urlscan.io logo urlscan.io
SecurityTrails logo

platform.zonkafeedback.com Open in urlscan Pro
3.139.27.240  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://platform.zonkafeedback.com/
Effective URL: https://platform.zonkafeedback.com/login
Submission: On October 31 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 25 HTTP transactions. The main IP is 3.139.27.240, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is platform.zonkafeedback.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 9th 2023. Valid for: a year.
This is the only time platform.zonkafeedback.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.22.237.97 16509 (AMAZON-02)
1 18 3.139.27.240 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
25 5
1    3.22.237.97 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-22-237-97.us-east-2.compute.amazonaws.com
platform.zonkafeedback.com
18    3.139.27.240 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-139-27-240.us-east-2.compute.amazonaws.com
platform.zonkafeedback.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
3    2a00:1450:4001:82a::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
19 zonkafeedback.com
platform.zonkafeedback.com
855 KB
5 google.com
apis.google.com — Cisco Umbrella Rank: 112
accounts.google.com — Cisco Umbrella Rank: 24
311 KB
1 gstatic.com
www.gstatic.com
36 KB
25 3
Domain Requested by
19 platform.zonkafeedback.com 2 redirects platform.zonkafeedback.com
3 accounts.google.com apis.google.com
platform.zonkafeedback.com
www.gstatic.com
2 apis.google.com platform.zonkafeedback.com
1 www.gstatic.com accounts.google.com
25 4

This site contains no links.

Subject Issuer Validity Valid
zonkafeedback.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-15		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://platform.zonkafeedback.com/login
Frame ID: 6D85B171B6604233A54E4004FE286818
Requests: 21 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: A74F8A43380F47D9282B337595CB2C49
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In | Zonka Feedback - Change the way you take feedback

Page URL History Show full URLs

  1. http://platform.zonkafeedback.com/ HTTP 301
    https://platform.zonkafeedback.com/ HTTP 302
    http://platform.zonkafeedback.com/login HTTP 307
    https://platform.zonkafeedback.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <iframe[^>]*accounts\.google\.com/o/oauth2
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

