urlscan.io logo urlscan.io
SecurityTrails logo

research.indiville.be Open in urlscan Pro
2600:9000:2251:b400:e:5506:1e40:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://llink.to/?u=https://research.indiville.be/doemeter?gem=kinrooi&e=5b79dfdcc41d4f65b11f5c3b475b9b43
Effective URL: https://research.indiville.be/surveys/message/?e=291454&h=2333AC3A2657B5E&l=du&gem&f=5
Submission: On July 07 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 19 HTTP transactions. The main IP is 2600:9000:2251:b400:e:5506:1e40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is research.indiville.be.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 28th 2023. Valid for: a year.
This is the only time research.indiville.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    185.199.111.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-153.github.com
llink.to
2    2606:4700:3108::ac42:2b96 (United States)

ASN13335 (CLOUDFLARENET, US)
track.salesflare.com
5    2600:1901:0:e8fb:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
api.salesflare.com
1    2a00:1450:4001:806::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
8    2600:9000:2251:b400:e:5506:1e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
research.indiville.be
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    108.138.24.151 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-24-151.fra56.r.cloudfront.net
d3ttam7wzq4yc2.cloudfront.net
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 indiville.be
research.indiville.be
163 KB
7 salesflare.com
track.salesflare.com — Cisco Umbrella Rank: 955563
api.salesflare.com — Cisco Umbrella Rank: 715425
21 KB
2 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 506
fonts.googleapis.com — Cisco Umbrella Rank: 88
2 KB
1 gstatic.com
fonts.gstatic.com
19 KB
1 cloudfront.net
d3ttam7wzq4yc2.cloudfront.net
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368
21 KB
1 llink.to
llink.to
629 B
19 7
Domain Requested by
8 research.indiville.be 2 redirects track.salesflare.com
research.indiville.be
5 api.salesflare.com track.salesflare.com
2 track.salesflare.com llink.to
storage.googleapis.com
1 fonts.gstatic.com fonts.googleapis.com
1 d3ttam7wzq4yc2.cloudfront.net research.indiville.be
1 fonts.googleapis.com research.indiville.be
1 cdn.jsdelivr.net storage.googleapis.com
1 storage.googleapis.com track.salesflare.com
1 llink.to
19 9

This site contains no links.

Subject Issuer Validity Valid
llink.to
R3		 2023-05-31 -
2023-08-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-20 -
2024-03-19		 a year crt.sh
api.salesflare.com
GTS CA 1D4		 2023-05-31 -
2023-08-29		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
research.indiville.be
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://research.indiville.be/surveys/message/?e=291454&h=2333AC3A2657B5E&l=du&gem&f=5
Frame ID: 67C50FB83E1C538D533470EE7EBE0C66
Requests: 14 HTTP requests in this frame

Frame: https://storage.googleapis.com/track.salesflare.com/provider.html?xdm_e=https%3A%2F%2Fllink.to&xdm_c=default2746&xdm_p=1
Frame ID: C8D895BCF102A29C49EA098AF4D77CFD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

- Doemeter

Page URL History Show full URLs

  1. https://llink.to/?u=https://research.indiville.be/doemeter?gem=kinrooi&e=5b79dfdcc41d4f65b11f... Page URL
  2. https://research.indiville.be/doemeter?gem HTTP 302
    https://research.indiville.be/?e=291454&h=2333AC3A2657B5E&l=du&gem HTTP 302
    https://research.indiville.be/surveys/message/?e=291454&h=2333AC3A2657B5E&l=du&gem&f=5 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

