collect.mopinion.com Open in urlscan Pro
2a05:d018:f65:f801:cb82:f172:c204:13a3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://collect.mopinion.com/
Effective URL:
https://collect.mopinion.com/r/login
Submission Tags: falconsandbox
Submission: On July 05 via api (July 5th 2022, 1:50:26 pm UTC) from US — Scanned from DE

Summary HTTP 31 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 31 HTTP transactions. The main IP is 2a05:d018:f65:f801:cb82:f172:c204:13a3, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is collect.mopinion.com. The Cisco Umbrella rank of the primary domain is 41496.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on July 2nd 2022. Valid for: a year.

This is the only time collect.mopinion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 17	2a05:d018:f65... 2a05:d018:f65:f801:cb82:f172:c204:13a3	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4424	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
2	18.66.139.58 18.66.139.58	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:2ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	130.211.34.183 130.211.34.183	15169 (GOOGLE) (GOOGLE)
31	10

17 2a05:d018:f65:f801:cb82:f172:c204:13a3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

collect.mopinion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cacheorcheck.mopinion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4424 (United States)

ASN13335 (CLOUDFLARENET, US)

app.getbeamer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o541229.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.139.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-58.fra60.r.cloudfront.net

deploy.mopinion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:2ba (United States)

ASN13335 (CLOUDFLARENET, US)

backend.getbeamer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.34.183 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 183.34.211.130.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	mopinion.com 2 redirects collect.mopinion.com — Cisco Umbrella Rank: 41496 deploy.mopinion.com — Cisco Umbrella Rank: 22540 cacheorcheck.mopinion.com — Cisco Umbrella Rank: 37972	1 MB
4	getbeamer.com app.getbeamer.com — Cisco Umbrella Rank: 15154 backend.getbeamer.com — Cisco Umbrella Rank: 14579	25 KB
2	gstatic.com fonts.gstatic.com	169 KB
2	sentry.io o541229.ingest.sentry.io	339 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	2 KB
1	mixpanel.com api-js.mixpanel.com — Cisco Umbrella Rank: 2459	349 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	65 KB
31	8

	Domain	Requested by
16	collect.mopinion.com	2 redirects collect.mopinion.com deploy.mopinion.com
2	fonts.gstatic.com	fonts.googleapis.com
2	backend.getbeamer.com	collect.mopinion.com
2	deploy.mopinion.com	collect.mopinion.com
2	o541229.ingest.sentry.io	collect.mopinion.com
2	app.getbeamer.com	www.googletagmanager.com app.getbeamer.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	collect.mopinion.com
1	cacheorcheck.mopinion.com	collect.mopinion.com
1	api-js.mixpanel.com	collect.mopinion.com
1	www.googletagmanager.com	collect.mopinion.com
31	11

This site contains links to these domains. Also see Links.

Domain
mopinion.com

Subject Issuer	Validity	Valid
*.mopinion.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-07-02` - `2023-07-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
*.ingest.sentry.io R3	`2022-06-21` - `2022-09-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.mixpanel.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-28` - `2023-04-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://collect.mopinion.com/r/login
Frame ID: 55C8137EF88E733A5EB5649729127A82
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in | Mopinion

Page URL History Show full URLs

http://collect.mopinion.com/ HTTP 301
https://collect.mopinion.com/ HTTP 302
https://collect.mopinion.com/r/login Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

31
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

11
Subdomains

10
IPs

3
Countries

1486 kB
Transfer

4853 kB
Size

15
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://mopinion.com/form-referral-landing/?track=FormReferral
Title: Powered by

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://collect.mopinion.com/ HTTP 301
https://collect.mopinion.com/ HTTP 302
https://collect.mopinion.com/r/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
collect.mopinion.com/r/
Redirect Chain

http://collect.mopinion.com/
https://collect.mopinion.com/
https://collect.mopinion.com/r/login

