form.respondi.app Open in urlscan Pro
172.67.43.15  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request yhgbpo40 Show response form.respondi.app/	21 KB 5 KB	796ms 586ms	Document text/html	172.67.43.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://form.respondi.app/yhgbpo40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.43.15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11ff753a69596b5fb8326fcddb9372a056e8b373d2063bee47027978e447c3c9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store cf-cache-status MISS cf-ray 8d75a95d5db753ef-YYZ content-encoding br content-type text/html; charset=utf-8 date Wed, 23 Oct 2024 23:56:04 GMT nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1729727764&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=y%2FSLc008Og4WMAiTufBY%2B6xRXAP0WvixGictkikyaDQ%3D"}]} reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1729727764&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=y%2FSLc008Og4WMAiTufBY%2B6xRXAP0WvixGictkikyaDQ%3D server cloudflare vary Accept-Encoding via 1.1 vegur x-respondent-id c80b5fd2-b3ac-49f1-84d0-ca8953d97568
GET H2	200	5cd1851.js Show response form.respondi.app/_nuxt/	2 KB 1 KB	120ms 117ms	Script application/javascript	172.67.43.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://form.respondi.app/_nuxt/5cd1851.js Requested by Host: form.respondi.app URL: https://form.respondi.app/yhgbpo40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.43.15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d907607a5c4a4028c5aa2f5fdd9c46c4356fb411c36fb4ede069deb9215467b7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://form.respondi.app/yhgbpo40 Response headers reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1729612920&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=LOBrI03rHaoJ3mGMqTdjE4OSCekiRMfjJbKDIgEfnjA%3D cache-control public, max-age=31536000, no-store nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} content-encoding gzip cf-cache-status REVALIDATED etag W/"975-192b4e92be8" report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1729612920&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=LOBrI03rHaoJ3mGMqTdjE4OSCekiRMfjJbKDIgEfnjA%3D"}]} via 1.1 vegur cf-ray 8d75a96128ec53ef-YYZ alt-svc h3=":443"; ma=86400 date Wed, 23 Oct 2024 23:56:04 GMT content-type application/javascript; charset=UTF-8 last-modified Tue, 22 Oct 2024 15:47:13 GMT vary Accept-Encoding server cloudflare
GET H2	200	a0a3d81.js Show response form.respondi.app/_nuxt/	249 KB 86 KB	90ms 88ms	Script application/javascript	172.67.43.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://form.respondi.app/_nuxt/a0a3d81.js Requested by Host: form.respondi.app URL: https://form.respondi.app/yhgbpo40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.43.15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 67d62ac8c281bb6714213d08ad7066eb36e2efc787d212a02be308c17c6ab627 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://form.respondi.app/yhgbpo40 Response headers reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1729612920&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=LOBrI03rHaoJ3mGMqTdjE4OSCekiRMfjJbKDIgEfnjA%3D cache-control public, max-age=31536000, no-store nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} content-encoding gzip cf-cache-status REVALIDATED etag W/"3e4cd-192b4e92be8" report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1729612920&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=LOBrI03rHaoJ3mGMqTdjE4OSCekiRMfjJbKDIgEfnjA%3D"}]} via 1.1 vegur cf-ray 8d75a96128ee53ef-YYZ alt-svc h3=":443"; ma=86400 date Wed, 23 Oct 2024 23:56:04 GMT content-type application/javascript; charset=UTF-8 last-modified Tue, 22 Oct 2024 15:47:13 GMT vary Accept-Encoding server cloudflare
GET H2	200	8217cfb.js Show response form.respondi.app/_nuxt/	411 KB 130 KB	116ms 114ms	Script application/javascript	172.67.43.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://form.respondi.app/_nuxt/8217cfb.js Requested by Host: form.respondi.app URL: https://form.respondi.app/yhgbpo40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.43.15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2b7070ab7424960120e3ce5820193d5da9afe4909e73951c425ddab9ff32667 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://form.respondi.app/yhgbpo40 Response headers reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1729612920&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=LOBrI03rHaoJ3mGMqTdjE4OSCekiRMfjJbKDIgEfnjA%3D cache-control public, max-age=31536000, no-store nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} content-encoding gzip cf-cache-status REVALIDATED etag W/"66cc7-192b4e92be8" report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1729612920&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=LOBrI03rHaoJ3mGMqTdjE4OSCekiRMfjJbKDIgEfnjA%3D"}]} via 1.1 vegur cf-ray 8d75a96128ef53ef-YYZ alt-svc h3=":443"; ma=86400 date Wed, 23 Oct 2024 23:56:04 GMT content-type application/javascript; charset=UTF-8 last-modified Tue, 22 Oct 2024 15:47:13 GMT vary Accept-Encoding server cloudflare