19
Requests

100 %
HTTPS

78 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

225 kB
Transfer

686 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://llink.to/?u=https://research.indiville.be/doemeter?gem=kinrooi&e=5b79dfdcc41d4f65b11f5c3b475b9b43 Page URL
  2. https://research.indiville.be/doemeter?gem HTTP 302
    https://research.indiville.be/?e=291454&h=2333AC3A2657B5E&l=du&gem HTTP 302
    https://research.indiville.be/surveys/message/?e=291454&h=2333AC3A2657B5E&l=du&gem&f=5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
llink.to/ 		528 B
629 B 		Document
General
Check archive.org
Download Go to
Full URL
https://llink.to/?u=https://research.indiville.be/doemeter?gem=kinrooi&e=5b79dfdcc41d4f65b11f5c3b475b9b43
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
cef628c25de0e74a1b9644b9b536388bf5770d15fdc6657adeb0bc14e7443cba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
max-age=600
content-encoding
gzip
content-length
247
content-type
text/html; charset=utf-8
date
Fri, 07 Jul 2023 05:49:16 GMT
etag
W/"63974a53-210"
expires
Tue, 04 Jul 2023 04:49:49 GMT
last-modified
Mon, 12 Dec 2022 15:35:47 GMT
server
GitHub.com
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-fastly-request-id
034afa80a888eaa53ef2d7995d6ec99f7eefe1dc
x-github-request-id
5630:10189:2AFC3C4:2C66524:64A3A294
x-proxy-cache
MISS
x-served-by
cache-fra-eddf8230020-FRA
x-timer
S1688708956.979109,VS0,VE97
flare.js
track.salesflare.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.salesflare.com/flare.js
Requested by
Host: llink.to
URL: https://llink.to/?u=https://research.indiville.be/doemeter?gem=kinrooi&e=5b79dfdcc41d4f65b11f5c3b475b9b43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be78f01895edc773a13548123092abe460b3d9c5eac8def3121c0bb37426ea2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://llink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 05:49:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9364
cf-polished
origSize=25857
x-guploader-uploadid
ADPycdssVlISUlquYdyDULXMDKU7ZG7XpFehJ0Bu_qWVginXQRlljeE5XwTBmscJVJjAkAqGY-y0LMiZX6Ap1XBoUw7WfCVAvzUj
x-goog-storage-class
STANDARD
content-encoding
br
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 31 Jan 2022 15:07:13 GMT
server
cloudflare
etag
W/"f0f9b9e0eff4cb7320ab07be423b3697"
vary
Accept-Encoding,Origin
x-goog-generation
1643641633015855
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=xHIp5A==, md5=8Pm54O/0y3Mgqwe+Qjs2lw==
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGipEvDiYu4umfI%2Bk7Tqyw82Gjv6ppdzAGit%2BtB27VdVuwvqCtz0Fg4xwgG6cePEQuYGtm52majF6d7Klk8LwVBcDoJmOcWWwPNJSui0uQvPjOKbiVehTvX5CsCEQC1FnixbupZllSM%2Bg8HJd6t%2B1%2Bxo"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
8963
cf-ray
7e2dcda00b52906d-FRA
expires
Fri, 07 Jul 2023 06:24:27 GMT
token
api.salesflare.com/ 		66 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.salesflare.com/token?email=5b79dfdcc41d4f65b11f5c3b475b9b43
Requested by
Host: track.salesflare.com
URL: https://track.salesflare.com/flare.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e8fb:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
231f86aa039ca37c21b7e4b6bb7143a35072188a95f47b2c9a254aca5db8f538

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://llink.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 05:49:16 GMT
via
1.1 google
server
Google Frontend
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://llink.to
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
x-cloud-trace-context
a64af62d9d944268e089314981bf8fe4
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
provider.html
storage.googleapis.com/track.salesflare.com/ Frame C8D8 		675 B
979 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/track.salesflare.com/provider.html?xdm_e=https%3A%2F%2Fllink.to&xdm_c=default2746&xdm_p=1
Requested by
Host: track.salesflare.com
URL: https://track.salesflare.com/flare.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3d5b058f40de73e5c230de95043f17cf5c0f3e0b627f196193538d34b9514286

