urlscan.io logo urlscan.io
SecurityTrails logo

cs-assistant-fe.amazon.com
18.239.83.39  Public Scan Open in urlscan Pro

Go To Rescan Add Verdict Report
URL: https://cs-assistant-fe.amazon.com/ 4yr old
Submission Tags: falconsandbox
Submission: On September 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 13 HTTP transactions. The main IP is 18.239.83.39, located in United States and belongs to AMAZON-02, US. The main domain is cs-assistant-fe.amazon.com. 4yr old
TLS certificate: Issued by Amazon RSA 2048 M02 on April 19th 2024. Valid for: 1yr.
This is the only time cs-assistant-fe.amazon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 18.239.83.39 16509 (AMAZON-02)
5 2600:9000:223... 16509 (AMAZON-02)
1 18.246.98.11 16509 (AMAZON-02)
13 4
Apex Domain
Subdomains		 Transfer
5 media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 485 10yr old
756 KB
4 amazon.com
cs-assistant-fe.amazon.com 4yr old
7 KB
1 amzheimdall.com
fe.amzheimdall.com Failed 9yr old
13 3
Domain Requested by
5 m.media-amazon.com cs-assistant-fe.amazon.com
m.media-amazon.com
4 cs-assistant-fe.amazon.com
1 fe.amzheimdall.com
13 3

This site contains no links.

Subject Issuer Validity Valid
cs-assistant-fe.amazon.com
Amazon RSA 2048 M02		 2024-04-19 -
2025-05-18		 1yr crt.sh
images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2024-01-05 -
2024-12-08		 1yr crt.sh
fe.amzheimdall.com
Amazon RSA 2048 M01		 2024-01-18 -
2024-12-23		 1yr crt.sh

This page contains 1 frames:

Primary Page: https://cs-assistant-fe.amazon.com/
Frame ID: 657CA9FB09A5D8191A5761ED0EB6D424
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome To CS Assistant

Page Statistics

13
Requests

77 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

764 kB
Transfer

4731 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://cs-assistant-fe.amazon.com/home/api/access/restrictedFilters HTTP 302
  • https://fe.amzheimdall.com/login?clientId=CSTrebekHorizonteService-prod-fe&nonce=1%3AqA8RF_rJQRwK_q4pqXl4ZKsS6nMoerRg0VhAgB1yaRk&redirect_uri=https%3A%2F%2Fcs-assistant-fe.amazon.com%2Fauth%2Fsignin%3Fredirect%3D%252Fhome%252Fapi%252Faccess%252FrestrictedFilters
Request Chain 5
  • https://cs-assistant-fe.amazon.com/api/art/registered-weblabs?packageName=CSTrebekWebApp HTTP 302
  • https://fe.amzheimdall.com/login?clientId=CSTrebekHorizonteService-prod-fe&nonce=1%3A94mh0hODmrkfWOSTq_l-uxx6MF2COwsajO4FyxYk9fA&redirect_uri=https%3A%2F%2Fcs-assistant-fe.amazon.com%2Fauth%2Fsignin%3Fredirect%3D%252Fapi%252Fart%252Fregistered-weblabs%253FpackageName%253DCSTrebekWebApp
Request Chain 7
  • https://cs-assistant-fe.amazon.com/favicon.ico HTTP 302
  • https://fe.amzheimdall.com/login?clientId=CSTrebekHorizonteService-prod-fe&nonce=1%3A_l0eEPzfDdMIPcptaTxxydhY80AmqDrgIaw_11XXxEc&redirect_uri=https%3A%2F%2Fcs-assistant-fe.amazon.com%2Fauth%2Fsignin%3Fredirect%3D%252F404