25
Requests

92 %
HTTPS

60 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

1202 kB
Transfer

5243 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://platform.zonkafeedback.com/ HTTP 301
    https://platform.zonkafeedback.com/ HTTP 302
    http://platform.zonkafeedback.com/login HTTP 307
    https://platform.zonkafeedback.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
platform.zonkafeedback.com/
Redirect Chain
  • http://platform.zonkafeedback.com/
  • https://platform.zonkafeedback.com/
  • http://platform.zonkafeedback.com/login
  • https://platform.zonkafeedback.com/login
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.zonkafeedback.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.139.27.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-27-240.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
20e7b28e5ebe2e0bbeea5d3dae75d8914a21b609946ca6856fbe0dd886eca754
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Tue, 31 Oct 2023 05:07:05 GMT
etag
W/"653f8759-779"
last-modified
Mon, 30 Oct 2023 10:37:13 GMT
permissions-policy
ambient-light-sensor=*, autoplay=*, camera=*, display-capture=*, document-domain=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, idle-detection=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-create=*, publickey-credentials-get=*, speaker-selection=*, storage-access=*, web-share=*
server
nginx/1.22.1
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://platform.zonkafeedback.com/login
Non-Authoritative-Reason
HSTS
main.b7470425.css
platform.zonkafeedback.com/login/static/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://platform.zonkafeedback.com/login/static/css/main.b7470425.css
Requested by
Host: platform.zonkafeedback.com
URL: https://platform.zonkafeedback.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.139.27.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-27-240.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
d54c9e501943eea980513b0ad8978e329385a45bf139a2d1bd4ebca4453b2244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.zonkafeedback.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:07:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 30 Oct 2023 10:37:13 GMT
server
nginx/1.22.1
content-encoding
gzip
etag
W/"653f8759-1d73f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
no-cache
permissions-policy
ambient-light-sensor=*, autoplay=*, camera=*, display-capture=*, document-domain=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, idle-detection=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-create=*, publickey-credentials-get=*, speaker-selection=*, storage-access=*, web-share=*
x-xss-protection
1; mode=block
zonka-logo.png
platform.zonkafeedback.com/login/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.zonkafeedback.com/login/images/zonka-logo.png
Requested by
Host: platform.zonkafeedback.com
URL: https://platform.zonkafeedback.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.139.27.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-27-240.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
d3c47c4550e01e8a6e0d60a732203ca7c369bdd2cfedc54e68042637af60b106
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.zonkafeedback.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:07:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 30 Oct 2023 10:37:02 GMT
server
nginx/1.22.1
etag
"653f874e-8fc"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache
permissions-policy
ambient-light-sensor=*, autoplay=*, camera=*, display-capture=*, document-domain=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, idle-detection=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-create=*, publickey-credentials-get=*, speaker-selection=*, storage-access=*, web-share=*
accept-ranges
bytes
content-length
2300
x-xss-protection
1; mode=block
zonka-loading.gif
platform.zonkafeedback.com/login/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.zonkafeedback.com/login/images/zonka-loading.gif
Requested by
Host: platform.zonkafeedback.com
URL: https://platform.zonkafeedback.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.139.27.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-27-240.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
a752a3f3d14047f2c1f4f7e824399794e871d1d61752265223d9028b5e251847
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.zonkafeedback.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:07:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 30 Oct 2023 10:37:02 GMT
server
nginx/1.22.1
etag
"653f874e-1ecb"
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache
permissions-policy
ambient-light-sensor=*, autoplay=*, camera=*, display-capture=*, document-domain=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, idle-detection=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-create=*, publickey-credentials-get=*, speaker-selection=*, storage-access=*, web-share=*
accept-ranges
bytes
content-length
7883
x-xss-protection
1; mode=block
main.369c3ec1.js
platform.zonkafeedback.com/login/static/js/ 		206 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.zonkafeedback.com/login/static/js/main.369c3ec1.js
Requested by
Host: platform.zonkafeedback.com
URL: https://platform.zonkafeedback.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.139.27.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-27-240.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
cec917605d9618b793cd4715cd300609bc99c1b5d6c573038cf92466762c131a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.zonkafeedback.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:07:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 30 Oct 2023 10:37:13 GMT
server
nginx/1.22.1
content-encoding
gzip
etag
W/"653f8759-336ab"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache
permissions-policy
ambient-light-sensor=*, autoplay=*, camera=*, display-capture=*, document-domain=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, idle-detection=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-create=*, publickey-credentials-get=*, speaker-selection=*, storage-access=*, web-share=*
x-xss-protection
1; mode=block
0.774d294b.chunk.js
platform.zonkafeedback.com/login/static/js/ 		1 MB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.zonkafeedback.com/login/static/js/0.774d294b.chunk.js
Requested by
Host: platform.zonkafeedback.com
URL: https://platform.zonkafeedback.com/login/static/js/main.369c3ec1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.139.27.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-27-240.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