Request headers

Referer
https://llink.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=14400
content-encoding
gzip
content-language
en
content-length
458
content-type
text/html
date
Fri, 07 Jul 2023 05:49:16 GMT
etag
"ae6708171a4c410b78856fbfccfe9cc1"
expires
Fri, 07 Jul 2023 09:49:16 GMT
last-modified
Mon, 31 Jan 2022 15:07:16 GMT
server
UploadServer
vary
Accept-Encoding Origin
x-goog-generation
1643641636503819
x-goog-hash
crc32c=EEscEQ== md5=rmcIFxpMQQt4hW+/zP6cwQ==
x-goog-metageneration
2
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
458
x-guploader-uploadid
ADPycdtfugq_Y9CyMpdEPhrmpcWUj4BQ8cFmaDcmtDNElY4nepDRDnk2pgJglxvB0v_JPKxKtb8zGnpDv1pkmEhNFW_JWpFwzcK6
bundle.min.js
cdn.jsdelivr.net/npm/@sentry/browser@5.29.2/build/ Frame C8D8 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@sentry/browser@5.29.2/build/bundle.min.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/track.salesflare.com/provider.html?xdm_e=https%3A%2F%2Fllink.to&xdm_c=default2746&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
921c1d956fb29a553a69185344a6d58aa553143e22400146222c9851d633a4b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://storage.googleapis.com/
Origin
https://storage.googleapis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 07 Jul 2023 05:49:16 GMT
x-content-type-options
nosniff
content-encoding
br
age
263305
x-jsd-version
5.29.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
21035
x-served-by
cache-fra-eddf8230105-FRA
x-jsd-version-type
version
etag
W/"ff1f-tqCXvFcJJITCoIIqq76zHuvUrxQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
flareprovider.js
track.salesflare.com/ Frame C8D8 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.salesflare.com/flareprovider.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/track.salesflare.com/provider.html?xdm_e=https%3A%2F%2Fllink.to&xdm_c=default2746&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ba6c1f976443df2baca2263f0d2145543d9622285091ba07efd10506845a895
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 05:49:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3840
cf-polished
origSize=31090
x-guploader-uploadid
ADPycdsPnm2gMoW01k9H4GHbQ-NenhZdyWL-W5EF5JmxdS75BbF7HWmmQDCiEobf9nuPC5lOUaaVApRAbDyKWJCks9Podg
x-goog-storage-class
STANDARD
content-encoding
br
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 31 Jan 2022 15:07:14 GMT
server
cloudflare
vary
Accept-Encoding,Origin
x-goog-generation
1643641634228898
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=H4ed6w==, md5=3+ATZ94PQht43s2p2sTBSg==
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CYWI90KJxQBOsofIRzGfPNZjAyCEW9X3DlYi3fIIpwGTZxh3%2BNVNp44llZZ%2F2nxu8Rej%2FofTN6wvoSRhXWxupHW%2FFakzdi41ITrbQ7ko8HS5q0Mm73mUDbCEQo5A4KUM1IHxbntPXgL1g0%2BxorpLj4F"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
10693
cf-ray
7e2dcda1fcd0906d-FRA
expires
Fri, 07 Jul 2023 08:03:41 GMT
devices
api.salesflare.com/ 		16 B
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.salesflare.com/devices
Requested by
Host: track.salesflare.com
URL: https://track.salesflare.com/flare.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e8fb:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
144aef276b0d053c263fd40ca897a05634d78cdbd27b2c223800571fa730b2b1