4 KB
5 KB

62ms
62ms

Document
text/html

2a05:d018:f65:f801:cb82:f172:c204:13a3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collect.mopinion.com/r/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:f65:f801:cb82:f172:c204:13a3 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

abb80d6c4d0fa12b6d726d30502e956ecbcc608aa79fb1d7001e903c612c5ad0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
content-type: text/html; charset=UTF-8
date: Tue, 05 Jul 2022 13:50:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
referrer-policy: same-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
cache-control: no-store, no-cache, must-revalidate
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
content-type: text/html; charset=UTF-8
date: Tue, 05 Jul 2022 13:50:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /r/login
pragma: no-cache
referrer-policy: same-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 13 KB
867 B 42ms
18ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6a6ba2b8dd7be374a08324b4f8bea2b1f72c1d8e06767a8c213aa40967ed3f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 13:26:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Jul 2022 13:50:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Jul 2022 13:50:20 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
868 B 41ms
17ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5a4c217a4fdc86c00b2226d6f98c1c286a444e1d75d88c4676c0953b75120a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 13:50:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Jul 2022 13:50:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Jul 2022 13:50:20 GMT

GET
H2 200 3.d6ccb5c3.chunk.css
collect.mopinion.com/r/static/css/ 4 KB
5 KB 33ms
32ms Stylesheet
text/css 2a05:d018:f65:f801:cb82:f172:c204:13a3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collect.mopinion.com/r/static/css/3.d6ccb5c3.chunk.css

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:f65:f801:cb82:f172:c204:13a3 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e58a7965030e149d0d88701c5e94d3d22061e7ec5a7b450364f80ce6c8c3a1b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://collect.mopinion.com/r/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
x-permitted-cross-domain-policies: none
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 01 Feb 2022 13:11:27 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"61f9317f-fc1"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires: Tue, 12 Jul 2022 13:50:20 GMT

GET
H2 200 main.a2b7b0b6.chunk.css
collect.mopinion.com/r/static/css/ 99 B
4 KB 34ms
33ms Stylesheet
text/css 2a05:d018:f65:f801:cb82:f172:c204:13a3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collect.mopinion.com/r/static/css/main.a2b7b0b6.chunk.css

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:f65:f801:cb82:f172:c204:13a3 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7307da68867bb50a0d8965b927d41015044cca394343c5350a932e4ba2b1080b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://collect.mopinion.com/r/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
x-permitted-cross-domain-policies: none
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 17 Jun 2020 09:03:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ee9dc5e-63"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires: Tue, 12 Jul 2022 13:50:20 GMT

GET
H2 200 runtime-main.91eb0d51.js Show response
collect.mopinion.com/r/static/js/ 2 KB
5 KB 135ms
134ms Script
application/javascript 2a05:d018:f65:f801:cb82:f172:c204:13a3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collect.mopinion.com/r/static/js/runtime-main.91eb0d51.js

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:f65:f801:cb82:f172:c204:13a3 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

81b0303ad26b5c9afccc9eee88427894b852f0a5f68811c9db8ba36651894a35

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://collect.mopinion.com/r/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
x-permitted-cross-domain-policies: none
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 23 Jun 2022 11:51:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62b453a7-9ae"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires: Tue, 12 Jul 2022 13:50:20 GMT

GET
H2 200 3.cae251bf.chunk.js Show response
collect.mopinion.com/r/static/js/ 2 MB
613 KB 136ms
135ms Script
application/javascript 2a05:d018:f65:f801:cb82:f172:c204:13a3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collect.mopinion.com/r/static/js/3.cae251bf.chunk.js

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:f65:f801:cb82:f172:c204:13a3 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c4912f1f6b288cb6f78393bc201f8ac389ef7308f45716d5bbceb810fe1b66aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://collect.mopinion.com/r/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
x-permitted-cross-domain-policies: none
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 23 Jun 2022 11:51:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62b453a7-213aef"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires: Tue, 12 Jul 2022 13:50:20 GMT

