tomtom.mopinion.com Open in urlscan Pro
52.51.229.179 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.email.tomtom.com/?qs=9ae06a496b127b3484a9edee47aba43622cf53cbcf490c7272c06b1633af7dae005183f6b1201b53976bb3f26c78...
Effective URL:
https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369
Submission: On December 24 via api (December 24th 2019, 4:06:33 pm UTC) from BE

Summary HTTP 18 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 18 HTTP transactions. The main IP is 52.51.229.179, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is tomtom.mopinion.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on August 4th 2019. Valid for: a year.

This is the only time tomtom.mopinion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.45.167 13.111.45.167	22606 (EXACT-7) (EXACT-7 - ExactTarget)
1 14	52.51.229.179 52.51.229.179	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	54.231.134.107 54.231.134.107	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
18	5

1 13.111.45.167 (United States) 1 redirects

ASN22606 (EXACT-7 - ExactTarget, Inc., US)
PTR: click.email.tomtom.com

click.email.tomtom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.51.229.179 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-51-229-179.eu-west-1.compute.amazonaws.com

tomtom.mopinion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.231.134.107 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	mopinion.com 1 redirects tomtom.mopinion.com	170 KB
2	gstatic.com fonts.gstatic.com	24 KB
2	amazonaws.com s3-eu-west-1.amazonaws.com	322 KB
1	googleapis.com fonts.googleapis.com	803 B
1	tomtom.com 1 redirects click.email.tomtom.com	380 B
18	5

	Domain	Requested by
14	tomtom.mopinion.com	1 redirects tomtom.mopinion.com
2	fonts.gstatic.com	tomtom.mopinion.com
2	s3-eu-west-1.amazonaws.com	tomtom.mopinion.com
1	fonts.googleapis.com	tomtom.mopinion.com
1	click.email.tomtom.com	1 redirects
18	5

This site contains links to these domains. Also see Links.

Domain
mopinion.com

Subject Issuer	Validity	Valid
*.mopinion.com RapidSSL TLS RSA CA G1	`2019-08-04` - `2020-09-02`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-10`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369
Frame ID: BA626F019249F8FBF50045C777BBE82D
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://click.email.tomtom.com/?qs=9ae06a496b127b3484a9edee47aba43622cf53cbcf490c7272c06b1633af7dae005183f6... HTTP 302
https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369?thumbs=ne... HTTP 302
https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

18
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

514 kB
Transfer

806 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://mopinion.com/?track=FormReferral
Title: Powered by opinion

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.email.tomtom.com/?qs=9ae06a496b127b3484a9edee47aba43622cf53cbcf490c7272c06b1633af7dae005183f6b1201b53976bb3f26c78d01ce0f6bcf3a36f9609f7a8b6ac08805899 HTTP 302
https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369?thumbs=negative&language=nl&region=nl&utm_source=oneoff&utm_medium=email&utm_campaign=co_dr_gift_season_201912 HTTP 302
https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 24e21a652137cc64d392a22700971d8d4a1b4369 Show response
tomtom.mopinion.com/survey/public/take-survey/
Redirect Chain

https://click.email.tomtom.com/?qs=9ae06a496b127b3484a9edee47aba43622cf53cbcf490c7272c06b1633af7dae005183f6b1201b53976bb3f26c78d01ce0f6bcf3a36f9609f7a8b6ac08805899
https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369?thumbs=negative&language=nl&region=nl&utm_source=oneoff&utm_medium=email&utm_campaign=co_dr_gift_seaso...
https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369

10 KB
7 KB

78ms
78ms

Document
text/html

52.51.229.179
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.229.179 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-51-229-179.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