a11236298b5b204a93958b4e1657be7c365ebaf6cb47b80a3e104cb22a010013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.zonkafeedback.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:07:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 30 Oct 2023 10:37:13 GMT
server
nginx/1.22.1
content-encoding
gzip
etag
W/"653f8759-101ddc"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache
permissions-policy
ambient-light-sensor=*, autoplay=*, camera=*, display-capture=*, document-domain=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, idle-detection=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-create=*, publickey-credentials-get=*, speaker-selection=*, storage-access=*, web-share=*
x-xss-protection
1; mode=block
ebd49788-a598-46cd-8222-91af23b7bed1
https://platform.zonkafeedback.com/ 		66 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://platform.zonkafeedback.com/ebd49788-a598-46cd-8222-91af23b7bed1
Requested by
Host: platform.zonkafeedback.com
URL: https://platform.zonkafeedback.com/login/static/js/main.369c3ec1.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea3d8204553eca0d6551c53d224a457fab7ec3dea1dccce47be53dd4af4ac85c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length
67282
Content-Type
text/css
dbef0609-461b-47c1-bd6e-58df5a8d628f
https://platform.zonkafeedback.com/ 		74 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://platform.zonkafeedback.com/dbef0609-461b-47c1-bd6e-58df5a8d628f
Requested by
Host: platform.zonkafeedback.com
URL: https://platform.zonkafeedback.com/login/static/js/main.369c3ec1.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3d6e73dd7415cef710950c0fc890671208b1e77ca0b158ac1536fceef483cca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length
75625
Content-Type
text/css
1.fc5449e8.chunk.js
platform.zonkafeedback.com/login/static/js/ 		718 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.zonkafeedback.com/login/static/js/1.fc5449e8.chunk.js
Requested by
Host: platform.zonkafeedback.com
URL: https://platform.zonkafeedback.com/login/static/js/main.369c3ec1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.139.27.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-27-240.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
5540f0c0f4856782919160408161f1a09cef2d8580001ed470c0763a04134509
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.zonkafeedback.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:07:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 30 Oct 2023 10:37:13 GMT
server
nginx/1.22.1
content-encoding
gzip
etag
W/"653f8759-b373b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache
permissions-policy
ambient-light-sensor=*, autoplay=*, camera=*, display-capture=*, document-domain=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, idle-detection=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-create=*, publickey-credentials-get=*, speaker-selection=*, storage-access=*, web-share=*
x-xss-protection
1; mode=block
3.2885e4c3.chunk.js
platform.zonkafeedback.com/login/static/js/ 		709 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.zonkafeedback.com/login/static/js/3.2885e4c3.chunk.js
Requested by
Host: platform.zonkafeedback.com
URL: https://platform.zonkafeedback.com/login/static/js/main.369c3ec1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.139.27.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-27-240.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
cb2c8885ea62ee2dd265d95f9f00b27815ea1fc1d40ac4ef17ca2cc63ed31651
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.zonkafeedback.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:07:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 30 Oct 2023 10:37:13 GMT
server
nginx/1.22.1
content-encoding
gzip
etag
W/"653f8759-b1530"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache
permissions-policy
ambient-light-sensor=*, autoplay=*, camera=*, display-capture=*, document-domain=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, idle-detection=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-create=*, publickey-credentials-get=*, speaker-selection=*, storage-access=*, web-share=*
x-xss-protection
1; mode=block
5.16832603.chunk.js
platform.zonkafeedback.com/login/static/js/ 		707 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.zonkafeedback.com/login/static/js/5.16832603.chunk.js
Requested by
Host: platform.zonkafeedback.com
URL: https://platform.zonkafeedback.com/login/static/js/main.369c3ec1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.139.27.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-27-240.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
4556d21293ffe78981f60dcd26d97a8b1d14f22ce99adcfbb6ed3c4edc31bd6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.zonkafeedback.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:07:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 30 Oct 2023 10:37:13 GMT
server
nginx/1.22.1
content-encoding
gzip
etag
W/"653f8759-b0ac4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache
permissions-policy
ambient-light-sensor=*, autoplay=*, camera=*, display-capture=*, document-domain=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, idle-detection=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-create=*, publickey-credentials-get=*, speaker-selection=*, storage-access=*, web-share=*
x-xss-protection
1; mode=block
4.49888414.chunk.js
platform.zonkafeedback.com/login/static/js/ 		710 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.zonkafeedback.com/login/static/js/4.49888414.chunk.js
Requested by
Host: platform.zonkafeedback.com
URL: https://platform.zonkafeedback.com/login/static/js/main.369c3ec1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.139.27.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-27-240.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
4e3fbdd6e513e9d78f521b1cd6f2376980da6fa13500f7c222fe85bc76d96c7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.zonkafeedback.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:07:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 30 Oct 2023 10:37:13 GMT
server
nginx/1.22.1
content-encoding
gzip
etag
W/"653f8759-b188f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache
permissions-policy
ambient-light-sensor=*, autoplay=*, camera=*, display-capture=*, document-domain=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, idle-detection=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-create=*, publickey-credentials-get=*, speaker-selection=*, storage-access=*, web-share=*
