urlscan.io logo urlscan.io
SecurityTrails logo

amazon.o-w.dev Open in urlscan Pro
168.119.128.230  Public Scan

Go To Rescan Add Verdict Report
URL: https://amazon.o-w.dev/main
Submission Tags: @phishunt_io
Submission: On January 21 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 20 HTTP transactions. The main IP is 168.119.128.230, located in United States and belongs to HETZNER-AS, DE. The main domain is amazon.o-w.dev.
TLS certificate: Issued by R3 on January 20th 2021. Valid for: 3 months.
This is the only time amazon.o-w.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 168.119.128.230 24940 (HETZNER-AS)
20 2
Apex Domain
Subdomains		 Transfer
20 o-w.dev
amazon.o-w.dev
2 MB
20 1
Domain Requested by
20 amazon.o-w.dev amazon.o-w.dev
20 1

This site contains no links.

Subject Issuer Validity Valid
amazon.o-w.dev
R3		 2021-01-20 -
2021-04-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://amazon.o-w.dev/main
Frame ID: FA74E6D1B9C7DCF5D238BCFB6DB42612
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1909 kB
Transfer

5668 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request main
amazon.o-w.dev/ 		8 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://amazon.o-w.dev/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.128.230 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
amazon.o-w.dev
Software
/
Resource Hash
284251027b26f2e7f68c4b69d2beba5c3a15e42b8ef013829ab974519616a3f2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
amazon.o-w.dev
:scheme
https
:path
/main
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:16:40 GMT
content-type
text/html
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-security-policy
default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-server-id
amazon
x-ua-compatible
IE=Edge
content-encoding
br
strict-transport-security
max-age=63072000; preload
ArchivoNarrow-Regular.otf
amazon.o-w.dev/main/assets/fonts/core/archivo-narrow/webfonts/ 		50 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://amazon.o-w.dev/main/assets/fonts/core/archivo-narrow/webfonts/ArchivoNarrow-Regular.otf?777ac7372edbbab5956123eebf11935e
Requested by
Host: amazon.o-w.dev
URL: https://amazon.o-w.dev/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.128.230 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
amazon.o-w.dev
Software
/
Resource Hash
62ce7f90c1d50eef69617b1b27c1c6112ee4d6c765ff686b76a3431e1edd73b9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://amazon.o-w.dev
Referer
https://amazon.o-w.dev/main
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:16:40 GMT
x-content-type-options
nosniff
content-length
51040
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 14 Dec 2020 14:49:13 GMT
x-frame-options
SAMEORIGIN
etag
"5fd77b69-c760"
strict-transport-security
max-age=63072000; preload
content-type
application/octet-stream
access-control-allow-origin
*
x-server-id
amazon
cache-control
max-age=2592000
content-security-policy
default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
accept-ranges
bytes
expires
Sat, 20 Feb 2021 16:16:40 GMT
ArchivoNarrow-Bold.otf
amazon.o-w.dev/main/assets/fonts/core/archivo-narrow/webfonts/ 		51 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://amazon.o-w.dev/main/assets/fonts/core/archivo-narrow/webfonts/ArchivoNarrow-Bold.otf?1e72899ef79ad3320652a91f92cfa509
Requested by
Host: amazon.o-w.dev
URL: https://amazon.o-w.dev/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.128.230 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
amazon.o-w.dev
Software
/
Resource Hash
36bed1afb942e1a1ccf9289287a8d688b88022ded38d05ec9e755ccc0745512b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://amazon.o-w.dev
Referer
https://amazon.o-w.dev/main
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:16:40 GMT
x-content-type-options
nosniff
content-length
52696
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 14 Dec 2020 14:49:13 GMT
x-frame-options
SAMEORIGIN
etag
"5fd77b69-cdd8"
strict-transport-security
max-age=63072000; preload
content-type
application/octet-stream
access-control-allow-origin
*
x-server-id
amazon
cache-control
max-age=2592000
content-security-policy
default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
accept-ranges
bytes
expires
Sat, 20 Feb 2021 16:16:40 GMT
FUTURAMC.TTF
amazon.o-w.dev/main/assets/fonts/core/futura/webfonts/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://amazon.o-w.dev/main/assets/fonts/core/futura/webfonts/FUTURAMC.TTF?1abcb0d349625217ec210992351ba66b