GET
H2 200 main.3548d625.chunk.js Show response
collect.mopinion.com/r/static/js/ 2 MB
424 KB 308ms
307ms Script
application/javascript 2a05:d018:f65:f801:cb82:f172:c204:13a3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collect.mopinion.com/r/static/js/main.3548d625.chunk.js

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:f65:f801:cb82:f172:c204:13a3 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

156d952d74785bfef08b4981dd1d1506d60f32ed419ed219d2de80633d00a040

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://collect.mopinion.com/r/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
x-permitted-cross-domain-policies: none
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 23 Jun 2022 11:51:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62b453a7-1abfe6"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires: Tue, 12 Jul 2022 13:50:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 183 KB
65 KB 62ms
28ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-57MP4DT

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

33e0d29383b1043d024cda93f68fbf2c0149f8df4c67f022fc0e0b057cb95429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:50:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65781
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Jul 2022 13:50:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 53ms
9ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57MP4DT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2732
date: Tue, 05 Jul 2022 13:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 05 Jul 2022 15:04:49 GMT

GET
H2 200 beamer-embed.js Show response
app.getbeamer.com/js/ 83 KB
20 KB 46ms
21ms Script
application/javascript 2606:4700:20::ac43:4424
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.getbeamer.com/js/beamer-embed.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57MP4DT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4424 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d386fbf51174dbb237c49ac1c8024360b20fe70e7b27e98c5a758598541c58a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:50:21 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8648
cf-polished: origSize=85503
last-modified: Mon, 04 Jul 2022 22:56:37 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPqUCnkEfS8EZlg%2BdcC4eDzAQp5zd5i%2B97SICCABgZuzhgVWX7ssln%2Fdz2oh8uFvjra%2FMOg2r%2B2GmBmO1cSpLcSg4Sx6RFPaVXVuw10ZETB0yVbv%2BJ%2F2ek1W3EcnLAuk2MJICne3bJ3nl0TJymAB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=14400
cf-ray: 726091b5893bbbf7-FRA
expires: Tue, 05 Jul 2022 17:50:21 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
209 B 24ms
22ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1495846934&t=pageview&_s=1&dl=https%3A%2F%2Fcollect.mopinion.com%2Fr%2Flogin&ul=en-us&de=UTF-8&dt=Mopinion%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=535801473&gjid=1095885839&cid=1512736881.1657029021&tid=UA-7506974-30&_gid=140692534.1657029021&_r=1&gtm=2wg6t057MP4DT&z=1734126345

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 13:50:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://collect.mopinion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
o541229.ingest.sentry.io/api/5659897/envelope/ 2 B
280 B 67ms
23ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o541229.ingest.sentry.io/api/5659897/envelope/?sentry_key=6dd59ce8ff584439acb4c7ead85c9dc2&sentry_version=7

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/static/js/3.cae251bf.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://collect.mopinion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 05 Jul 2022 13:50:21 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://collect.mopinion.com
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 translation Show response
collect.mopinion.com/application/ajax/ 22 KB
10 KB 66ms
65ms Fetch
application/json 2a05:d018:f65:f801:cb82:f172:c204:13a3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collect.mopinion.com/application/ajax/translation?language=en&namespace=translation

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/static/js/3.cae251bf.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:f65:f801:cb82:f172:c204:13a3 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f216769a94e0dbabf27d383fe8085327d35ed87afe7f271e7cd9ab3907f366a7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://collect.mopinion.com/r/login
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
X-Requested-By-React: true

Response headers

date: Tue, 05 Jul 2022 13:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
x-permitted-cross-domain-policies: none
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 logo-text.svg
collect.mopinion.com/assets/img/logo/ 3 KB
5 KB 39ms
39ms Image
image/svg+xml 2a05:d018:f65:f801:cb82:f172:c204:13a3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://collect.mopinion.com/assets/img/logo/logo-text.svg

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:f65:f801:cb82:f172:c204:13a3 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

