urlscan.io logo urlscan.io
SecurityTrails logo

conrad.mopinion.com Open in urlscan Pro
2a05:d018:f65:f801:48a7:7655:9afa:706c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rdir.conrad.nl/r.html?uid=E.B.fo.DUNo.FDyI.CFlTF.A.JE3OJpEIJjsaK9gJWbf7MFnfwDILqkwb5Vrmhol1NpcgE7I-KYTrHdK0rvBv...
Effective URL: https://conrad.mopinion.com/survey/public/take-survey/a6a6c818c4d1f29068dc3f7229dae71dc6669ceb
Submission: On August 07 via api from BE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 2a05:d018:f65:f801:48a7:7655:9afa:706c, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is conrad.mopinion.com.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on July 2nd 2022. Valid for: a year.
This is the only time conrad.mopinion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 45.146.16.40 12337 (NORIS-NET...)
1 4 2a05:d018:f65... 16509 (AMAZON-02)
1 2a05:d018:f65... 16509 (AMAZON-02)
1 34.247.238.130 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 99.80.165.4 16509 (AMAZON-02)
2 52.213.136.238 16509 (AMAZON-02)
12 6
1    45.146.16.40 (Germany)

ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE)
PTR: news.agnitas.de
rdir.conrad.nl
4    2a05:d018:f65:f801:48a7:7655:9afa:706c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
conrad.mopinion.com
1    2a05:d018:f65:f800:e194:6d4a:dcf8:944 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
cacheorcheck.mopinion.com
1    34.247.238.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-238-130.eu-west-1.compute.amazonaws.com
fonts.mopinion.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    99.80.165.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-165-4.eu-west-1.compute.amazonaws.com
metrics.mopinion.com
2    52.213.136.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-136-238.eu-west-1.compute.amazonaws.com
survey.mopinion.com
Apex Domain
Subdomains		 Transfer
12 mopinion.com
conrad.mopinion.com
cacheorcheck.mopinion.com — Cisco Umbrella Rank: 39717
fonts.mopinion.com — Cisco Umbrella Rank: 50779
metrics.mopinion.com — Cisco Umbrella Rank: 197409
survey.mopinion.com
118 KB
1 gstatic.com
fonts.gstatic.com
17 KB
1 conrad.nl
rdir.conrad.nl
178 B
12 3
Domain Requested by
4 metrics.mopinion.com conrad.mopinion.com
4 conrad.mopinion.com 1 redirects conrad.mopinion.com
2 survey.mopinion.com conrad.mopinion.com
1 fonts.gstatic.com fonts.mopinion.com
1 fonts.mopinion.com conrad.mopinion.com
1 cacheorcheck.mopinion.com conrad.mopinion.com
1 rdir.conrad.nl 1 redirects
12 7

This site contains links to these domains. Also see Links.

Domain
mopinion.com
Subject Issuer Validity Valid
*.mopinion.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-07-02 -
2023-07-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://conrad.mopinion.com/survey/public/take-survey/a6a6c818c4d1f29068dc3f7229dae71dc6669ceb
Frame ID: 459D441DC5BE275C4134D48912C0601F
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Feedback Nieuwsbrief

Page URL History Show full URLs

  1. https://rdir.conrad.nl/r.html?uid=E.B.fo.DUNo.FDyI.CFlTF.A.JE3OJpEIJjsaK9gJWbf7MFnfwDILqkwb5Vrmhol1... HTTP 302
    https://conrad.mopinion.com/survey/public/take-survey/a6a6c818c4d1f29068dc3f7229dae71dc6669ceb?thumbs=ne... HTTP 302
    https://conrad.mopinion.com/survey/public/take-survey/a6a6c818c4d1f29068dc3f7229dae71dc6669ceb Page URL