Requested by
Host: amazon.o-w.dev
URL: https://amazon.o-w.dev/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.128.230 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
amazon.o-w.dev
Software
/
Resource Hash
50eb06c56dd8ee821008327278b9483229462c6682394a28c3c6c08cc37049d1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://amazon.o-w.dev
Referer
https://amazon.o-w.dev/main
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:16:40 GMT
x-content-type-options
nosniff
content-length
35900
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 14 Dec 2020 14:49:13 GMT
x-frame-options
SAMEORIGIN
etag
"5fd77b69-8c3c"
strict-transport-security
max-age=63072000; preload
content-type
application/octet-stream
access-control-allow-origin
*
x-server-id
amazon
cache-control
max-age=2592000
content-security-policy
default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
accept-ranges
bytes
expires
Sat, 20 Feb 2021 16:16:40 GMT
FUTURAH.TTF
amazon.o-w.dev/main/assets/fonts/core/futura/webfonts/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://amazon.o-w.dev/main/assets/fonts/core/futura/webfonts/FUTURAH.TTF?074a76d5e8105426711acdb8923bff90
Requested by
Host: amazon.o-w.dev
URL: https://amazon.o-w.dev/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.128.230 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
amazon.o-w.dev
Software
/
Resource Hash
ff4d5ed3265972ed63726198bed27ac8d4192d35be9d6d3ffcefdb23761cc9b1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://amazon.o-w.dev
Referer
https://amazon.o-w.dev/main
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:16:40 GMT
x-content-type-options
nosniff
content-length
38024
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 14 Dec 2020 14:49:13 GMT
x-frame-options
SAMEORIGIN
etag
"5fd77b69-9488"
strict-transport-security
max-age=63072000; preload
content-type
application/octet-stream
access-control-allow-origin
*
x-server-id
amazon
cache-control
max-age=2592000
content-security-policy
default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
accept-ranges
bytes
expires
Sat, 20 Feb 2021 16:16:40 GMT
mikado-bold.ttf
amazon.o-w.dev/main/assets/fonts/core/mikado/webfonts/ 		150 KB
151 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://amazon.o-w.dev/main/assets/fonts/core/mikado/webfonts/mikado-bold.ttf?da897c5bafd9743c93f00b0ae43fbf74
Requested by
Host: amazon.o-w.dev
URL: https://amazon.o-w.dev/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.128.230 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
amazon.o-w.dev
Software
/
Resource Hash
5aeaa311e928a35b19c2619b0331d4b856ba98449dadbe7b4cd71660344eb9b2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://amazon.o-w.dev
Referer
https://amazon.o-w.dev/main
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:16:40 GMT
x-content-type-options
nosniff
content-length
153800
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 14 Dec 2020 14:49:13 GMT
x-frame-options
SAMEORIGIN
etag
"5fd77b69-258c8"
strict-transport-security
max-age=63072000; preload
content-type
application/octet-stream
access-control-allow-origin
*
x-server-id
amazon
cache-control
max-age=2592000
content-security-policy
default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
accept-ranges
bytes
expires
Sat, 20 Feb 2021 16:16:40 GMT
mikado-black.ttf
amazon.o-w.dev/main/assets/fonts/core/mikado/webfonts/ 		153 KB
154 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://amazon.o-w.dev/main/assets/fonts/core/mikado/webfonts/mikado-black.ttf?45915a91e9e3d2e396daf6801b8cd0bc
Requested by
Host: amazon.o-w.dev
URL: https://amazon.o-w.dev/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.128.230 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
amazon.o-w.dev
Software
/
Resource Hash
58012aa762968a676776982c0311e2cf1e5a9150f732ef2ba32faf5b8d99db7b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://amazon.o-w.dev
Referer
https://amazon.o-w.dev/main
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:16:40 GMT
x-content-type-options
nosniff
content-length
156808
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 14 Dec 2020 14:49:13 GMT
x-frame-options
SAMEORIGIN
etag
"5fd77b69-26488"
strict-transport-security
max-age=63072000; preload
content-type
application/octet-stream
access-control-allow-origin
*
x-server-id
amazon
cache-control
max-age=2592000
content-security-policy