29c37ed574c3f15da654f69c36ea6bdb72cad7ab8d633e2031fa018477be4773

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src *
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src *
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tomtom.mopinion.com
:scheme: https
:path: /survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
cookie: 24e21a652137cc64d392a22700971d8d4a1b4369=%3Fthumbs%3Dnegative%26language%3Dnl%26region%3Dnl%26utm_source%3Doneoff%26utm_medium%3Demail%26utm_campaign%3Dco_dr_gift_season_201912; AWSALB=wdzujPI6x02/B6Dj3Ca0Djq1ihUwinThmjRQSCa7EPF7/0QUMAy91Po/Lcs2E87MuImU7vHf8ySXEer3l7sNgrpFtWlw1B6E7CYCsB0raSVzlN5v8LQZoqjpZ/jO
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
date: Tue, 24 Dec 2019 16:06:13 GMT
content-type: text/html; charset=utf-8
content-length: 4765
set-cookie: AWSALB=GmISpsIt0bC8tBroDBytyj8k0EUXQisbWVJQ2e+nmjhsg+XQwtQvxIuOkmlRlK5yykdiYDLU1RS5pRm9Nj6E8BB0M8GBtjRX3/sbHUIZ9yLMzTMT3PQeazqR/UPo; Expires=Tue, 31 Dec 2019 16:06:13 GMT; Path=/ PHPSESSID=dlm3coml7t0rfojo8ssqsvmgril5hi20; expires=Wed, 25-Dec-2019 16:06:13 GMT; Max-Age=86400; path=/; secure; HttpOnly PHPSESSID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; httponly PHPSESSID=dod0lqjq5puq4q1shumiqe5kfiut9db2; expires=Wed, 25-Dec-2019 16:06:13 GMT; Max-Age=86400; path=/; secure; HttpOnly PHPSESSID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; httponly
server: nginx
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src *
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src *
x-permitted-cross-domain-policies: none
referrer-policy: same-origin
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *

Redirect headers

status: 302
date: Tue, 24 Dec 2019 16:06:13 GMT
content-type: text/html; charset=utf-8
content-length: 0
set-cookie: AWSALB=wdzujPI6x02/B6Dj3Ca0Djq1ihUwinThmjRQSCa7EPF7/0QUMAy91Po/Lcs2E87MuImU7vHf8ySXEer3l7sNgrpFtWlw1B6E7CYCsB0raSVzlN5v8LQZoqjpZ/jO; Expires=Tue, 31 Dec 2019 16:06:13 GMT; Path=/ PHPSESSID=51km42idbmf87efrlj20odk0ithfs07v; expires=Wed, 25-Dec-2019 16:06:13 GMT; Max-Age=86400; path=/; secure; HttpOnly PHPSESSID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; httponly PHPSESSID=trik0dbgan2afv7101stkqp64o0c5k0g; expires=Wed, 25-Dec-2019 16:06:13 GMT; Max-Age=86400; path=/; secure; HttpOnly PHPSESSID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; httponly 24e21a652137cc64d392a22700971d8d4a1b4369=%3Fthumbs%3Dnegative%26language%3Dnl%26region%3Dnl%26utm_source%3Doneoff%26utm_medium%3Demail%26utm_campaign%3Dco_dr_gift_season_201912; Expires=Tue, 24-Dec-2019 18:06:13 GMT
server: nginx
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
location: /survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src *
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src *
x-permitted-cross-domain-policies: none
referrer-policy: same-origin
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *

GET
H2 200 take_survey.css
tomtom.mopinion.com/assets/css/ 9 KB
4 KB 33ms
32ms Stylesheet
text/css 52.51.229.179
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://tomtom.mopinion.com/assets/css/take_survey.css?v=1.5

Requested by

Host: tomtom.mopinion.com
URL: https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.229.179 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-51-229-179.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c8ba44a9a769834299c02d2587fc89b22f0b07aed41fe4511490817abf57a971

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Dec 2019 16:06:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000
content-length: 1616
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 09 Dec 2019 13:43:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "2253-599459326b834-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Tue, 31 Dec 2019 16:06:13 GMT
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
accept-ranges: bytes
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com