GET H2	200	8dc87c8.js Show response form.respondi.app/_nuxt/	65 KB 19 KB	116ms 115ms	Script application/javascript	172.67.43.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://form.respondi.app/_nuxt/8dc87c8.js Requested by Host: form.respondi.app URL: https://form.respondi.app/yhgbpo40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.43.15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6700d8a5ac7fb2a668d5884e53116d52415e5858286cb0db2b07ab5bfa87936a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://form.respondi.app/yhgbpo40 Response headers reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1729612920&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=LOBrI03rHaoJ3mGMqTdjE4OSCekiRMfjJbKDIgEfnjA%3D cache-control public, max-age=31536000, no-store nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} content-encoding gzip cf-cache-status REVALIDATED etag W/"10210-192b4e92be8" report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1729612920&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=LOBrI03rHaoJ3mGMqTdjE4OSCekiRMfjJbKDIgEfnjA%3D"}]} via 1.1 vegur cf-ray 8d75a96128f053ef-YYZ alt-svc h3=":443"; ma=86400 date Wed, 23 Oct 2024 23:56:04 GMT content-type application/javascript; charset=UTF-8 last-modified Tue, 22 Oct 2024 15:47:13 GMT vary Accept-Encoding server cloudflare
GET H2	200	c144050.js Show response form.respondi.app/_nuxt/	290 KB 72 KB	119ms 117ms	Script application/javascript	172.67.43.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://form.respondi.app/_nuxt/c144050.js Requested by Host: form.respondi.app URL: https://form.respondi.app/yhgbpo40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.43.15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b8c12fcdca665d3d19e2d2f6cdb4f1656fc694b5f9c0dbd2a8e210fd6fc14acf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://form.respondi.app/yhgbpo40 Response headers reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1729612920&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=LOBrI03rHaoJ3mGMqTdjE4OSCekiRMfjJbKDIgEfnjA%3D cache-control public, max-age=31536000, no-store nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} content-encoding gzip cf-cache-status REVALIDATED etag W/"488a0-192b4e92be8" report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1729612920&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=LOBrI03rHaoJ3mGMqTdjE4OSCekiRMfjJbKDIgEfnjA%3D"}]} via 1.1 vegur cf-ray 8d75a96128f353ef-YYZ alt-svc h3=":443"; ma=86400 date Wed, 23 Oct 2024 23:56:04 GMT content-type application/javascript; charset=UTF-8 last-modified Tue, 22 Oct 2024 15:47:13 GMT vary Accept-Encoding server cloudflare
GET H2	200	a2f9490.js Show response form.respondi.app/_nuxt/	48 KB 16 KB	118ms 117ms	Script application/javascript	172.67.43.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://form.respondi.app/_nuxt/a2f9490.js Requested by Host: form.respondi.app URL: https://form.respondi.app/yhgbpo40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.43.15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a137fd0d4651a300c790020e55f7ee6f7f7338a92d0cb67388aba52d0dc0d32 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://form.respondi.app/yhgbpo40 Response headers reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1729612920&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=LOBrI03rHaoJ3mGMqTdjE4OSCekiRMfjJbKDIgEfnjA%3D cache-control public, max-age=31536000, no-store nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} content-encoding gzip cf-cache-status REVALIDATED etag W/"bfd5-192b4e92be8" report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1729612920&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=LOBrI03rHaoJ3mGMqTdjE4OSCekiRMfjJbKDIgEfnjA%3D"}]} via 1.1 vegur cf-ray 8d75a96128f453ef-YYZ alt-svc h3=":443"; ma=86400 date Wed, 23 Oct 2024 23:56:04 GMT content-type application/javascript; charset=UTF-8 last-modified Tue, 22 Oct 2024 15:47:13 GMT vary Accept-Encoding server cloudflare
GET H2	200	9e5a57e.js Show response form.respondi.app/_nuxt/	845 KB 251 KB	119ms 118ms	Script application/javascript	172.67.43.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://form.respondi.app/_nuxt/9e5a57e.js Requested by Host: form.respondi.app URL: https://form.respondi.app/yhgbpo40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.43.15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fbc283504d84f28fb2aad1db73a4969f3d34a74e1f2f3050a9656fcef5a08ea5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://form.respondi.app/yhgbpo40 Response headers reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1729612920&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=LOBrI03rHaoJ3mGMqTdjE4OSCekiRMfjJbKDIgEfnjA%3D cache-control public, max-age=31536000, no-store nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} content-encoding gzip cf-cache-status REVALIDATED etag W/"d34a6-192b4e92be8" report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1729612920&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=LOBrI03rHaoJ3mGMqTdjE4OSCekiRMfjJbKDIgEfnjA%3D"}]} via 1.1 vegur cf-ray 8d75a96128f753ef-YYZ alt-svc h3=":443"; ma=86400 date Wed, 23 Oct 2024 23:56:04 GMT content-type application/javascript; charset=UTF-8 last-modified Tue, 22 Oct 2024 15:47:13 GMT vary Accept-Encoding server cloudflare