default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
accept-ranges
bytes
expires
Sat, 20 Feb 2021 16:16:40 GMT
MyriadPro-Regular.otf
amazon.o-w.dev/main/assets/fonts/core/myriad/webfonts/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://amazon.o-w.dev/main/assets/fonts/core/myriad/webfonts/MyriadPro-Regular.otf?a89cf050c859a23e4b6d9cf5989acf9e
Requested by
Host: amazon.o-w.dev
URL: https://amazon.o-w.dev/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.128.230 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
amazon.o-w.dev
Software
/
Resource Hash
08ae13eae594f2da4c8f3e8559fdb17a0ffc864013b37a8120e1f35968813402
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://amazon.o-w.dev
Referer
https://amazon.o-w.dev/main
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:16:40 GMT
x-content-type-options
nosniff
content-length
79364
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 14 Dec 2020 14:49:13 GMT
x-frame-options
SAMEORIGIN
etag
"5fd77b69-13604"
strict-transport-security
max-age=63072000; preload
content-type
application/octet-stream
access-control-allow-origin
*
x-server-id
amazon
cache-control
max-age=2592000
content-security-policy
default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
accept-ranges
bytes
expires
Sat, 20 Feb 2021 16:16:40 GMT
MyriadPro-Black.otf
amazon.o-w.dev/main/assets/fonts/core/myriad/webfonts/ 		80 KB
81 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://amazon.o-w.dev/main/assets/fonts/core/myriad/webfonts/MyriadPro-Black.otf?5e2955439d167e1df5763190b5158ff8
Requested by
Host: amazon.o-w.dev
URL: https://amazon.o-w.dev/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.128.230 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
amazon.o-w.dev
Software
/
Resource Hash
e54394d433d536e833f07f932abf093afc2c83b3805cc006d55b0655d18e5859
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://amazon.o-w.dev
Referer
https://amazon.o-w.dev/main
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:16:40 GMT
x-content-type-options
nosniff
content-length
81792
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 14 Dec 2020 14:49:13 GMT
x-frame-options
SAMEORIGIN
etag
"5fd77b69-13f80"
strict-transport-security
max-age=63072000; preload
content-type
application/octet-stream
access-control-allow-origin
*
x-server-id
amazon
cache-control
max-age=2592000
content-security-policy
default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
accept-ranges
bytes
expires
Sat, 20 Feb 2021 16:16:40 GMT
MyriadPro-Cond.otf
amazon.o-w.dev/main/assets/fonts/core/myriad/webfonts/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://amazon.o-w.dev/main/assets/fonts/core/myriad/webfonts/MyriadPro-Cond.otf?bef82a210b5861dfcc2301df1eb9274f
Requested by
Host: amazon.o-w.dev
URL: https://amazon.o-w.dev/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.128.230 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
amazon.o-w.dev
Software
/
Resource Hash
4611795c11e7d416d4904c677efeb9baf274fd3055e1f1da8611d6584ac7ab37
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://amazon.o-w.dev
Referer
https://amazon.o-w.dev/main
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:16:40 GMT
x-content-type-options
nosniff
content-length
78364
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 14 Dec 2020 14:49:13 GMT
x-frame-options
SAMEORIGIN
etag
"5fd77b69-1321c"
strict-transport-security
max-age=63072000; preload
content-type
application/octet-stream
access-control-allow-origin
*
x-server-id
amazon
cache-control
max-age=2592000
content-security-policy
default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
accept-ranges
bytes
expires
Sat, 20 Feb 2021 16:16:40 GMT
MyriadPro-BlackCond.otf
amazon.o-w.dev/main/assets/fonts/core/myriad/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://amazon.o-w.dev/main/assets/fonts/core/myriad/webfonts/MyriadPro-BlackCond.otf?f7210f5c416f1350ec4833edb4ea8d42
Requested by
Host: amazon.o-w.dev
URL: https://amazon.o-w.dev/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.128.230 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
amazon.o-w.dev
Software
/
Resource Hash
a7cd265a051426fbddc1756593c99941cc7735f89487c8e2fccce1b842c4fb5f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://amazon.o-w.dev
Referer
https://amazon.o-w.dev/main
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:16:40 GMT
x-content-type-options
nosniff
content-length
80344