Request headers

Referer
https://llink.to/
accept-language
de-DE,de;q=0.9
Authorization
Bearer UD7pZ1tctaFTN1wBHPCcZabYJVtdZQUaIZA8ES2cFHqPJ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 07 Jul 2023 05:49:16 GMT
via
1.1 google
server
Google Frontend
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://llink.to
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
x-cloud-trace-context
3139921333bab60a8572befd600cbfea
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
devices
api.salesflare.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.salesflare.com/devices
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e8fb:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
POST
Origin
https://llink.to
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,x-salesflare-client,x-result-count,x-salesflare-actor
access-control-allow-methods
POST
access-control-allow-origin
https://llink.to
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-length
0
content-type
text/html
date
Fri, 07 Jul 2023 05:49:16 GMT
server
Google Frontend
via
1.1 google
x-cloud-trace-context
a50ba3e49e596850cb048e050cd83d07
forward
api.salesflare.com/interactions/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.salesflare.com/interactions/forward?instant=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:e8fb:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
POST
Origin
https://llink.to
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,x-salesflare-client,x-result-count,x-salesflare-actor
access-control-allow-methods
POST
access-control-allow-origin
https://llink.to
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-length
0
content-type
text/html
date
Fri, 07 Jul 2023 05:49:16 GMT
server
Google Frontend
via
1.1 google
x-cloud-trace-context
862a84e5e60f27da7d72c731b8cde3aa
forward
api.salesflare.com/interactions/ 		16 B
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.salesflare.com/interactions/forward?instant=true
Requested by
Host: track.salesflare.com
URL: https://track.salesflare.com/flare.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:e8fb:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Referer
https://llink.to/
accept-language
de-DE,de;q=0.9
Authorization
Bearer UD7pZ1tctaFTN1wBHPCcZabYJVtdZQUaIZA8ES2cFHqPJ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 07 Jul 2023 05:49:16 GMT
via
1.1 google
server
Google Frontend
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://llink.to
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
x-cloud-trace-context
7b4c599f89fdcafc9a3fb75418258558
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
Primary Request /
research.indiville.be/surveys/message/
Redirect Chain
  • https://research.indiville.be/doemeter?gem
  • https://research.indiville.be/?e=291454&h=2333AC3A2657B5E&l=du&gem
  • https://research.indiville.be/surveys/message/?e=291454&h=2333AC3A2657B5E&l=du&gem&f=5
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://research.indiville.be/surveys/message/?e=291454&h=2333AC3A2657B5E&l=du&gem&f=5
Requested by
Host: track.salesflare.com
URL: https://track.salesflare.com/flare.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:b400:e:5506:1e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
fa10ba992d1aac0ae4f2c616897d15e91fb507dbf95f38f255b2d29c67b26b47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://llink.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; Charset=utf-8
date
Fri, 07 Jul 2023 05:49:18 GMT
expires
0
p3p
CP="IE cookies"
pragma
no-cache
referrer-policy
origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-id
pJlja-dvpXtQevApHYx_5kQhE8AxytuMMGkK5QlUWkLSeSnJHKhbnQ==
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store
content-length
194
content-type
text/html; Charset=utf-8
date
Fri, 07 Jul 2023 05:49:18 GMT
expires
0
location
/surveys/message/?e=291454&h=2333AC3A2657B5E&l=du&gem&f=5
p3p
CP="IE cookies"
pragma
no-cache
referrer-policy
origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-id
XgDhkF2Umw0Z-2Xs0wWyulyXgwfdSadRtDzGg-1wHhdFR7R3WSfONQ==
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
surveys-4.2.28.min.css
research.indiville.be/assets/css/ 		129 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://research.indiville.be/assets/css/surveys-4.2.28.min.css
Requested by
Host: research.indiville.be
URL: https://research.indiville.be/surveys/message/?e=291454&h=2333AC3A2657B5E&l=du&gem&f=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:b400:e:5506:1e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
491d5a817bc9f1b4cb4561aa67f138993a71ff9ae6321194bc79106306c1ec0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://research.indiville.be/surveys/message/?e=291454&h=2333AC3A2657B5E&l=du&gem&f=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 14 May 2023 04:57:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
x-amz-cf-pop
FRA60-P3
age
4668733
via
1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 08 May 2023 06:01:06 GMT
etag
W/"07d2a7a7281d91:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=5184000
access-control-allow-headers
Content-Type, Accept
x-amz-cf-id
JIRzQAOiEvYR-q1i8nbeME0agKJIryONke5l5FF9bJbTnxStwRXilg==
291454_20221114124446_si.css
research.indiville.be/css/surveys/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://research.indiville.be/css/surveys/291454_20221114124446_si.css
Requested by
Host: research.indiville.be
URL: https://research.indiville.be/surveys/message/?e=291454&h=2333AC3A2657B5E&l=du&gem&f=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:b400:e:5506:1e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
51c0bd2ee939404f05429d17157a3b2514d3858a6db2c04a842750696744e7ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://research.indiville.be/surveys/message/?e=291454&h=2333AC3A2657B5E&l=du&gem&f=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:14:59 GMT
x-amz-version-id
WXg7nMZjKCV4xl15FWD1A.Jw_O2JduTF
content-encoding
br
last-modified
Mon, 14 Nov 2022 12:44:47 GMT
server
AmazonS3
via
1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
etag
W/"ee71fcb9ab2a5a9675a0d44128ea8eba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=5184000, s-maxage=5184000
age
747260
x-amz-cf-id
XqaOU9Oyr4rU9IsEtYC1pco6Sr9d2Rjz_eizfTlFUSuT0Vu0XyGKwQ==
si_strings_du-2.2.7.min.js
research.indiville.be/assets/js/CM/apps/si/locale/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://research.indiville.be/assets/js/CM/apps/si/locale/si_strings_du-2.2.7.min.js
Requested by
Host: research.indiville.be
URL: https://research.indiville.be/surveys/message/?e=291454&h=2333AC3A2657B5E&l=du&gem&f=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:b400:e:5506:1e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5b5b115ddafa427a456449eea1522cd77680fe83e852de9ff8074c7c4ecff903
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://research.indiville.be/surveys/message/?e=291454&h=2333AC3A2657B5E&l=du&gem&f=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 04:42:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
x-amz-cf-pop
FRA60-P3
age
90387
via
1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Wed, 28 Jun 2023 12:17:00 GMT
etag
W/"067770baa9d91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=5184000
access-control-allow-headers
Content-Type, Accept
x-amz-cf-id
8DCY2q8GF8bjU9jBPI2PA1URcF3LP7Y1Dk7QmkoME1XxrjFZwhvEig==
si-3.8.35.min.js
research.indiville.be/assets/js/CM/apps/si/ 		376 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://research.indiville.be/assets/js/CM/apps/si/si-3.8.35.min.js
Requested by
Host: research.indiville.be
URL: https://research.indiville.be/surveys/message/?e=291454&h=2333AC3A2657B5E&l=du&gem&f=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:b400:e:5506:1e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ea3d1cb65148e770914a353ffe71569d52dfbc70d484e9556cf46a172197531c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://research.indiville.be/surveys/message/?e=291454&h=2333AC3A2657B5E&l=du&gem&f=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 10:05:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
x-amz-cf-pop
FRA60-P3
age
675813
via
1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Wed, 28 Jun 2023 12:17:00 GMT
etag
W/"067770baa9d91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=5184000
access-control-allow-headers
Content-Type, Accept
x-amz-cf-id
XB_Me7_9ugBiwBkmAgu6PMJqmXPuE5H40QpOVEj3gSyAqOR4gKRuTw==
Banner_NL_DOEMeter_survey.png
research.indiville.be/lib/17991/files/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://research.indiville.be/lib/17991/files/Banner_NL_DOEMeter_survey.png
Requested by
Host: research.indiville.be
URL: https://research.indiville.be/surveys/message/?e=291454&h=2333AC3A2657B5E&l=du&gem&f=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:b400:e:5506:1e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e7359d9c0c04ce8bf0441717e9204fd8d5ef9850b5c4df0767a35eabc254f8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://research.indiville.be/surveys/message/?e=291454&h=2333AC3A2657B5E&l=du&gem&f=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 08:02:16 GMT
x-amz-version-id
3P8T2A0BgVdWHV3Fihh9f5zL0Ku.UvgX
via
1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-request-id
H34SH3Z9F4SB6JFZ
x-amz-cf-pop
FRA60-P3
x-amz-server-side-encryption
AES256
age
78423
x-cache
Hit from cloudfront
content-length
29886
x-amz-id-2
uiCHWRj07qAYkv0GSb30vFq8AQjvuIOZ8tttT371LJS+CCCQTLykncg7aazKb6f3moEPAcRQNVA=
last-modified
Mon, 14 Nov 2022 10:39:23 GMT
server
AmazonS3
etag
"d51e1780d5c87aba7242f26fbeeb7fc0"
content-type
image/webp
cache-control
max-age=5184000
accept-ranges
bytes
x-amz-cf-id
lYKCX-CrzvnPvvNBdDdzon87Z5UQgsFPJWXcwNpsNdiFvRK-EWWbbQ==
css2
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans&display=swap
Requested by
Host: research.indiville.be
URL: https://research.indiville.be/css/surveys/291454_20221114124446_si.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://research.indiville.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 07 Jul 2023 05:49:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 07 Jul 2023 05:02:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Jul 2023 05:49:18 GMT
36.png
d3ttam7wzq4yc2.cloudfront.net/lib/14848/files/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3ttam7wzq4yc2.cloudfront.net/lib/14848/files/36.png
Requested by
Host: research.indiville.be
URL: https://research.indiville.be/css/surveys/291454_20221114124446_si.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.24.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-24-151.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://research.indiville.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://research.indiville.be
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 02:30:05 GMT
x-content-type-options
nosniff
age
530354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18664
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:19:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Jun 2024 02:30:05 GMT