GET
H2 200 survey.min.js Show response
tomtom.mopinion.com/assets/surveys/1.3/js/ 107 KB
30 KB 42ms
42ms Script
application/javascript 52.51.229.179
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://tomtom.mopinion.com/assets/surveys/1.3/js/survey.min.js

Requested by

Host: tomtom.mopinion.com
URL: https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.229.179 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-51-229-179.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9a16dd89b5460d01a0eb47bcf78e09dc1896be8dd9615a8f3b07b811aabfc7bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Dec 2019 16:06:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000
content-length: 28367
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 09 Dec 2019 11:02:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1ade9-5994353594307-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Tue, 31 Dec 2019 16:06:13 GMT
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
accept-ranges: bytes
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9958cfbf984e958c9c0989a798927f6a29ff6a2bc0326183a8317118a77d951a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jquery-2.2.4.min.js Show response
tomtom.mopinion.com/assets/js/ 84 KB
32 KB 37ms
36ms Script
application/javascript 52.51.229.179
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://tomtom.mopinion.com/assets/js/jquery-2.2.4.min.js

Requested by

Host: tomtom.mopinion.com
URL: https://tomtom.mopinion.com/assets/surveys/1.3/js/survey.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.229.179 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-51-229-179.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Dec 2019 16:06:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000
content-length: 29820
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 04 Dec 2018 15:28:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "14e49-57c33ea526d00-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Tue, 31 Dec 2019 16:06:13 GMT
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
accept-ranges: bytes
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com

GET
H2 200 stream Show response
tomtom.mopinion.com/survey/public/ 8 KB
5 KB 73ms
73ms Script
application/javascript 52.51.229.179
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://tomtom.mopinion.com/survey/public/stream?key=24e21a652137cc64d392a22700971d8d4a1b4369&domain=tomtom.mopinion.com&modal=false&version=1.3

Requested by

Host: tomtom.mopinion.com
URL: https://tomtom.mopinion.com/assets/surveys/1.3/js/survey.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.229.179 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-51-229-179.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c3ab46f4ac74a0390ac2f88285c7838d3f46d3a1f8d8218fde2c17d275d9342e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Dec 2019 16:06:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000
content-length: 2425
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: nginx
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com

GET
H2 200 email_lang.js Show response
tomtom.mopinion.com/customerscript/tomtom/email/ 2 KB
3 KB 32ms
31ms Script
application/javascript 52.51.229.179
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://tomtom.mopinion.com/customerscript/tomtom/email/email_lang.js?v=1.2

Requested by

Host: tomtom.mopinion.com
URL: https://tomtom.mopinion.com/assets/surveys/1.3/js/survey.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.229.179 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-51-229-179.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

ff7a93e8200b4a8d25ce355433c1469cbd87f2e26786aad8735dbc0de486e242

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Dec 2019 16:06:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000
content-length: 965
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 17 Dec 2019 10:53:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "955-599e421e7e997-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Tue, 31 Dec 2019 16:06:14 GMT
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
accept-ranges: bytes
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com

GET
H2 200 css
fonts.googleapis.com/ 6 KB
803 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat|Roboto|Open+Sans

Requested by

Host: tomtom.mopinion.com
URL: https://tomtom.mopinion.com/assets/surveys/1.3/js/survey.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

dcc94fa0f0d192840abb55cd15a0b4078a186dc002b6b3383128028597dde5d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 24 Dec 2019 16:06:14 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 24 Dec 2019 16:06:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 24 Dec 2019 16:06:14 GMT

GET
H2 200 survey-base.css
tomtom.mopinion.com/assets/css/surveys/ 206 KB
67 KB 33ms
33ms Stylesheet
text/css 52.51.229.179
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://tomtom.mopinion.com/assets/css/surveys/survey-base.css?v=3

Requested by

Host: tomtom.mopinion.com
URL: https://tomtom.mopinion.com/assets/surveys/1.3/js/survey.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.229.179 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-51-229-179.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6776eaecf3894cfe36b03417da9ff1d917b247553b9eb68dc96041b336e88304