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cs-assistant-fe.amazon.com/ 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-assistant-fe.amazon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-39.ams58.r.cloudfront.net
Software
Server /
Resource Hash
c460b4188bac282df350afe64c4a3aae6bdb2d56a3ff87368a0b1c0ccc0a598c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://prod.aviary.cs.amazon.dev https://onebox.aviary.cs.amazon.dev https://cs-assistant-na.amazon.com https://cs-assistant-eu.amazon.com https://cs-assistant-fe.amazon.com https://prod.cs-assistant.cs.a2z.org.cn https://cs-assistant-na-preprod.iad.xcorp.amazon.com https://cs-assistant-eu-preprod.dub.xcorp.amazon.com https://cs-assistant-fe-preprod.pdx.xcorp.amazon.com https://gamma.cs-assistant.cs.a2z.org.cn https://gamma.aviary.cs.amazon.dev https://beta.aviary.cs.amazon.dev https://local.aviary.cs.amazon.dev https://qa.aviary.cs.amazon.dev http://local-development.testing.aviary.cs.amazon.dev http://beta-development.testing.aviary.cs.amazon.dev http://gamma-development.testing.aviary.cs.amazon.dev http://prod-development.testing.aviary.cs.amazon.dev https://local-release.testing.aviary.cs.amazon.dev https://beta-release.testing.aviary.cs.amazon.dev https://gamma-release.testing.aviary.cs.amazon.dev https://prod-release.testing.aviary.cs.amazon.dev
Strict-Transport-Security max-age=47474747; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-language
de-DE
content-security-policy
frame-ancestors 'self' https://prod.aviary.cs.amazon.dev https://onebox.aviary.cs.amazon.dev https://cs-assistant-na.amazon.com https://cs-assistant-eu.amazon.com https://cs-assistant-fe.amazon.com https://prod.cs-assistant.cs.a2z.org.cn https://cs-assistant-na-preprod.iad.xcorp.amazon.com https://cs-assistant-eu-preprod.dub.xcorp.amazon.com https://cs-assistant-fe-preprod.pdx.xcorp.amazon.com https://gamma.cs-assistant.cs.a2z.org.cn https://gamma.aviary.cs.amazon.dev https://beta.aviary.cs.amazon.dev https://local.aviary.cs.amazon.dev https://qa.aviary.cs.amazon.dev http://local-development.testing.aviary.cs.amazon.dev http://beta-development.testing.aviary.cs.amazon.dev http://gamma-development.testing.aviary.cs.amazon.dev http://prod-development.testing.aviary.cs.amazon.dev https://local-release.testing.aviary.cs.amazon.dev https://beta-release.testing.aviary.cs.amazon.dev https://gamma-release.testing.aviary.cs.amazon.dev https://prod-release.testing.aviary.cs.amazon.dev
content-security-policy-report-only
default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=A1VC38T7YXB528:sid=123-456-7890:rid=15572QSSN3Y25ZW9AAXQ:sn=cs-assistant-fe.amazon.com
content-type
text/html;charset=UTF-8
date
Fri, 20 Sep 2024 21:49:20 GMT
server
Server
strict-transport-security
max-age=47474747; includeSubDomains; preload
vary
Content-Type,Accept-Encoding,User-Agent
via
1.1 ef04b5bd9d63162000acde84eaab4f9a.cloudfront.net (CloudFront)
x-amz-cf-id
5pGgODKoUb_KeqUszvtueUuRp1BUm3R2unAxBuA_GzL0tb6e6mtwaw==
x-amz-cf-pop
AMS58-P5
x-amz-rid
15572QSSN3Y25ZW9AAXQ
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
A1FJ2-PqnEL.css
m.media-amazon.com/images/I/ 		1 MB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m.media-amazon.com/images/I/A1FJ2-PqnEL.css
Requested by
Host: cs-assistant-fe.amazon.com
URL: https://cs-assistant-fe.amazon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3a00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
44822afddd1ae16b59563c71b7eb0060441bce58999068d9d096e6c330bcaecc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://cs-assistant-fe.amazon.com/