Page Statistics

12
Requests

100 %
HTTPS

43 %
IPv6

3
Domains

7
Subdomains

6
IPs

2
Countries

132 kB
Transfer

473 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rdir.conrad.nl/r.html?uid=E.B.fo.DUNo.FDyI.CFlTF.A.JE3OJpEIJjsaK9gJWbf7MFnfwDILqkwb5Vrmhol1NpcgE7I-KYTrHdK0rvBvQgoD7BnpZQx64ucP2VhKUy32Pg HTTP 302
    https://conrad.mopinion.com/survey/public/take-survey/a6a6c818c4d1f29068dc3f7229dae71dc6669ceb?thumbs=negative&Type_formulier=Promo HTTP 302
    https://conrad.mopinion.com/survey/public/take-survey/a6a6c818c4d1f29068dc3f7229dae71dc6669ceb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request a6a6c818c4d1f29068dc3f7229dae71dc6669ceb
conrad.mopinion.com/survey/public/take-survey/
Redirect Chain
  • https://rdir.conrad.nl/r.html?uid=E.B.fo.DUNo.FDyI.CFlTF.A.JE3OJpEIJjsaK9gJWbf7MFnfwDILqkwb5Vrmhol1NpcgE7I-KYTrHdK0rvBvQgoD7BnpZQx64ucP2VhKUy32Pg
  • https://conrad.mopinion.com/survey/public/take-survey/a6a6c818c4d1f29068dc3f7229dae71dc6669ceb?thumbs=negative&Type_formulier=Promo
  • https://conrad.mopinion.com/survey/public/take-survey/a6a6c818c4d1f29068dc3f7229dae71dc6669ceb
5 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://conrad.mopinion.com/survey/public/take-survey/a6a6c818c4d1f29068dc3f7229dae71dc6669ceb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:f65:f801:48a7:7655:9afa:706c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
01add02814d40b9fcf59bd98817ed6c28c2470acecdafbd6ff6d6ab81432e702
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src *; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src *; worker-src blob:
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-headers
Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src *; worker-src blob:
content-type
text/html; charset=UTF-8
date
Sun, 07 Aug 2022 17:43:12 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-security-policy
default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src *; worker-src blob:
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-headers
Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-security-policy
default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src *; worker-src blob:
content-type
text/html; charset=UTF-8
date
Sun, 07 Aug 2022 17:43:11 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/survey/public/take-survey/a6a6c818c4d1f29068dc3f7229dae71dc6669ceb
pragma
no-cache
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-security-policy
default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src *; worker-src blob:
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
take_survey.css
conrad.mopinion.com/assets/css/ 		9 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://conrad.mopinion.com/assets/css/take_survey.css?v=1.5
Requested by
Host: conrad.mopinion.com
URL: https://conrad.mopinion.com/survey/public/take-survey/a6a6c818c4d1f29068dc3f7229dae71dc6669ceb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:f65:f801:48a7:7655:9afa:706c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ce3af9146c303535260d8f2d8ed4dc061438f38b11720280171d11d9fa42c6cf
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://conrad.mopinion.com/survey/public/take-survey/a6a6c818c4d1f29068dc3f7229dae71dc6669ceb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 17:43:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-content-security-policy
default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
x-permitted-cross-domain-policies
none
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 17 Jun 2020 09:03:25 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5ee9dc5d-2368"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
content-security-policy
default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
access-control-allow-headers
Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires
Sun, 14 Aug 2022 17:43:12 GMT
survey.min.js
conrad.mopinion.com/assets/surveys/2.0/js/ 		253 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://conrad.mopinion.com/assets/surveys/2.0/js/survey.min.js
Requested by
Host: conrad.mopinion.com
URL: https://conrad.mopinion.com/survey/public/take-survey/a6a6c818c4d1f29068dc3f7229dae71dc6669ceb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:f65:f801:48a7:7655:9afa:706c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5627fcd50f5e93f4f24c5ac489f4a22160958452ad9d4deae58ba460b83e2347
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://conrad.mopinion.com/survey/public/take-survey/a6a6c818c4d1f29068dc3f7229dae71dc6669ceb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 17:43:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-content-security-policy
default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
x-permitted-cross-domain-policies
none
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 22 Jul 2022 03:35:01 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"62da1ae5-3f5f3"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
content-security-policy
default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com app.getbeamer.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com youtube.com www.youtube.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com app.getbeamer.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com *.google.nl *.google.de *.google.fr *.google.co.uk *.google.se *.google.com.au *.google.ca *.google.be *.google.it *.google.ie *.google.is *.google.dk *.google.no *.google.ch *.google.at mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net app.getbeamer.com heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com *.doubleclick.net backend.getbeamer.com sentry.io *.ingest.sentry.io heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src 'self' youtube.com www.youtube.com player.vimeo.com groove-widget-production.s3.amazonaws.com js.stripe.com app.getbeamer.com changelog.mopinion.com; object-src 'none'; worker-src blob:
access-control-allow-headers
Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
expires
Sun, 14 Aug 2022 17:43:12 GMT
json-config
cacheorcheck.mopinion.com/survey/public/ 		186 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cacheorcheck.mopinion.com/survey/public/json-config?key=a6a6c818c4d1f29068dc3f7229dae71dc6669ceb&domain=conrad.mopinion.com&withBase=true
Requested by
Host: conrad.mopinion.com
URL: https://conrad.mopinion.com/assets/surveys/2.0/js/survey.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:f65:f800:e194:6d4a:dcf8:944 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Mopinion.com
Resource Hash
b8961942dad2fbf4f00d99d14819e39ca3138285b31e67e50b06f430f9285251
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 17:43:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 07 Aug 2022 17:00:05 GMT
server
nginx
x-powered-by
Mopinion.com
x-frame-options
SAMEORIGIN
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
X-Api-Version, X-Request-Id, X-Response-Time
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000
access-control-allow-headers
Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Expose-Headers,Cache-Control,Last-Modified,X-Frame-Options,Strict-Transport-Security,X-Content-Type-Options,X-XSS-Protection,Server,Origin,Accept,Accept-Version,Content-Length,Content-MD5,Content-Type,Date,X-Api-Version,X-Response-Time,X-PINGOTHER,X-CSRF-Token,Authorization
x-xss-protection
1; mode=block
css
fonts.mopinion.com/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.mopinion.com/css?family=Open+Sans
Requested by
Host: conrad.mopinion.com
URL: https://conrad.mopinion.com/assets/surveys/2.0/js/survey.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.238.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-238-130.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b7e04cfe373f353e14b51b0f8ad79ba0b29696cc9cb062cf334fa6b6fc73583a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 17:43:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Aug 2022 17:39:45 GMT
server
nginx
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding, Accept-Encoding
cache-control
max-age=31536000
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Aug 2023 17:43:12 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.mopinion.com
URL: https://fonts.mopinion.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.mopinion.com/
Origin
https://conrad.mopinion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 11:57:13 GMT
x-content-type-options
nosniff
age
539159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16720
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Aug 2023 11:57:13 GMT
datapoints
metrics.mopinion.com/ 		32 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.mopinion.com/datapoints
Requested by
Host: conrad.mopinion.com
URL: https://conrad.mopinion.com/assets/surveys/2.0/js/survey.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.165.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-165-4.eu-west-1.compute.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
ae9bf733360db1ba4d456d45d9af91ea42b95a931d4eb9262e502165465f99bf