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Dec 2019 16:06:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 05 Mar 2019 13:40:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "3389b-58359030aef74-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Tue, 31 Dec 2019 16:06:14 GMT
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
accept-ranges: bytes
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com

GET
H2 200 survey-default.css
tomtom.mopinion.com/assets/css/surveys/themes/ 13 KB
4 KB 32ms
32ms Stylesheet
text/css 52.51.229.179
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://tomtom.mopinion.com/assets/css/surveys/themes/survey-default.css

Requested by

Host: tomtom.mopinion.com
URL: https://tomtom.mopinion.com/assets/surveys/1.3/js/survey.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.229.179 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-51-229-179.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

87bec4ec79af2e9a7c1a1d1647ca9cf071798e7b8195b54591d2ccd858f0d304

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Dec 2019 16:06:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000
content-length: 1764
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 26 Sep 2019 09:54:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "3282-59371c2efc5f9-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Tue, 31 Dec 2019 16:06:14 GMT
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
accept-ranges: bytes
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com

GET
H2 200 24e21a652137cc64d392a22700971d8d4a1b4369
tomtom.mopinion.com/survey/public/custom-css/ 10 KB
4 KB 78ms
78ms Stylesheet
text/css 52.51.229.179
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://tomtom.mopinion.com/survey/public/custom-css/24e21a652137cc64d392a22700971d8d4a1b4369?version=1.3

Requested by

Host: tomtom.mopinion.com
URL: https://tomtom.mopinion.com/assets/surveys/1.3/js/survey.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.229.179 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-51-229-179.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

8297c42c9c13d12d3f63fc3e0b958c1c12c335029ddb461bfb9c690c2d5a1b7e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Dec 2019 16:06:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000
content-length: 1160
x-xss-protection: 1; mode=block
pragma: cache
referrer-policy: same-origin
expires: Tue, 31 Dec 2019 16:06:14 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
charset: UTF-8
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com

GET
H/1.1 200
OK _upload_cNSMvUJXwckS.png
s3-eu-west-1.amazonaws.com/efm/logo/ 3 KB
3 KB 131ms
38ms Image
image/png 54.231.134.107
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/efm/logo/_upload_cNSMvUJXwckS.png
Requested by: Host: tomtom.mopinion.com
URL: https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.134.107 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a3409639bbb49d44378d83fd9a86c4688f2b7df77feb3e8f5d4eb73faba6b0b5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 24 Dec 2019 16:06:15 GMT
Last-Modified: Wed, 24 Jan 2018 11:57:14 GMT
Server: AmazonS3
x-amz-request-id: 881C011FE9931B36
ETag: "a22284afcda3a1e002179a4a00cba531"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3143
x-amz-id-2: SGIr1CbCU/dgPen33SIwcYAbIdVGDbIWiX2qZvdofNH5wZQUbHHdMDTuodHdUrPIkXlabWfQ/Vk=

GET
H/1.1 200
OK _upload_tdLmxo8BZwzt.jpg
s3-eu-west-1.amazonaws.com/efm/multimedia/ 318 KB
318 KB 149ms
56ms Image
image/jpeg 54.231.134.107
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/efm/multimedia/_upload_tdLmxo8BZwzt.jpg
Requested by: Host: tomtom.mopinion.com
URL: https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.134.107 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a511cee8ba703fb4cae169dadc27ec8ce394726fe188e17c0e85d66fd3464e33

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 24 Dec 2019 16:06:15 GMT
Last-Modified: Thu, 11 Jul 2019 13:45:14 GMT
Server: AmazonS3
x-amz-request-id: 692BCEE65A461029
ETag: "dee0031c361a211b5b620463c13cf8fb"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 325602
x-amz-id-2: k0xfF9LF1vBh/4f6FAY7D+5mqG9Sry6Y0ra3pb0YA8WBkOS6lUl4cjBF7QxFahJ/Bau8/Rdxfmw=