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 14 Dec 2020 14:49:13 GMT
x-frame-options
SAMEORIGIN
etag
"5fd77b69-139d8"
strict-transport-security
max-age=63072000; preload
content-type
application/octet-stream
access-control-allow-origin
*
x-server-id
amazon
cache-control
max-age=2592000
content-security-policy
default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
accept-ranges
bytes
expires
Sat, 20 Feb 2021 16:16:40 GMT
styles.66b437fc037358ad0d6a.css
amazon.o-w.dev/main/ 		192 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amazon.o-w.dev/main/styles.66b437fc037358ad0d6a.css
Requested by
Host: amazon.o-w.dev
URL: https://amazon.o-w.dev/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.128.230 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
amazon.o-w.dev
Software
/
Resource Hash
46b17c580c7dcadf0149f560a435fca2120f36e79f70dd8049f6be79417e0e29
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://amazon.o-w.dev/main
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:16:40 GMT
content-encoding
br
x-content-type-options
nosniff
vary
Accept-Encoding
content-length
27719
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 14 Dec 2020 14:49:13 GMT
x-frame-options
SAMEORIGIN
etag
"5fd77b69-6c47"
strict-transport-security
max-age=63072000; preload
content-type
text/css
access-control-allow-origin
*
x-server-id
amazon
cache-control
max-age=2592000
content-security-policy
default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
expires
Sat, 20 Feb 2021 16:16:40 GMT
runtime.18e9e750b4d074cb5044.js
amazon.o-w.dev/main/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amazon.o-w.dev/main/runtime.18e9e750b4d074cb5044.js
Requested by
Host: amazon.o-w.dev
URL: https://amazon.o-w.dev/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.128.230 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
amazon.o-w.dev
Software
/
Resource Hash
40ac872201520e5479afe341e87a40ba7485772bddbc457d098eb25e93fccb66
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://amazon.o-w.dev/main
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:16:40 GMT
content-encoding
br
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 14 Dec 2020 14:49:13 GMT
x-frame-options
SAMEORIGIN
etag
W/"5fd77b69-92c"
strict-transport-security
max-age=63072000; preload
content-type
application/javascript
access-control-allow-origin
*
x-server-id
amazon
cache-control
max-age=2592000
content-security-policy
default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
expires
Sat, 20 Feb 2021 16:16:40 GMT
polyfills.6c4dbe813f1ceb4d9fdf.js
amazon.o-w.dev/main/ 		67 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amazon.o-w.dev/main/polyfills.6c4dbe813f1ceb4d9fdf.js
Requested by
Host: amazon.o-w.dev
URL: https://amazon.o-w.dev/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.128.230 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
amazon.o-w.dev
Software
/
Resource Hash
80908543aaab70b708de2231bc7ad7e3f128796427d252782310727c7dcc8279
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://amazon.o-w.dev/main
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:16:40 GMT
content-encoding
br
x-content-type-options
nosniff
vary
Accept-Encoding
content-length
20068
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 14 Dec 2020 14:49:13 GMT
x-frame-options
SAMEORIGIN
etag
"5fd77b69-4e64"
strict-transport-security
max-age=63072000; preload
content-type
application/javascript
access-control-allow-origin
*
x-server-id
amazon
cache-control
max-age=2592000
content-security-policy
default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
expires
Sat, 20 Feb 2021 16:16:40 GMT
scripts.64d8cc4089e4a07acfc7.js
amazon.o-w.dev/main/ 		175 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amazon.o-w.dev/main/scripts.64d8cc4089e4a07acfc7.js
Requested by
Host: amazon.o-w.dev
URL: https://amazon.o-w.dev/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.128.230 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
amazon.o-w.dev
Software
/
Resource Hash
bd19eef9cfc202f2058cd892cba96ffb854d4d2a79792521643c14181ce23393
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://amazon.o-w.dev/main
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:16:40 GMT
content-encoding
br
x-content-type-options
nosniff
vary
Accept-Encoding
content-length
49611
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 14 Dec 2020 14:49:13 GMT
x-frame-options
SAMEORIGIN
etag
"5fd77b69-c1cb"