GET H2	200	rocket-loader.min.js Show response form.respondi.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	28ms 28ms	Script application/javascript	172.67.43.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://form.respondi.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: form.respondi.app URL: https://form.respondi.app/yhgbpo40 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.43.15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://form.respondi.app/yhgbpo40 Response headers cache-control max-age=172800, public content-encoding gzip etag W/"6712b248-302c" x-content-type-options nosniff cf-ray 8d75a961693753ef-YYZ expires Fri, 25 Oct 2024 23:56:04 GMT date Wed, 23 Oct 2024 23:56:04 GMT content-type application/javascript last-modified Fri, 18 Oct 2024 19:08:56 GMT vary Accept-Encoding server cloudflare x-frame-options DENY
GET H2	200	gtm.js Show response www.googletagmanager.com/	300 KB 104 KB	167ms 62ms	Script application/javascript	209.85.232.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KMM7VSN Requested by Host: form.respondi.app URL: https://form.respondi.app/_nuxt/8dc87c8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 209.85.232.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS qt-in-f97.1e100.net Software Google Tag Manager / Resource Hash 6ed19056715439b9e36b45e42b5a3ac5d524bf2248a33a0f05e6b1cb1e404cc9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://form.respondi.app/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Wed, 23 Oct 2024 23:56:05 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 23 Oct 2024 23:56:05 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Wed, 23 Oct 2024 23:08:13 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 106116 x-xss-protection 0 server Google Tag Manager
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	228 KB 58 KB	130ms 84ms	Script application/x-javascript	157.240.229.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: form.respondi.app URL: https://form.respondi.app/_nuxt/8dc87c8.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-iad3.fbcdn.net Software / Resource Hash b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://form.respondi.app/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Wed, 23 Oct 2024 23:56:05 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4415, tp=9, tpl=0, uplat=0, ullat=-1 pragma public x-fb-debug HJoWf1YOuLOlIQ7W5X+VBe2/XL1+jpYMmqdzqwbR82IYxtBZeM+wpeU3KMSUBykAvkoYtxCqGG7Mv+Q71g02Cg== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 59508 x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	nLbUorkU4rbjRSVmYVkmDTVChzYG1lbvo6TuHZBl.jpg respondiassets.sfo3.digitaloceanspaces.com/userfiles/19448/	52 KB 52 KB	390ms 172ms	Image image/jpeg	138.68.34.161 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://respondiassets.sfo3.digitaloceanspaces.com/userfiles/19448/nLbUorkU4rbjRSVmYVkmDTVChzYG1lbvo6TuHZBl.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 138.68.34.161 , United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS sfo3.digitaloceanspaces.com Software / Resource Hash fe2b334a795006ab221e3d452867b845112994806721ace9dc9bd8f220553039 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://form.respondi.app/ Response headers strict-transport-security max-age=15552000; includeSubDomains; preload x-envoy-upstream-healthchecked-cluster etag "7a2c3e1654f0e7ca1cd3fcf5a5e61710" x-amz-request-id tx0000085de05684ef41cea-0067198d15-5c24d90a-sfo3a accept-ranges bytes content-length 52964 x-rgw-object-type Normal date Wed, 23 Oct 2024 23:56:05 GMT last-modified Fri, 21 Oct 2022 13:30:55 GMT content-type image/jpeg vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method
GET H3	200	normal.woff2 form.respondi.app/cf-fonts/s/lato/5.0.18/latin/400/	23 KB 23 KB	51ms 51ms	Font font/woff2	172.67.43.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://form.respondi.app/cf-fonts/s/lato/5.0.18/latin/400/normal.woff2 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.43.15 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://form.respondi.app Referer https://form.respondi.app/yhgbpo40 Response headers cache-control public, max-age=31536000, immutable cf-cache-status HIT cf-ray 8d75a9638c2cac63-YYZ alt-svc h3=":443"; ma=86400 content-length 23580 date Wed, 23 Oct 2024 23:56:05 GMT content-type font/woff2 vary Accept-Encoding server cloudflare