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://conrad.mopinion.com
date
Sun, 07 Aug 2022 17:43:12 GMT
access-control-allow-credentials
true
server
gunicorn/20.0.4
content-length
32
vary
Origin
content-type
application/json
datapoints
metrics.mopinion.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://metrics.mopinion.com/datapoints
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.165.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-165-4.eu-west-1.compute.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://conrad.mopinion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://conrad.mopinion.com
allow
POST, OPTIONS, GET, HEAD
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 07 Aug 2022 17:43:12 GMT
server
gunicorn/20.0.4
vary
Origin
data
survey.mopinion.com/api/1/ 		91 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://survey.mopinion.com/api/1/data
Requested by
Host: conrad.mopinion.com
URL: https://conrad.mopinion.com/assets/surveys/2.0/js/survey.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.136.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-136-238.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fcdd3a8fca71de5edf24780acdf488f02068872bcc974e29aa36fe44ba8c432f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Aug 2022 17:43:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
access-control-allow-headers
Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
x-xss-protection
1; mode=block
data
survey.mopinion.com/api/1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://survey.mopinion.com/api/1/data
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.136.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-136-238.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://conrad.mopinion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Content-Encoding
access-control-allow-origin
*
allow
POST, OPTIONS
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 07 Aug 2022 17:43:13 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-xss-protection
1; mode=block
datapoints
metrics.mopinion.com/ 		32 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.mopinion.com/datapoints
Requested by
Host: conrad.mopinion.com
URL: https://conrad.mopinion.com/assets/surveys/2.0/js/survey.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.165.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-165-4.eu-west-1.compute.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash
ae9bf733360db1ba4d456d45d9af91ea42b95a931d4eb9262e502165465f99bf