strict-transport-security
max-age=63072000; preload
content-type
application/javascript
access-control-allow-origin
*
x-server-id
amazon
cache-control
max-age=2592000
content-security-policy
default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
expires
Sat, 20 Feb 2021 16:16:40 GMT
vendor.bde2180daa663fac5d21.js
amazon.o-w.dev/main/ 		3 MB
590 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amazon.o-w.dev/main/vendor.bde2180daa663fac5d21.js
Requested by
Host: amazon.o-w.dev
URL: https://amazon.o-w.dev/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.128.230 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
amazon.o-w.dev
Software
/
Resource Hash
3c014ddfa15bf6fdb63c76451f28c03e8cc2329e134ffab0438a27691fc56757
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://amazon.o-w.dev/main
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:16:40 GMT
content-encoding
br
x-content-type-options
nosniff
vary
Accept-Encoding
content-length
603161
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 14 Dec 2020 14:49:13 GMT
x-frame-options
SAMEORIGIN
etag
"5fd77b69-93419"
strict-transport-security
max-age=63072000; preload
content-type
application/javascript
access-control-allow-origin
*
x-server-id
amazon
cache-control
max-age=2592000
content-security-policy
default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
expires
Sat, 20 Feb 2021 16:16:40 GMT
main.ca4576d8171d901aa61c.js
amazon.o-w.dev/main/ 		1 MB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amazon.o-w.dev/main/main.ca4576d8171d901aa61c.js
Requested by
Host: amazon.o-w.dev
URL: https://amazon.o-w.dev/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.128.230 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
amazon.o-w.dev
Software
/
Resource Hash
9232e8b881048090c9b320de4054e5d5b4058471566c7066b4498a8a92483763
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://amazon.o-w.dev/main
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:16:40 GMT
content-encoding
br
x-content-type-options
nosniff
vary
Accept-Encoding
content-length
148259
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 14 Dec 2020 14:49:15 GMT
x-frame-options
SAMEORIGIN
etag
"5fd77b6b-24323"
strict-transport-security
max-age=63072000; preload
content-type
application/javascript
access-control-allow-origin
*
x-server-id
amazon
cache-control
max-age=2592000
content-security-policy
default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
expires
Sat, 20 Feb 2021 16:16:40 GMT
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f006c556c753a58b408277de14a33ffdc8a921625cd682042960de78c6df2552

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
logo.png
amazon.o-w.dev/main/assets/ui/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amazon.o-w.dev/main/assets/ui/logo.png?8c01c8f359e06e58eb31c4f4e50e1a4d
Requested by
Host: amazon.o-w.dev
URL: https://amazon.o-w.dev/main/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.128.230 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
amazon.o-w.dev
Software
/
Resource Hash
0d3d49265621629f1f2863aca0590815b32f2a52a93c825e797cb552b9afcd48
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://amazon.o-w.dev/main/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:16:40 GMT
x-content-type-options
nosniff
content-length
8823
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 14 Dec 2020 14:49:13 GMT
x-frame-options
SAMEORIGIN
etag
"5fd77b69-2277"
strict-transport-security
max-age=63072000; preload
content-type
image/png
access-control-allow-origin
*
x-server-id
amazon
cache-control
max-age=2592000
content-security-policy
default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
accept-ranges
bytes
expires
Sat, 20 Feb 2021 16:16:40 GMT
fa-solid-900.cc6067cc5b22c21d68c8.ttf
amazon.o-w.dev/main/assets/ 		260 KB
261 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://amazon.o-w.dev/main/assets/fa-solid-900.cc6067cc5b22c21d68c8.ttf
Requested by
Host: amazon.o-w.dev
URL: https://amazon.o-w.dev/main/styles.66b437fc037358ad0d6a.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.128.230 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
amazon.o-w.dev
Software
/
Resource Hash
8bf6f2a9a96860b52cf5eccf62bc91021a22ef08c3e9e7669f3ede013cf2f6cb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://amazon.o-w.dev
Referer
https://amazon.o-w.dev/main/styles.66b437fc037358ad0d6a.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:16:40 GMT