GET H2	200	js Show response www.googletagmanager.com/gtag/	313 KB 106 KB	62ms 61ms	Script application/javascript	209.85.232.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-K4SSW8GR9B&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMM7VSN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 209.85.232.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS qt-in-f97.1e100.net Software Google Tag Manager / Resource Hash 2704b3f482191b863247c0010d49118865334c44964e6ff44eee81fbc4e5e9b5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://form.respondi.app/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Wed, 23 Oct 2024 23:56:05 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 23 Oct 2024 23:56:05 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 108137 x-xss-protection 0 server Google Tag Manager
GET H2	200	sw_iframe.html www.googletagmanager.com/static/service_worker/4al0/ Frame 1B2E	0 0	146ms 50ms	Document text/html	209.85.232.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fform.respondi.app Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMM7VSN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 209.85.232.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS qt-in-f97.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 1476 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving content-type text/html cross-origin-opener-policy same-origin; report-to="analytics-container-tag-serving" cross-origin-resource-policy cross-origin date Wed, 23 Oct 2024 23:56:05 GMT expires Thu, 23 Oct 2025 23:56:05 GMT last-modified Mon, 21 Oct 2024 16:58:00 GMT report-to {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]} server sffe service-worker-allowed /static/service_worker vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	204	collect analytics.google.com/g/	0 0	236ms 51ms	Fetch text/plain	172.217.222.139 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-K4SSW8GR9B&gtm=45je4al0v872321687z8836227149za200zb836227149&_p=1729727764973&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685~101794737~101823847&cid=1693809831.1729727765&ecid=375701328&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1729727765&sct=1&seg=0&dl=https%3A%2F%2Fform.respondi.app%2Fyhgbpo40&dt=Limpamos%20seu%20CPF%2FCNPJ%20ou%20devolvemos%20seu%20dinheiro.&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1594 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-K4SSW8GR9B&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.222.139 , United States, ASN15169 (GOOGLE, US), Reverse DNS qi-in-f139.1e100.net Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://form.respondi.app/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://form.respondi.app cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 23 Oct 2024 23:56:05 GMT content-type text/plain server Golfe2
POST H2	204	collect stats.g.doubleclick.net/g/	0 546 B	237ms 52ms	Ping text/plain	209.85.144.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K4SSW8GR9B&cid=1693809831.1729727765&gtm=45je4al0v872321687z8836227149za200zb836227149&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101686685~101794737~101823847 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-K4SSW8GR9B&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS qv-in-f157.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://form.respondi.app/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://form.respondi.app cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 23 Oct 2024 23:56:05 GMT content-type text/plain server Golfe2
GET H2	200	rul td.doubleclick.net/td/ga/ Frame 7EAF	0 0	200ms 57ms	Document text/html	173.194.66.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://td.doubleclick.net/td/ga/rul?tid=G-K4SSW8GR9B&gacid=1693809831.1729727765&gtm=45je4al0v872321687z8836227149za200zb836227149&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685~101794737~101823847&z=1988271580 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-K4SSW8GR9B&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.194.66.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS qo-in-f154.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://form.respondi.app/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 16 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 23 Oct 2024 23:56:05 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ga-audiences www.google.ca/ads/	42 B 63 B	634ms 490ms	Image image/gif	172.217.222.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K4SSW8GR9B&cid=1693809831.1729727765&gtm=45je4al0v872321687z8836227149za200zb836227149&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101686685~101794737~101823847&tag_exp=101686685~101794737~101823847&z=250388728 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.222.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS qi-in-f94.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://form.respondi.app/ Response headers cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Wed, 23 Oct 2024 23:56:06 GMT x-xss-protection 0 content-type image/gif server cafe