x-xss-protection
1; mode=block
logo.2cbf4026.svg
platform.zonkafeedback.com/login/static/media/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.zonkafeedback.com/login/static/media/logo.2cbf4026.svg
Requested by
Host: platform.zonkafeedback.com
URL: https://platform.zonkafeedback.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.139.27.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-27-240.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
b7dd303b3ab5ead039e82c6b901ebee5291417fc1d37699e5ac620fe5fb9e923
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.zonkafeedback.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:07:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 30 Oct 2023 10:37:13 GMT
server
nginx/1.22.1
etag
"653f8759-11b7"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
no-cache
permissions-policy
ambient-light-sensor=*, autoplay=*, camera=*, display-capture=*, document-domain=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, idle-detection=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-create=*, publickey-credentials-get=*, speaker-selection=*, storage-access=*, web-share=*
accept-ranges
bytes
content-length
4535
x-xss-protection
1; mode=block
ApercuPro.d8db5882.woff2
platform.zonkafeedback.com/login/static/media/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://platform.zonkafeedback.com/login/static/media/ApercuPro.d8db5882.woff2
Requested by
Host: platform.zonkafeedback.com
URL: blob:https://platform.zonkafeedback.com/ebd49788-a598-46cd-8222-91af23b7bed1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.139.27.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-27-240.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
465058788a384e5438225a1299b5216dac26d8badc1dc59d8443d2afe4825664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://platform.zonkafeedback.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:07:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 30 Oct 2023 10:37:13 GMT
server
nginx/1.22.1
etag
"653f8759-6f1c"
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
no-cache
permissions-policy
ambient-light-sensor=*, autoplay=*, camera=*, display-capture=*, document-domain=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, idle-detection=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-create=*, publickey-credentials-get=*, speaker-selection=*, storage-access=*, web-share=*
accept-ranges
bytes
content-length
28444
x-xss-protection
1; mode=block
7.220c933e.chunk.js
platform.zonkafeedback.com/login/static/js/ 		434 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.zonkafeedback.com/login/static/js/7.220c933e.chunk.js
Requested by
Host: platform.zonkafeedback.com
URL: https://platform.zonkafeedback.com/login/static/js/main.369c3ec1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.139.27.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-27-240.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
d6c120b7911133f66d667ee4ddd6d85e2cc0ffb21e66da1317fc828266246a4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.zonkafeedback.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:07:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 30 Oct 2023 10:37:13 GMT
server
nginx/1.22.1
content-encoding
gzip
etag
W/"653f8759-6c6bb"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache
permissions-policy
ambient-light-sensor=*, autoplay=*, camera=*, display-capture=*, document-domain=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, idle-detection=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-create=*, publickey-credentials-get=*, speaker-selection=*, storage-access=*, web-share=*
x-xss-protection
1; mode=block
right-arrow-white.202f6e82.svg
platform.zonkafeedback.com/login/static/media/ 		256 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.zonkafeedback.com/login/static/media/right-arrow-white.202f6e82.svg
Requested by
Host: platform.zonkafeedback.com
URL: https://platform.zonkafeedback.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.139.27.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-27-240.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
5443d92a9eb055a875f56a3a616e4c172bba016060a4b4ecbd078815449a7975
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.zonkafeedback.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:07:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 30 Oct 2023 10:37:13 GMT
server
nginx/1.22.1
etag
"653f8759-100"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
no-cache
permissions-policy
ambient-light-sensor=*, autoplay=*, camera=*, display-capture=*, document-domain=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, idle-detection=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-create=*, publickey-credentials-get=*, speaker-selection=*, storage-access=*, web-share=*
accept-ranges
bytes
content-length
256
x-xss-protection
1; mode=block
right-arrow-blue.37fec316.svg
platform.zonkafeedback.com/login/static/media/ 		258 B
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.zonkafeedback.com/login/static/media/right-arrow-blue.37fec316.svg
Requested by
Host: platform.zonkafeedback.com
URL: https://platform.zonkafeedback.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.139.27.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-27-240.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
750f27788b697fcd2d3497794326bf662a8748dc5a798f80379cd8a481075bb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.zonkafeedback.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:07:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 30 Oct 2023 10:37:13 GMT
server
nginx/1.22.1
etag
"653f8759-102"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
no-cache
permissions-policy
ambient-light-sensor=*, autoplay=*, camera=*, display-capture=*, document-domain=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, idle-detection=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-create=*, publickey-credentials-get=*, speaker-selection=*, storage-access=*, web-share=*
accept-ranges
bytes
content-length
258
x-xss-protection
1; mode=block
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.pt_BR.l4Bv_WkVC6g.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOuH5S2uqmF6E8zOW7n3yiqiwhzNQ/ 		301 KB
301 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.pt_BR.l4Bv_WkVC6g.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOuH5S2uqmF6E8zOW7n3yiqiwhzNQ/cb=gapi.loaded_0