458efef566463acd9d25ec3089be2c592d42eba2e31174a53eb1c4683a384c16

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://collect.mopinion.com/r/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
x-permitted-cross-domain-policies: none
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 17 Jun 2020 09:03:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ee9dc5d-d70"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires: Tue, 12 Jul 2022 13:50:21 GMT

GET
H2 200 pastease.js Show response
deploy.mopinion.com/js/ 27 KB
10 KB 35ms
7ms Script
application/javascript 18.66.139.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://deploy.mopinion.com/js/pastease.js

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-58.fra60.r.cloudfront.net

Software

nginx / Pastea.se

Resource Hash

8540fd536274fc5e5e7da2ab75f2628eed2a9a6249ac7103e5750d418065057f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 01:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42721
x-powered-by: Pastea.se
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Thu, 21 Apr 2022 14:59:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"6ba6-1804ca2d730"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P4
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Origin
x-amz-cf-id: 7uZ8hgzMxILLqUIb6YlsiGv0oBy-LtdOG6KDrnfsFGHDoEM8Rntl1w==

GET
H2 200 t7qgs1h71siyh2tnh1gsrkar9wlqy4snyhu Show response
deploy.mopinion.com/config/ 4 KB
2 KB 25ms
11ms XHR
application/json 18.66.139.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://deploy.mopinion.com/config/t7qgs1h71siyh2tnh1gsrkar9wlqy4snyhu

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/static/js/3.cae251bf.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-58.fra60.r.cloudfront.net

Software

nginx / Pastea.se

Resource Hash

39d00d2d0d6ee26222e432c148c127e92572fd1353cfbb70c9714c07afde93d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1151
x-powered-by: Pastea.se
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P4
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Origin
x-amz-cf-id: 4cR7mjfC3J3XtPlKGwiB5uXcRUlfao9kNdtnKIvpdC8GJnUlnVR9ag==

GET
H2 200 6.b7dbd813.chunk.js Show response
collect.mopinion.com/r/static/js/ 28 KB
11 KB 33ms
33ms Script
application/javascript 2a05:d018:f65:f801:cb82:f172:c204:13a3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collect.mopinion.com/r/static/js/6.b7dbd813.chunk.js

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/static/js/runtime-main.91eb0d51.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:f65:f801:cb82:f172:c204:13a3 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d3896b998104a7f3d286767435bc5f10440355b590d08d51d3cf8b0a48db9b9a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://collect.mopinion.com/r/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
x-permitted-cross-domain-policies: none
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 23 Jun 2022 11:51:05 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62b453a9-6f9b"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires: Tue, 12 Jul 2022 13:50:21 GMT

GET
H2 200 logo-text.svg
collect.mopinion.com/assets/img/logo/ 3 KB
5 KB 34ms
34ms Image
image/svg+xml 2a05:d018:f65:f801:cb82:f172:c204:13a3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://collect.mopinion.com/assets/img/logo/logo-text.svg

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/static/js/3.cae251bf.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:f65:f801:cb82:f172:c204:13a3 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

458efef566463acd9d25ec3089be2c592d42eba2e31174a53eb1c4683a384c16

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://collect.mopinion.com/r/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
x-permitted-cross-domain-policies: none
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 17 Jun 2020 09:03:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ee9dc5d-d70"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires: Tue, 12 Jul 2022 13:50:21 GMT

POST
H2 200 get-login-data Show response
collect.mopinion.com/auth/ajax/ 1021 B
1 KB 54ms
54ms XHR
application/json 2a05:d018:f65:f801:cb82:f172:c204:13a3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.mopinion.com/auth/ajax/get-login-data
Requested by: Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/static/js/3.cae251bf.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:f65:f801:cb82:f172:c204:13a3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 875e29cf14f410fdfa2071c97f1aca2a52ef33b941d5a57238ae467d1a649592

Request headers

accept-language: de-DE,de;q=0.9
X-Requested-By-React: true
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary4hQkJZf0Rmowp0nm
Accept: application/json, text/plain, */*
Referer: https://collect.mopinion.com/r/login
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
sentry-trace: 61a84521cbe447e1b28c6a72db981e2d-b48bc55918312758-1

