5beb7d29d4623245e5dda2d026460af018ac854070ded0980e7b24490
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9a6f09eb19e1a3704e5e1495d29ad243ae1bc0401f90dbf58f2a70b90be4873b
a5642a221fb44e5463870bf7cff375270908119420b8cb05a6d77225464f27a2
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d6a23f9c4dec2f455c8e2340a99ad4db01a1d538bb1f2537bab3991ec64e14c7
d93be376adc34e9fa9ee9e99371ed9be175cceab11b37a3d9f6df8692e384d80
e051e0747e00cbf46985db2f3d8017641dd2e9bb729dfbddd01b99ab0d3983f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb45b2ea03b7d60fdfab7871e55729dde22843fe03cc0f3023619c1b31174c87