Requested by
Host: platform.zonkafeedback.com
URL: https://platform.zonkafeedback.com/login/static/js/7.220c933e.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d210709f5f638e192d493f1d872b07587b89a17e289826657c1801039b82bdf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.zonkafeedback.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 01:55:31 GMT
x-content-type-options
nosniff
age
11496
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
307797
x-xss-protection
0
last-modified
Thu, 19 Nov 2020 17:03:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Oct 2024 01:55:31 GMT
btn_google_signin.fdce20e8.svg
platform.zonkafeedback.com/login/static/media/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.zonkafeedback.com/login/static/media/btn_google_signin.fdce20e8.svg
Requested by
Host: platform.zonkafeedback.com
URL: https://platform.zonkafeedback.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.139.27.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-27-240.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
b3b26d6c3d1c0678d30d992565239deddea8b82d4cdf6a3fe61ba25a71ed9ae7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.zonkafeedback.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:07:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 30 Oct 2023 10:37:13 GMT
server
nginx/1.22.1
etag
"653f8759-4eb"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
no-cache
permissions-policy
ambient-light-sensor=*, autoplay=*, camera=*, display-capture=*, document-domain=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, idle-detection=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-create=*, publickey-credentials-get=*, speaker-selection=*, storage-access=*, web-share=*
accept-ranges
bytes
content-length
1259
x-xss-protection
1; mode=block
_x32_16-microsoft.9c62e7ac.svg
platform.zonkafeedback.com/login/static/media/ 		375 B
977 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.zonkafeedback.com/login/static/media/_x32_16-microsoft.9c62e7ac.svg
Requested by
Host: platform.zonkafeedback.com
URL: https://platform.zonkafeedback.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.139.27.240 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-27-240.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
91567b53f1533e625c748e56644172f2118f67666768a6fe439cdb60849fe666
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.zonkafeedback.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:07:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 30 Oct 2023 10:37:13 GMT
server
nginx/1.22.1
etag
"653f8759-177"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
no-cache
permissions-policy
ambient-light-sensor=*, autoplay=*, camera=*, display-capture=*, document-domain=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, idle-detection=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-create=*, publickey-credentials-get=*, speaker-selection=*, storage-access=*, web-share=*
accept-ranges
bytes
content-length
375
x-xss-protection
1; mode=block
api.js
apis.google.com/js/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: platform.zonkafeedback.com
URL: https://platform.zonkafeedback.com/login/static/js/7.220c933e.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04b4fecb7946b0d9e6c275685179c3cd54b9946d1adb8a01faee81e2e560ca7f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.zonkafeedback.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 31 Oct 2023 05:07:07 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7112
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"241a6a66017d8392"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 05:07:07 GMT
iframe
accounts.google.com/o/oauth2/ Frame A74F 		287 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.pt_BR.l4Bv_WkVC6g.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOuH5S2uqmF6E8zOW7n3yiqiwhzNQ/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c9ce5128623eb754bba24f3dd7fc14631fd639cda8ebebd882db9a6299a40e3c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J9bckBVG0ppQoPtHRzzDwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://platform.zonkafeedback.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-J9bckBVG0ppQoPtHRzzDwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 05:07:07 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.dUOCNt-hKFc.es5.O/am=CAM/d=1/rs=AOaEmlE1MUEvifbyCLTwWh7DrK02fVTnKQ/ Frame A74F 		104 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.dUOCNt-hKFc.es5.O/am=CAM/d=1/rs=AOaEmlE1MUEvifbyCLTwWh7DrK02fVTnKQ/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7694808b307f434ae686cb40fcf400ae1268849af69fa6a7c1d462adc81d54c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 06:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36488
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Oct 2024 06:33:10 GMT
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame A74F 		2 KB
915 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: platform.zonkafeedback.com
URL: https://platform.zonkafeedback.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
aa1c61afab2e2d94eacaa92dfeec2b5011066b8ac669f4f3d924e9813578c3b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 05:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame A74F 		48 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fplatform.zonkafeedback.com&client_id=238274595666-2jmrs6fjp9lgdocj2rgmau1clr1de775.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.dUOCNt-hKFc.es5.O/am=CAM/d=1/rs=AOaEmlE1MUEvifbyCLTwWh7DrK02fVTnKQ/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ff1f6abadeee52e45dcc2d249fa0371ab3ad99cc170e3bcbfe92710515c6475
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yVOzQkp4ZODUUWQVlOnq5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:07:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-yVOzQkp4ZODUUWQVlOnq5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-encoding
gzip
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 31 Oct 2023 06:07:07 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| webpackJsonp function| _ object| __core-js_shared__ object| gapi object| ___jsl object| activeRenewals object| renewStates object| callbackMappedToRenewStates object| promiseMappedToRenewStates object| msal object| gadgets object| osapi object| oauth2 object| shindig object| googleapis object| iframer object| __gapi_jstiming__ function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow