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| CM function| renderCardCarousel undefined| nSurveyId boolean| bNS4 object| sCssBackgroundColor function| is_touch_device function| getBackgroundColor function| checkLength function| CheckThis function| fnMaxSelectListBox function| fnReCalcSum function| fnValidateConstantSum function| fnRankOrderScaleDropdown function| fnSetRankDropdownOther function| fnValidateRankDropdowns function| fnValidateRankButtons function| fnValidateSecondaryDropDown function| fnValidateSecondaryRatingScale function| fnListBoxMaxMinSelect function| fnValidateListBox function| fnValidateMaxDiff function| fnValidateMatrixRadioButtons function| fnValidateMatrixCheckboxes function| fnValidateMatrixTextboxes function| fnValidateMatrixTextboxesOne function| fnValidatePrompts function| fnValidatePromptsAllReq function| fnValidateEmailField function| fnCheckEmailField function| fnCompare function| fnValidateStringLength function| fnValidateBankAccountNumberBelgium function| fnValidatePostalCodeNetherlands function| fnValidateBankAccountNumberNetherlands function| fnValidateSOFINumberNetherlands function| fnValidateRegularExpression function| fnValidateInteger function| fnValidateDecimal function| fnMaxMinIntegerValidation function| fnStringLengthValidation function| fnClearRadioButtonsMatrixSubQuestion function| fnClearSecondaryQuestRatingScale function| fnClearSecondaryQuestDropdown function| fnClearSecondaryQuestTextarea function| fnClearSubQuestOtherTextbox function| fnClearCheckboxesMatrixSubQuestion function| fnClearTextboxesMatrixSubQuestion function| fnClearNABoxesMatrix function| fnClearNARadioButtonMatrix function| fnSetRankScale function| fnValidateSignIn function| fnValidateSignInOptional1 function| fnMaxMinDecimalValidation function| fnRoundAboveFloatToInteger function| fnRoundDownFloatToInteger function| fnConvertStringToFloat function| _isInteger function| isDecimal function| _isIntegerDash function| stripZeros function| trimAndStripQuotes function| fnShowError function| getnDaysInMonth function| doTheDays function| displayDays function| fnCancelBubble function| fnRaiseResponseCounter360 function| fnValidatedResponses360 function| fnMaxMinIntegerValidationConstantSum function| fnHighlightItem function| fnDeHighlightItem function| fnHideMessageBar function| fnDisplayErrorFormattingQuestion function| emailCheck function| fnRaiseFieldError function| allowOnlyIntegers function| LTrim function| RTrim function| Trim function| LTrimAll function| RTrimAll function| TrimAll function| isNull function| isBlank function| isInteger function| isNumeric function| isArray function| isDigit function| setNullIfBlank function| setFieldsToUpperCase function| disallowBlank function| disallowModify function| commifyArray function| getSingleInputValue function| getSingleInputText function| setSingleInputValue function| getInputValue function| getInputText function| getInputDefaultValue function| isChanged function| setInputValue function| isFormModified function| fnLimitLength function| fnLimitLengthWCount function| fnCheckMinLen function| fnRegExCheck function| $ function| jQuery object| html5 object| Modernizr function| yepnope function| Spinner object| Ladda object| IBAN function| fnRedirectToStartByRemovingCookies object| cmModals object| cmPopovers