GET
H2 200 nl.json Show response
tomtom.mopinion.com/customerscript/tomtom/email/language/ 235 B
3 KB 31ms
31ms XHR
application/json 52.51.229.179
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://tomtom.mopinion.com/customerscript/tomtom/email/language/nl.json

Requested by

Host: tomtom.mopinion.com
URL: https://tomtom.mopinion.com/assets/js/jquery-2.2.4.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.229.179 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-51-229-179.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4eb8de6d6ba5d17e8457f671c4cb4385416e9362e54c13163740f2506fb51ff3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Dec 2019 16:06:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
x-permitted-cross-domain-policies: none
status: 200
vary: Accept-Encoding
content-length: 154
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 04 Dec 2018 15:28:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "eb-57c33ea70f180-gzip"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
accept-ranges: bytes
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires: Wed, 25 Dec 2019 16:06:14 GMT

GET
H2 200 thumbs_up_unselected.svg
tomtom.mopinion.com/survey/tomtom/img/ 897 B
3 KB 33ms
33ms Image
image/svg+xml 52.51.229.179
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tomtom.mopinion.com/survey/tomtom/img/thumbs_up_unselected.svg

Requested by

Host: tomtom.mopinion.com
URL: https://tomtom.mopinion.com/assets/surveys/1.3/js/survey.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.229.179 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-51-229-179.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b87782ace2c8ff793a580e0d3d9fbe99f5444df4cde8c9016ddef322f1fc6ad0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tomtom.mopinion.com/survey/public/custom-css/24e21a652137cc64d392a22700971d8d4a1b4369?version=1.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Dec 2019 16:06:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000
content-length: 554
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 12 Jul 2019 06:56:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "381-58d766a314c9c-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
expires: Wed, 25 Dec 2019 16:06:14 GMT
cache-control: max-age=86400
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
accept-ranges: bytes
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com

GET
H2 200 thumbs_down_selected.svg
tomtom.mopinion.com/survey/tomtom/img/ 849 B
3 KB 32ms
32ms Image
image/svg+xml 52.51.229.179
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tomtom.mopinion.com/survey/tomtom/img/thumbs_down_selected.svg

Requested by

Host: tomtom.mopinion.com
URL: https://tomtom.mopinion.com/assets/surveys/1.3/js/survey.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.229.179 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-51-229-179.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

82927dce6cf5d7f71dfdc925e20f0f5753548d43c3840f28836edbe5717c0bc9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tomtom.mopinion.com/survey/public/custom-css/24e21a652137cc64d392a22700971d8d4a1b4369?version=1.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Dec 2019 16:06:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
strict-transport-security: max-age=31536000
content-length: 519
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 12 Jul 2019 06:56:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "351-58d766a313cfc-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
expires: Wed, 25 Dec 2019 16:06:14 GMT
cache-control: max-age=86400
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com
accept-ranges: bytes
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: tomtom.mopinion.com
URL: https://tomtom.mopinion.com/assets/surveys/1.3/js/survey.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat|Roboto|Open+Sans
Origin: https://tomtom.mopinion.com

Response headers

date: Wed, 20 Nov 2019 05:05:44 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 2977230
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Thu, 19 Nov 2020 05:05:44 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: tomtom.mopinion.com
URL: https://tomtom.mopinion.com/assets/surveys/1.3/js/survey.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat|Roboto|Open+Sans
Origin: https://tomtom.mopinion.com

Response headers

date: Thu, 21 Nov 2019 23:33:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:48 GMT
server: sffe
age: 2824346
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13708
x-xss-protection: 0
expires: Fri, 20 Nov 2020 23:33:48 GMT

POST
H2 200 send Show response
tomtom.mopinion.com/survey/public/ 2 KB
3 KB 368ms
368ms XHR
application/json 52.51.229.179
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://tomtom.mopinion.com/survey/public/send