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 13:50:21 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://collect.mopinion.com
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 initialize Show response
backend.getbeamer.com/ 512 B
922 B 204ms
175ms XHR
application/json 2606:4700:20::681a:2ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://backend.getbeamer.com/initialize?product=SjtnQYHr30759&domain=collect.mopinion.com&language=EN

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/static/js/3.cae251bf.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a140c84df12a7a5c82fe08153a0cc9faa99e2f565506e916e88749412e033b3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:50:21 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 05 Jul 2022 13:50:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Du89Eade%2Fkk%2BMAL1eiW5UMItjiFIONM%2B5v2dD6HW86GhbVmSZxfK23itdBxeOdir1bStXE0WUXrsFUP%2Be8FUv4JoQ5Zxw1QLyX7FqtcV8yWssfKbS%2FLTSCK1EekSXZYca07nsCCp%2BybVATyRBukxcraSQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300, s-maxage=300
cf-ray: 726091b92880bb3d-FRA

GET
H2 200 survey.min.js Show response
collect.mopinion.com/assets/surveys/2.0/js/ 210 KB
63 KB 48ms
47ms Script
application/javascript 2a05:d018:f65:f801:cb82:f172:c204:13a3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collect.mopinion.com/assets/surveys/2.0/js/survey.min.js?d=30032020

Requested by

Host: deploy.mopinion.com
URL: https://deploy.mopinion.com/js/pastease.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:f65:f801:cb82:f172:c204:13a3 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

be3339b6890f47608b8bf27c298a6251421d441e972785bb3380735c5195dda6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://collect.mopinion.com/r/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
x-permitted-cross-domain-policies: none
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 08 Jun 2022 14:59:11 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62a0b93f-34719"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires: Tue, 12 Jul 2022 13:50:21 GMT

GET
H2 200 logo-text.svg
collect.mopinion.com/assets/img/logo/ 3 KB
5 KB 36ms
35ms Image
image/svg+xml 2a05:d018:f65:f801:cb82:f172:c204:13a3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://collect.mopinion.com/assets/img/logo/logo-text.svg

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/static/js/3.cae251bf.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:f65:f801:cb82:f172:c204:13a3 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

458efef566463acd9d25ec3089be2c592d42eba2e31174a53eb1c4683a384c16

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://collect.mopinion.com/r/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
x-permitted-cross-domain-policies: none
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 17 Jun 2020 09:03:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ee9dc5d-d70"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires: Tue, 12 Jul 2022 13:50:21 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://collect.mopinion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 92023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 12:16:38 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v134/ 125 KB
125 KB 25ms
9ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v134/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18d2477bb4ab72de48e44c52840b2e37a9a4f07f6bf9feefa9155ff0d4dcbce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://collect.mopinion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 01:23:17 GMT
x-content-type-options: nosniff
age: 476824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127960
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 21:29:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 01:23:17 GMT

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 1 B
349 B 52ms
30ms XHR
application/json 130.211.34.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?ip=1&_=1657029021731

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/static/js/3.cae251bf.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

130.211.34.183 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

183.34.211.130.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
date: Tue, 05 Jul 2022 13:50:21 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://collect.mopinion.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 14
alt-svc: clear
content-length: 1

GET
H2 200 google-icon.svg
collect.mopinion.com/assets/img/r/ 5 KB
5 KB 32ms
32ms Image
image/svg+xml 2a05:d018:f65:f801:cb82:f172:c204:13a3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://collect.mopinion.com/assets/img/r/google-icon.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:f65:f801:cb82:f172:c204:13a3 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0790cbe27ceb25501ca5a595d7745350e462e38ad0e8c7d53ca3fe37f0e43b0c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://collect.mopinion.com/r/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
x-permitted-cross-domain-policies: none
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 16 May 2022 00:24:19 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"628199b3-1229"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires: Tue, 12 Jul 2022 13:50:21 GMT