Response headers

x-amz-ir-id
230b16a2-0bb8-4f0b-97df-c7d70102544f
surrogate-key
x-cache-245 /images/I/A1FJ2-PqnEL
content-encoding
br
age
987105
expires
Sun, 04 Sep 2044 11:37:23 GMT
alt-svc
h3=":443"; ma=86400
server-timing
provider;desc="cf"
x-cache
Hit from cloudfront
x-amz-cf-id
8L0egWfpRwwCEuENzISEx-xcVAqKZtoWplEkzaImuifsXy1tSbDvhw==
date
Mon, 09 Sep 2024 11:37:23 GMT
content-type
text/css
last-modified
Mon, 09 Sep 2024 08:03:03 GMT
x-nginx-cache-status
HIT
edge-cache-tag
x-cache-245,/images/I/A1FJ2-PqnEL
cache-control
max-age=630720000,public
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P4
server
Server
01iqYBu5bAL.js
m.media-amazon.com/images/I/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.media-amazon.com/images/I/01iqYBu5bAL.js
Requested by
Host: cs-assistant-fe.amazon.com
URL: https://cs-assistant-fe.amazon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3a00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
7bcf35d2fe2eb8d7e777e6829177133f432a46339f25cfff3c63d99be35fcbe0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://cs-assistant-fe.amazon.com
Referer
https://cs-assistant-fe.amazon.com/

Response headers

x-amz-ir-id
d70d7dee-909a-4f5c-b55c-8c0252a1fcbb
surrogate-key
x-cache-593 /images/I/01iqYBu5bAL
content-encoding
gzip
age
10146375
expires
Sat, 21 May 2044 11:23:06 GMT
alt-svc
h3=":443"; ma=86400
server-timing
provider;desc="cf"
x-cache
Hit from cloudfront
x-amz-cf-id
rm36KHKVPEKlPMxNktmO9lRkbOOz5sb_Sn594_8ILhAS5yp0udm69Q==
date
Sun, 26 May 2024 11:23:06 GMT
content-type
application/x-javascript
last-modified
Thu, 06 Aug 2020 21:32:03 GMT
x-nginx-cache-status
MISS
edge-cache-tag
x-cache-593,/images/I/01iqYBu5bAL
cache-control
max-age=630720000,public
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P4
server
Server
B15sglq7kxL.js
m.media-amazon.com/images/I/ 		3 MB
536 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.media-amazon.com/images/I/B15sglq7kxL.js
Requested by
Host: cs-assistant-fe.amazon.com
URL: https://cs-assistant-fe.amazon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3a00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
6895a3b451e51b131ad9915347541c48de5bddcea712df129e0b49cc28856734

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://cs-assistant-fe.amazon.com
Referer
https://cs-assistant-fe.amazon.com/

Response headers

x-amz-ir-id
f3914ed8-42fd-46a1-8466-8d46042b0f23
surrogate-key
x-cache-773 /images/I/B15sglq7kxL
content-encoding
br
age
724291
expires
Wed, 07 Sep 2044 12:37:24 GMT
alt-svc
h3=":443"; ma=86400
server-timing
provider;desc="cf"
x-cache
Hit from cloudfront
x-amz-cf-id
1O3CvwO6i1w3EwNfivikVtcnMHKi899O40eLqYK5HJnUumOcPP36RQ==
date
Thu, 12 Sep 2024 12:37:24 GMT
content-type
application/x-javascript
last-modified
Thu, 12 Sep 2024 11:24:42 GMT
x-nginx-cache-status
HIT
edge-cache-tag
x-cache-773,/images/I/B15sglq7kxL
cache-control
max-age=630720000,public
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P4
server
Server
91J6T6A5lIL.js
m.media-amazon.com/images/I/ 		729 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.media-amazon.com/images/I/91J6T6A5lIL.js
Requested by
Host: cs-assistant-fe.amazon.com
URL: https://cs-assistant-fe.amazon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3a00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
7fcdf2dfb71c91ae58cc5a8d0113a176c07da2423af00c76333cebf071c79421