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://conrad.mopinion.com
date
Sun, 07 Aug 2022 17:43:13 GMT
access-control-allow-credentials
true
server
gunicorn/20.0.4
content-length
32
vary
Origin
content-type
application/json
datapoints
metrics.mopinion.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://metrics.mopinion.com/datapoints
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.165.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-165-4.eu-west-1.compute.amazonaws.com
Software
gunicorn/20.0.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://conrad.mopinion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://conrad.mopinion.com
allow
POST, OPTIONS, GET, HEAD
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 07 Aug 2022 17:43:13 GMT
server
gunicorn/20.0.4
vary
Origin

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| srv object| loadParams

7 Cookies

Domain/Path Name / Value
conrad.mopinion.com/survey/public/take-survey Name: a6a6c818c4d1f29068dc3f7229dae71dc6669ceb
Value: %3Fthumbs%3Dnegative%26Type_formulier%3DPromo
conrad.mopinion.com/ Name: SESS_ID
Value: a0652e05d26fd12108c6068a516bb5c9
conrad.mopinion.com/ Name: AWSALB
Value: 1RW5T9LQr6/dwmOBx5SthkY2kCVrhlqly54VXyKVHQQIkJiX8jJF7j17ccmSsyaJ4U8EZToWvkw9QeagzBGi0GfgX4yYZrh/gW3zNSB7Mkzid5LfbUTt2kU0mgni
conrad.mopinion.com/ Name: AWSALBCORS
Value: 1RW5T9LQr6/dwmOBx5SthkY2kCVrhlqly54VXyKVHQQIkJiX8jJF7j17ccmSsyaJ4U8EZToWvkw9QeagzBGi0GfgX4yYZrh/gW3zNSB7Mkzid5LfbUTt2kU0mgni
conrad.mopinion.com/ Name: SQsession
Value: lcc7hi8z0vl2litoks9jgkuq7v9k3fwr92g
fonts.mopinion.com/ Name: AWSALB
Value: 5iPHkMZD/IRh0ChWJsISDNBxdxRICmVvNptJtVuHQJFOS2sr9NDWMzhGsgKvD1BLFaPUZsUgcvZsgLXgFKllklp/MBZ1rLxo6ucejAmM3w2wGullmjARJ4I5qecf
fonts.mopinion.com/ Name: AWSALBCORS
Value: 5iPHkMZD/IRh0ChWJsISDNBxdxRICmVvNptJtVuHQJFOS2sr9NDWMzhGsgKvD1BLFaPUZsUgcvZsgLXgFKllklp/MBZ1rLxo6ucejAmM3w2wGullmjARJ4I5qecf

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src *; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' data: *.mopinion.com *.mopinion.nl; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' storage.googleapis.com widget-backend.groovehq.com groove-widget-production.s3.amazonaws.com d2wy8f7a9ursnm.cloudfront.net *.google-analytics.com *.googletagmanager.com api.officedron.es js.stripe.com m.stripe.com *.mopinion.com *.mopinion.nl cdnjs.cloudflare.com ajax.googleapis.com ipinfo.io www.google-analytics.com dev.visualwebsiteoptimizer.com pi.pardot.com static.getbeamer.com cdn.heapanalytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud cdn.mxpnl.com cdn4.mxpnl.com code.highcharts.com; style-src 'self' data: 'unsafe-inline' fonts.googleapis.com *.mopinion.nl *.mopinion.com heapanalytics.com; img-src 'self' data: blob: *.mopinion.com *.mopinion.nl *.amazonaws.com *.google-analytics.com *.apple.com *.google.com mopinion-visual-feedback.s3-eu-west-1.amazonaws.com s3-eu-west-1.amazonaws.com/efm/ q.stripe.com www.google-analytics.com dev.visualwebsiteoptimizer.com *.doubleclick.net heapanalytics.com; media-src 'self'; font-src 'self' data: fonts.googleapis.com fonts.mopinion.com fonts.gstatic.com gstatic.mopinion.com heapanalytics.com; connect-src 'self' api.stripe.com m.stripe.com api.officedron.es *.mopinion.com api.trello.com app.asana.com freegeoip.net www.googleapis.com *.google-analytics.com heapanalytics.com *.smartlook.com *.smartlook.cloud *.mixpanel.com cdn.mxpnl.com; frame-src *; worker-src blob:
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block