GET
H2 200 json-config Show response
cacheorcheck.mopinion.com/survey/public/ 185 KB
33 KB 443ms
49ms XHR
application/json 2a05:d018:f65:f801:cb82:f172:c204:13a3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cacheorcheck.mopinion.com/survey/public/json-config?key=7c3237253e6682d2b617fcd34f496697d7af2c56&domain=app.mopinion.com&withBase=true

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/static/js/3.cae251bf.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:f65:f801:cb82:f172:c204:13a3 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / Mopinion.com

Resource Hash

cbf3f8676bed9a701e348c7c9f5ec85b9f3582970d1f8fdee7c8e88dd3ae9601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Jul 2022 06:48:42 GMT
server: nginx
x-powered-by: Mopinion.com
x-frame-options: SAMEORIGIN
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-Api-Version, X-Request-Id, X-Response-Time
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
access-control-allow-headers: Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Expose-Headers,Cache-Control,Last-Modified,X-Frame-Options,Strict-Transport-Security,X-Content-Type-Options,X-XSS-Protection,Server,Origin,Accept,Accept-Version,Content-Length,Content-MD5,Content-Type,Date,X-Api-Version,X-Response-Time,X-PINGOTHER,X-CSRF-Token,Authorization
x-xss-protection: 1; mode=block

GET
H2 200 beamer-embed.css
app.getbeamer.com/styles/ 15 KB
3 KB 319ms
18ms Stylesheet
text/css 2606:4700:20::ac43:4424
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.getbeamer.com/styles/beamer-embed.css

Requested by

Host: app.getbeamer.com
URL: https://app.getbeamer.com/js/beamer-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4424 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bad098695b255e7aa421391056b8c605b1a8cd5727c4326ae79a9f3b24d035f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:50:22 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51871
cf-polished: origSize=15735
last-modified: Mon, 04 Jul 2022 22:56:52 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ttaQlEyDSw%2FsgCYLHkg%2Fypm6Y3CDTHZKWrNKP4STAwURBz%2FuuNl4rvzVGr7antM3C%2FcieoYWslg84qfj0StFORULSO3ZL0cwBrphmc%2FtgQK51Smeul19x6%2BITVkWKzw%2FGul%2FeDWdnyt3241LjkE"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 726091bc2fadbbf7-FRA
expires: Wed, 05 Jul 2023 13:50:22 GMT

GET
H2 200 numberFeatures Show response
backend.getbeamer.com/ 49 B
421 B 447ms
147ms XHR
application/json 2606:4700:20::681a:2ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://backend.getbeamer.com/numberFeatures?url=collect.mopinion.com&product=SjtnQYHr30759&v=1&language=EN&user_id=44b21c4c-18c9-4a42-b41e-26ae21cce5b7&c_b_logs=false

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/static/js/3.cae251bf.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

783d382ad1e5d0d148acac3d0b1897afa67170be3ca9c21fa33c0af0c785d6eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 13:50:22 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 05 Jul 2022 13:50:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUbEBWesEPM7D%2FFdGgMjOGDoCIGYvYMqhWCvw7TbB9Sz6ozei9HdDdzJFd4Tk7WgiFlcDr%2BO1rPUt0XG0o2EvL%2BLX3QfkXFbk1uRYs779hpqx%2BxmrSVpw%2BOqy%2FpaXTUJypVD5A25l%2BzQNJU5%2B14y%2Bq71QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800, s-maxage=1800
cf-ray: 726091bc2de1bb3d-FRA

POST
H3 200 / Show response
o541229.ingest.sentry.io/api/5659897/envelope/ 41 B
59 B 51ms
23ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o541229.ingest.sentry.io/api/5659897/envelope/?sentry_key=6dd59ce8ff584439acb4c7ead85c9dc2&sentry_version=7