Requested by

Host: tomtom.mopinion.com
URL: https://tomtom.mopinion.com/assets/js/jquery-2.2.4.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.229.179 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-51-229-179.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a61db837cde6cc59ca25b2e0a4c0855da7177c5bea99a7f9f1e7e3270d8fa848

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://tomtom.mopinion.com/survey/public/take-survey/24e21a652137cc64d392a22700971d8d4a1b4369
Origin: https://tomtom.mopinion.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 24 Dec 2019 16:06:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com
x-permitted-cross-domain-policies: none
status: 200
vary: Accept-Encoding
content-length: 740
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: nginx
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com ssl.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src 'self' www.youtube.com player.vimeo.com
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			tomtom.mopinion.com/	1970-01-19 06:16:48	Name: AWSALB Value: Ps8aPzPrJlJn6iHo6bOifr45O6JFY75Hmo1b/ZlEz2rv9kSO6vfh9Ch3qD4iwoStYAtn6S4uJ/BPiJ4+G09TqjYqBM9SeRKMYzrsSFelWsrNJNLtrZGbqJLNT9Z5
			tomtom.mopinion.com/survey/public/take-survey	1970-01-19 06:06:50	Name: 24e21a652137cc64d392a22700971d8d4a1b4369 Value: %3Fthumbs%3Dnegative%26language%3Dnl%26region%3Dnl%26utm_source%3Doneoff%26utm_medium%3Demail%26utm_campaign%3Dco_dr_gift_season_201912

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src *
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net ssl.google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com ssl.google-analytics.com .apple.com .google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com ssl.google-analytics.com; frame-src *
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.email.tomtom.com
fonts.googleapis.com
fonts.gstatic.com
s3-eu-west-1.amazonaws.com
tomtom.mopinion.com
13.111.45.167
2a00:1450:4001:809::200a
2a00:1450:4001:814::2003
52.51.229.179
54.231.134.107
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
29c37ed574c3f15da654f69c36ea6bdb72cad7ab8d633e2031fa018477be4773
4eb8de6d6ba5d17e8457f671c4cb4385416e9362e54c13163740f2506fb51ff3
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6776eaecf3894cfe36b03417da9ff1d917b247553b9eb68dc96041b336e88304
82927dce6cf5d7f71dfdc925e20f0f5753548d43c3840f28836edbe5717c0bc9
8297c42c9c13d12d3f63fc3e0b958c1c12c335029ddb461bfb9c690c2d5a1b7e
87bec4ec79af2e9a7c1a1d1647ca9cf071798e7b8195b54591d2ccd858f0d304
9958cfbf984e958c9c0989a798927f6a29ff6a2bc0326183a8317118a77d951a
9a16dd89b5460d01a0eb47bcf78e09dc1896be8dd9615a8f3b07b811aabfc7bc
a3409639bbb49d44378d83fd9a86c4688f2b7df77feb3e8f5d4eb73faba6b0b5
a511cee8ba703fb4cae169dadc27ec8ce394726fe188e17c0e85d66fd3464e33
a61db837cde6cc59ca25b2e0a4c0855da7177c5bea99a7f9f1e7e3270d8fa848
b87782ace2c8ff793a580e0d3d9fbe99f5444df4cde8c9016ddef322f1fc6ad0
c3ab46f4ac74a0390ac2f88285c7838d3f46d3a1f8d8218fde2c17d275d9342e
c8ba44a9a769834299c02d2587fc89b22f0b07aed41fe4511490817abf57a971
dcc94fa0f0d192840abb55cd15a0b4078a186dc002b6b3383128028597dde5d3
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46
ff7a93e8200b4a8d25ce355433c1469cbd87f2e26786aad8735dbc0de486e242

tomtom.mopinion.com Open in urlscan Pro 52.51.229.179 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

514 kBTransfer

806 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

tomtom.mopinion.com Open in urlscan Pro
52.51.229.179 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

514 kB
Transfer

806 kB
Size

2
Cookies

18 HTTP transactions
1 data transactions