x-content-type-options
nosniff
content-length
265920
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 14 Dec 2020 14:49:13 GMT
x-frame-options
SAMEORIGIN
etag
"5fd77b69-40ec0"
strict-transport-security
max-age=63072000; preload
content-type
application/octet-stream
access-control-allow-origin
*
x-server-id
amazon
cache-control
max-age=2592000
content-security-policy
default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
accept-ranges
bytes
expires
Sat, 20 Feb 2021 16:16:40 GMT
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b86ca7249e6f28cc9af909dcc5501e67101273ff2a2a19c408779a0fbf27e733

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
build.txt
amazon.o-w.dev/main/ 		41 B
829 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amazon.o-w.dev/main/build.txt?timestamp=2021-01-21T17%3A16%3A40%2B01%3A00&isNotShowLoading=true
Requested by
Host: amazon.o-w.dev
URL: https://amazon.o-w.dev/main/polyfills.6c4dbe813f1ceb4d9fdf.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.128.230 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
amazon.o-w.dev
Software
/
Resource Hash
a2b57c579234a4593929e15b60b76ebce990255c7c7fc666e6f71b6a22029f21
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://amazon.o-w.dev/main/
X-FP
a41bfc696c03c0607e158e3ce03a8435
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 16:16:40 GMT
content-encoding
br
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Mon, 14 Dec 2020 14:49:14 GMT
x-frame-options
SAMEORIGIN
etag
W/"5fd77b6a-29"
strict-transport-security
max-age=63072000; preload
content-type
text/plain
access-control-allow-origin
*
x-server-id
amazon
cache-control
max-age=2592000
content-security-policy
default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
expires
Sat, 20 Feb 2021 16:16:40 GMT

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| webpackJsonp function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__fetch function| __zone_symbol__legacyPatch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched object| global object| process function| Odometer object| __zone_symbol__loadfalse function| __zone_symbol__ON_PROPERTYbeforeunload object| __zone_symbol__beforeunloadfalse function| flowplayer string| canSetCookie object| Phaser function| Hammer object| __zone_symbol__pagehidefalse object| ng object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__resizefalse object| __zone_symbol__orientationchangefalse object| AndroidBridge function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

1 Cookies

Domain/Path Name / Value
amazon.o-w.dev/ Name: cookie-set-test
Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' data: https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: https: 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' wss: https:; media-src 'self' wss: https: blob:; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://youtube.com/ https://www.youtube.com/;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazon.o-w.dev
168.119.128.230
08ae13eae594f2da4c8f3e8559fdb17a0ffc864013b37a8120e1f35968813402
0d3d49265621629f1f2863aca0590815b32f2a52a93c825e797cb552b9afcd48
284251027b26f2e7f68c4b69d2beba5c3a15e42b8ef013829ab974519616a3f2
36bed1afb942e1a1ccf9289287a8d688b88022ded38d05ec9e755ccc0745512b
3c014ddfa15bf6fdb63c76451f28c03e8cc2329e134ffab0438a27691fc56757
40ac872201520e5479afe341e87a40ba7485772bddbc457d098eb25e93fccb66
4611795c11e7d416d4904c677efeb9baf274fd3055e1f1da8611d6584ac7ab37
46b17c580c7dcadf0149f560a435fca2120f36e79f70dd8049f6be79417e0e29
50eb06c56dd8ee821008327278b9483229462c6682394a28c3c6c08cc37049d1
58012aa762968a676776982c0311e2cf1e5a9150f732ef2ba32faf5b8d99db7b
5aeaa311e928a35b19c2619b0331d4b856ba98449dadbe7b4cd71660344eb9b2
62ce7f90c1d50eef69617b1b27c1c6112ee4d6c765ff686b76a3431e1edd73b9
80908543aaab70b708de2231bc7ad7e3f128796427d252782310727c7dcc8279
8bf6f2a9a96860b52cf5eccf62bc91021a22ef08c3e9e7669f3ede013cf2f6cb
9232e8b881048090c9b320de4054e5d5b4058471566c7066b4498a8a92483763
a2b57c579234a4593929e15b60b76ebce990255c7c7fc666e6f71b6a22029f21
a7cd265a051426fbddc1756593c99941cc7735f89487c8e2fccce1b842c4fb5f
b86ca7249e6f28cc9af909dcc5501e67101273ff2a2a19c408779a0fbf27e733
bd19eef9cfc202f2058cd892cba96ffb854d4d2a79792521643c14181ce23393
e54394d433d536e833f07f932abf093afc2c83b3805cc006d55b0655d18e5859
f006c556c753a58b408277de14a33ffdc8a921625cd682042960de78c6df2552
ff4d5ed3265972ed63726198bed27ac8d4192d35be9d6d3ffcefdb23761cc9b1