Requested by

Host: collect.mopinion.com
URL: https://collect.mopinion.com/r/static/js/3.cae251bf.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

f10a4056c40fadaa79ac165e7e295f337b865a7f7458a584d70d95b8f725d3f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://collect.mopinion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 05 Jul 2022 13:50:22 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://collect.mopinion.com
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
collect.mopinion.com/	1970-01-20 04:18:35	Name: PHPSESSID Value: f0bfcd108d1e6d54292b2d35dbea3e5b
collect.mopinion.com/	1970-01-20 05:00:21	Name: SESS_ID Value: f0bfcd108d1e6d54292b2d35dbea3e5b
.mopinion.com/	1970-01-20 06:26:45	Name: _gcl_au Value: 1.1.394954316.1657029021
.mopinion.com/	1970-01-20 21:48:21	Name: _ga Value: GA1.2.1512736881.1657029021
.mopinion.com/	1970-01-20 04:18:35	Name: _gid Value: GA1.2.140692534.1657029021
.mopinion.com/	1970-01-20 04:17:09	Name: _gat_UA-7506974-30 Value: 1
collect.mopinion.com/	1970-01-20 05:00:21	Name: Pastease.passive.chance.rgegc7rcrc8nm49dyky12xl1qwvr8tec Value: chance86.9
collect.mopinion.com/	1970-01-20 05:00:21	Name: Pastease.passive.activated.rgegc7rcrc8nm49dyky12xl1qwvr8tec Value: 0
collect.mopinion.com/	1970-01-20 05:00:21	Name: Redirect Value: %2Fauth%2Fajax%2Fget-login-data
.mopinion.com/	1970-01-20 13:02:45	Name: mp_20abd00159bc4f7a4bb84f75b56f1985_mixpanel Value: %7B%22distinct_id%22%3A%20%22181cea0501ed31-014929c051b931-1332317a-1d4c00-181cea0501f7ae%22%2C%22%24device_id%22%3A%20%22181cea0501ed31-014929c051b931-1332317a-1d4c00-181cea0501f7ae%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
collect.mopinion.com/	1970-01-20 04:27:13	Name: AWSALB Value: x0ja9sdV3fNZhj+FzhbkVP8XfcjJzwKxWYOnsb0Yi4dKFv3OPkgW4EP6o5Z8P7hZ1wZFGeStVQBythpQn5JuHw8mHOCbhPZQr0tA65AMUMiOm+FO4VCei7l/7glU
collect.mopinion.com/	1970-01-20 04:27:13	Name: AWSALBCORS Value: x0ja9sdV3fNZhj+FzhbkVP8XfcjJzwKxWYOnsb0Yi4dKFv3OPkgW4EP6o5Z8P7hZ1wZFGeStVQBythpQn5JuHw8mHOCbhPZQr0tA65AMUMiOm+FO4VCei7l/7glU
.mopinion.com/	1970-01-20 11:29:09	Name: _BEAMER_USER_ID_SjtnQYHr30759 Value: 44b21c4c-18c9-4a42-b41e-26ae21cce5b7
.mopinion.com/	1970-01-20 11:29:09	Name: _BEAMER_FIRST_VISIT_SjtnQYHr30759 Value: 2022-07-05T13:50:21.803Z
.mopinion.com/	1970-01-20 04:17:10	Name: _BEAMER_FILTER_BY_URL_SjtnQYHr30759 Value: false