POST H2	200	httpapi Show response api2.amplitude.com/2/	94 B 218 B	112ms 111ms	Fetch application/json	54.184.22.55 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api2.amplitude.com/2/httpapi Requested by Host: form.respondi.app URL: https://form.respondi.app/_nuxt/8217cfb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.184.22.55 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-184-22-55.us-west-2.compute.amazonaws.com Software / Resource Hash fd0b7c1239b06c57cf7fa17259e52739d02716b63cad93604e4df93e19dfcd30 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://form.respondi.app/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept */* Content-Type application/json Response headers strict-transport-security max-age=15768000 access-control-allow-origin * content-length 94 date Wed, 23 Oct 2024 23:56:06 GMT content-type application/json
OPTIONS H2	200	httpapi api2.amplitude.com/2/ Frame	0 0	322ms 98ms	Preflight	54.184.22.55 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api2.amplitude.com/2/httpapi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.184.22.55 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-184-22-55.us-west-2.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://form.respondi.app Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET, POST access-control-allow-origin * access-control-max-age 86400 content-length 0 date Wed, 23 Oct 2024 23:56:06 GMT strict-transport-security max-age=15768000
POST H2	204	collect analytics.google.com/g/	0 0	52ms 51ms	Fetch text/plain	172.217.222.139 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-K4SSW8GR9B&gtm=45je4al0v872321687za200zb836227149&_p=1729727764973&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685~101794737~101823847&cid=1693809831.1729727765&ecid=375701328&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1729727765&sct=1&seg=0&dl=https%3A%2F%2Fform.respondi.app%2Fyhgbpo40&dt=Limpamos%20seu%20CPF%2FCNPJ%20ou%20devolvemos%20seu%20dinheiro.&en=scroll&epn.percent_scrolled=90&_et=47&tfd=6644 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-K4SSW8GR9B&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.222.139 , United States, ASN15169 (GOOGLE, US), Reverse DNS qi-in-f139.1e100.net Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://form.respondi.app/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://form.respondi.app cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 23 Oct 2024 23:56:10 GMT content-type text/plain server Golfe2

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| __cfQR object| __NUXT__ boolean| __cfRLUnblockHandlers object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| FontAwesomeConfig object| ___FONT_AWESOME___ function| _ object| DD_LOGS function| __mp_recorder object| dataLayer function| fbq function| _fbq object| $nuxt object| analyticsConnectorInstances object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.respondi.app/	1970-01-21 09:14:23	Name: mp_ed67cac2f4025f89e1bca5f007130192_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A192bbcf1a04489-08a0efa59b4e77-17462c6e-1d4c00-192bbcf1a04489%22%2C%22%24device_id%22%3A%20%22192bbcf1a04489-08a0efa59b4e77-17462c6e-1d4c00-192bbcf1a04489%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
			.respondi.app/	1970-01-21 09:14:23	Name: AMP_MKTG_d00395841a Value: JTdCJTdE
			.respondi.app/	1970-01-21 09:14:23	Name: AMP_d00395841a Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjJlYTU5NWI2MC00YjVjLTQ2ZjQtODgzYy03ODhlYzhkNTNjNmUlMjIlMkMlMjJ1c2VySWQlMjIlM0ElMjJ1c2VyX2NiNDE4ZU9ZMklhSEFvZm4lMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzI5NzI3NzY1MDEzJTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcyOTcyNzc2NTA4MiUyQyUyMmxhc3RFdmVudElkJTIyJTNBMCU3RA==
			.respondi.app/	1970-01-21 02:38:23	Name: _gcl_au Value: 1.1.667869095.1729727765
			.respondi.app/	1970-01-21 10:04:47	Name: _ga Value: GA1.1.1693809831.1729727765
			.respondi.app/	1970-01-21 10:04:47	Name: _ga_K4SSW8GR9B Value: GS1.1.1729727765.1.0.1729727765.60.0.375701328
			.doubleclick.net/	1970-01-21 00:28:48	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api2.amplitude.com
connect.facebook.net
form.respondi.app
respondiassets.sfo3.digitaloceanspaces.com
stats.g.doubleclick.net
td.doubleclick.net
www.google.ca
www.googletagmanager.com
138.68.34.161
157.240.229.1
172.217.222.139
172.217.222.94
172.67.43.15
173.194.66.154
209.85.144.157
209.85.232.97
54.184.22.55
11ff753a69596b5fb8326fcddb9372a056e8b373d2063bee47027978e447c3c9
1a137fd0d4651a300c790020e55f7ee6f7f7338a92d0cb67388aba52d0dc0d32
2704b3f482191b863247c0010d49118865334c44964e6ff44eee81fbc4e5e9b5
6700d8a5ac7fb2a668d5884e53116d52415e5858286cb0db2b07ab5bfa87936a
67d62ac8c281bb6714213d08ad7066eb36e2efc787d212a02be308c17c6ab627
6ed19056715439b9e36b45e42b5a3ac5d524bf2248a33a0f05e6b1cb1e404cc9
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a2b7070ab7424960120e3ce5820193d5da9afe4909e73951c425ddab9ff32667
b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9
b8c12fcdca665d3d19e2d2f6cdb4f1656fc694b5f9c0dbd2a8e210fd6fc14acf
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d907607a5c4a4028c5aa2f5fdd9c46c4356fb411c36fb4ede069deb9215467b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbc283504d84f28fb2aad1db73a4969f3d34a74e1f2f3050a9656fcef5a08ea5
fd0b7c1239b06c57cf7fa17259e52739d02716b63cad93604e4df93e19dfcd30
fe2b334a795006ab221e3d452867b845112994806721ace9dc9bd8f220553039