3 Cookies

Domain/Path Name / Value
.zonkafeedback.com/ Name: mp_edd455c4e89d80f974f388e06fd5fab4_mixpanel
Value: %7B%22distinct_id%22%3A%20%2218b8420d6227af-080a1f4cc445be-683a5c5a-1d4c00-18b8420d624469%22%2C%22%24device_id%22%3A%20%2218b8420d6227af-080a1f4cc445be-683a5c5a-1d4c00-18b8420d624469%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.google.com/ Name: NID
Value: 511=k-XD9S1Jd-CadxYsAAIhvY72pEMmuXM4T7XXjGtkVb0lLcl7v0pUjmiZZ3ZDqVb4cMffZ8z0rQOqjH9g8bSl0gQH3YSwK4QsnVr1iUbVtZ6fPG7Ufq_r9ErKEOTgubQfqEVX1bVICFoNIsMgI7BXXKESkMjv4X0juHqvhPpRWoM
.platform.zonkafeedback.com/ Name: G_ENABLED_IDPS
Value: google

11 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'publickey-credentials-create'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'speaker-selection'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'storage-access'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.pt_BR.l4Bv_WkVC6g.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOuH5S2uqmF6E8zOW7n3yiqiwhzNQ/cb=gapi.loaded_0(Line 278)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
platform.zonkafeedback.com
www.gstatic.com
2a00:1450:4001:806::2003
2a00:1450:4001:82a::200d
2a00:1450:4001:831::200e
3.139.27.240
3.22.237.97
04b4fecb7946b0d9e6c275685179c3cd54b9946d1adb8a01faee81e2e560ca7f
1ff1f6abadeee52e45dcc2d249fa0371ab3ad99cc170e3bcbfe92710515c6475
20e7b28e5ebe2e0bbeea5d3dae75d8914a21b609946ca6856fbe0dd886eca754
4556d21293ffe78981f60dcd26d97a8b1d14f22ce99adcfbb6ed3c4edc31bd6f
465058788a384e5438225a1299b5216dac26d8badc1dc59d8443d2afe4825664
4e3fbdd6e513e9d78f521b1cd6f2376980da6fa13500f7c222fe85bc76d96c7c
5443d92a9eb055a875f56a3a616e4c172bba016060a4b4ecbd078815449a7975
5540f0c0f4856782919160408161f1a09cef2d8580001ed470c0763a04134509
750f27788b697fcd2d3497794326bf662a8748dc5a798f80379cd8a481075bb8
91567b53f1533e625c748e56644172f2118f67666768a6fe439cdb60849fe666
a11236298b5b204a93958b4e1657be7c365ebaf6cb47b80a3e104cb22a010013
a752a3f3d14047f2c1f4f7e824399794e871d1d61752265223d9028b5e251847
aa1c61afab2e2d94eacaa92dfeec2b5011066b8ac669f4f3d924e9813578c3b4
b3b26d6c3d1c0678d30d992565239deddea8b82d4cdf6a3fe61ba25a71ed9ae7
b7dd303b3ab5ead039e82c6b901ebee5291417fc1d37699e5ac620fe5fb9e923
c9ce5128623eb754bba24f3dd7fc14631fd639cda8ebebd882db9a6299a40e3c
cb2c8885ea62ee2dd265d95f9f00b27815ea1fc1d40ac4ef17ca2cc63ed31651
cec917605d9618b793cd4715cd300609bc99c1b5d6c573038cf92466762c131a
d210709f5f638e192d493f1d872b07587b89a17e289826657c1801039b82bdf2
d3c47c4550e01e8a6e0d60a732203ca7c369bdd2cfedc54e68042637af60b106
d3d6e73dd7415cef710950c0fc890671208b1e77ca0b158ac1536fceef483cca
d54c9e501943eea980513b0ad8978e329385a45bf139a2d1bd4ebca4453b2244
d6c120b7911133f66d667ee4ddd6d85e2cc0ffb21e66da1317fc828266246a4b
e7694808b307f434ae686cb40fcf400ae1268849af69fa6a7c1d462adc81d54c
ea3d8204553eca0d6551c53d224a457fab7ec3dea1dccce47be53dd4af4ac85c