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' data: .mopinion.com .mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net .google-analytics.com .googletagmanager.com api.officedron.es js.stripe.com m.stripe.com .mopinion.com .mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com .smartlook.com .smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com .mopinion.nl .mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: .mopinion.com .mopinion.nl .amazonaws.com .google-analytics.com .apple.com .google.com .google.nl .google.de .google.fr .google.co.uk .google.se .google.com.au .google.ca .google.be .google.it .google.ie .google.is .google.dk .google.no .google.ch .google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com .doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es .mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com .google-analytics.com .doubleclick.net backend.getbeamer.com sentry.io .ingest.sentry.io heapanalytics.com .smartlook.com .smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.mixpanel.com
app.getbeamer.com
backend.getbeamer.com
cacheorcheck.mopinion.com
collect.mopinion.com
deploy.mopinion.com
fonts.googleapis.com
fonts.gstatic.com
o541229.ingest.sentry.io
www.google-analytics.com
www.googletagmanager.com
130.211.34.183
18.66.139.58
2001:4860:4802:34::178
2606:4700:20::681a:2ba
2606:4700:20::ac43:4424
2a00:1450:4001:800::2008
2a00:1450:4001:803::200a
2a00:1450:4001:831::2003
2a05:d018:f65:f801:cb82:f172:c204:13a3
34.120.195.249
0790cbe27ceb25501ca5a595d7745350e462e38ad0e8c7d53ca3fe37f0e43b0c
156d952d74785bfef08b4981dd1d1506d60f32ed419ed219d2de80633d00a040
18d2477bb4ab72de48e44c52840b2e37a9a4f07f6bf9feefa9155ff0d4dcbce6
1bad098695b255e7aa421391056b8c605b1a8cd5727c4326ae79a9f3b24d035f
33e0d29383b1043d024cda93f68fbf2c0149f8df4c67f022fc0e0b057cb95429
39d00d2d0d6ee26222e432c148c127e92572fd1353cfbb70c9714c07afde93d9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
458efef566463acd9d25ec3089be2c592d42eba2e31174a53eb1c4683a384c16
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7307da68867bb50a0d8965b927d41015044cca394343c5350a932e4ba2b1080b
783d382ad1e5d0d148acac3d0b1897afa67170be3ca9c21fa33c0af0c785d6eb
81b0303ad26b5c9afccc9eee88427894b852f0a5f68811c9db8ba36651894a35
8540fd536274fc5e5e7da2ab75f2628eed2a9a6249ac7103e5750d418065057f
875e29cf14f410fdfa2071c97f1aca2a52ef33b941d5a57238ae467d1a649592
a140c84df12a7a5c82fe08153a0cc9faa99e2f565506e916e88749412e033b3c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
abb80d6c4d0fa12b6d726d30502e956ecbcc608aa79fb1d7001e903c612c5ad0
be3339b6890f47608b8bf27c298a6251421d441e972785bb3380735c5195dda6
c4912f1f6b288cb6f78393bc201f8ac389ef7308f45716d5bbceb810fe1b66aa
cbf3f8676bed9a701e348c7c9f5ec85b9f3582970d1f8fdee7c8e88dd3ae9601
d386fbf51174dbb237c49ac1c8024360b20fe70e7b27e98c5a758598541c58a6
d3896b998104a7f3d286767435bc5f10440355b590d08d51d3cf8b0a48db9b9a
e58a7965030e149d0d88701c5e94d3d22061e7ec5a7b450364f80ce6c8c3a1b8
e5a4c217a4fdc86c00b2226d6f98c1c286a444e1d75d88c4676c0953b75120a3
e6a6ba2b8dd7be374a08324b4f8bea2b1f72c1d8e06767a8c213aa40967ed3f8
f10a4056c40fadaa79ac165e7e295f337b865a7f7458a584d70d95b8f725d3f0
f216769a94e0dbabf27d383fe8085327d35ed87afe7f271e7cd9ab3907f366a7

collect.mopinion.com Open in urlscan Pro 2a05:d018:f65:f801:cb82:f172:c204:13a3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

100 %HTTPS

70 %IPv6

8 Domains

11 Subdomains

10 IPs

3 Countries

1486 kBTransfer

4853 kBSize

15 Cookies

1 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

collect.mopinion.com Open in urlscan Pro
2a05:d018:f65:f801:cb82:f172:c204:13a3 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

11
Subdomains

10
IPs

3
Countries

1486 kB
Transfer

4853 kB
Size

15
Cookies

31 HTTP transactions
0 data transactions