1 Cookies

Domain/Path Name / Value
research.indiville.be/ Name: rfr-291454
Value: https://llink.to/

1 Console Messages

Source Level URL
Text
network error URL: https://d3ttam7wzq4yc2.cloudfront.net/lib/14848/files/36.png
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.salesflare.com
cdn.jsdelivr.net
d3ttam7wzq4yc2.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
llink.to
research.indiville.be
storage.googleapis.com
track.salesflare.com
108.138.24.151
185.199.111.153
2600:1901:0:e8fb::
2600:9000:2251:b400:e:5506:1e40:93a1
2606:4700:3108::ac42:2b96
2a00:1450:4001:800::2003
2a00:1450:4001:803::200a
2a00:1450:4001:806::2010
2a04:4e42::485
0ba6c1f976443df2baca2263f0d2145543d9622285091ba07efd10506845a895
0e7359d9c0c04ce8bf0441717e9204fd8d5ef9850b5c4df0767a35eabc254f8e
144aef276b0d053c263fd40ca897a05634d78cdbd27b2c223800571fa730b2b1
231f86aa039ca37c21b7e4b6bb7143a35072188a95f47b2c9a254aca5db8f538
3d5b058f40de73e5c230de95043f17cf5c0f3e0b627f196193538d34b9514286
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
491d5a817bc9f1b4cb4561aa67f138993a71ff9ae6321194bc79106306c1ec0c
51c0bd2ee939404f05429d17157a3b2514d3858a6db2c04a842750696744e7ab
5b5b115ddafa427a456449eea1522cd77680fe83e852de9ff8074c7c4ecff903
921c1d956fb29a553a69185344a6d58aa553143e22400146222c9851d633a4b2
94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628
be78f01895edc773a13548123092abe460b3d9c5eac8def3121c0bb37426ea2f
cef628c25de0e74a1b9644b9b536388bf5770d15fdc6657adeb0bc14e7443cba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea3d1cb65148e770914a353ffe71569d52dfbc70d484e9556cf46a172197531c
fa10ba992d1aac0ae4f2c616897d15e91fb507dbf95f38f255b2d29c67b26b47