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://cs-assistant-fe.amazon.com
Referer
https://cs-assistant-fe.amazon.com/

Response headers

x-amz-ir-id
6803caff-b40b-42ae-aa15-cedc42dbe594
surrogate-key
x-cache-654 /images/I/91J6T6A5lIL
content-encoding
br
age
724293
expires
Wed, 07 Sep 2044 12:37:24 GMT
alt-svc
h3=":443"; ma=86400
server-timing
provider;desc="cf"
x-cache
Hit from cloudfront
x-amz-cf-id
70JWln2quEcw4cIqIKkJ8xt-hVpn0CIxzC3EsYlyttATyk7o6Qhceg==
date
Thu, 12 Sep 2024 12:37:24 GMT
content-type
application/x-javascript
last-modified
Thu, 12 Sep 2024 11:25:13 GMT
x-nginx-cache-status
HIT
edge-cache-tag
x-cache-654,/images/I/91J6T6A5lIL
cache-control
max-age=630720000,public
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P4
server
Server
login
fe.amzheimdall.com/
Redirect Chain
  • https://cs-assistant-fe.amazon.com/home/api/access/restrictedFilters
  • https://fe.amzheimdall.com/login?clientId=CSTrebekHorizonteService-prod-fe&nonce=1%3AqA8RF_rJQRwK_q4pqXl4ZKsS6nMoerRg0VhAgB1yaRk&redirect_uri=https%3A%2F%2Fcs-assistant-fe.amazon.com%2Fauth%2Fsigni...
0
0
login
fe.amzheimdall.com/
Redirect Chain
  • https://cs-assistant-fe.amazon.com/api/art/registered-weblabs?packageName=CSTrebekWebApp
  • https://fe.amzheimdall.com/login?clientId=CSTrebekHorizonteService-prod-fe&nonce=1%3A94mh0hODmrkfWOSTq_l-uxx6MF2COwsajO4FyxYk9fA&redirect_uri=https%3A%2F%2Fcs-assistant-fe.amazon.com%2Fauth%2Fsigni...
0
0
51uCzrK+p4L.png
m.media-amazon.com/images/I/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/51uCzrK+p4L.png
Requested by
Host: m.media-amazon.com
URL: https://m.media-amazon.com/images/I/A1FJ2-PqnEL.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3a00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
0218668a3637f67d8a9b264de6494c00f30e3c38ef9e9889d30cc2335a937a1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://m.media-amazon.com/images/I/A1FJ2-PqnEL.css

Response headers

x-amz-ir-id
3c643d40-2b46-4c9b-b981-3e97ef260424
surrogate-key
x-cache-483 /images/I/51uCzrK+p4L
age
21335716
expires
Mon, 21 Dec 2043 17:52:59 GMT
alt-svc
h3=":443"; ma=86400
server-timing
provider;desc="cf"
x-cache
Hit from cloudfront
x-amz-cf-id
kRdj6_XhTTchNsgk9eyMxjb5p0PUw-DaHP1oNFjMHP7Kctvhi69bVQ==
date
Tue, 26 Dec 2023 17:52:59 GMT
content-type
image/png
last-modified
Fri, 23 Sep 2022 17:17:00 GMT
x-nginx-cache-status
HIT
edge-cache-tag
x-cache-483,/images/I/51uCzrK+p4L
cache-control
max-age=630720000,public
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
58257
x-amz-cf-pop
FRA56-P4
server
Server
login
fe.amzheimdall.com/
Redirect Chain
  • https://cs-assistant-fe.amazon.com/favicon.ico
  • https://fe.amzheimdall.com/login?clientId=CSTrebekHorizonteService-prod-fe&nonce=1%3A_l0eEPzfDdMIPcptaTxxydhY80AmqDrgIaw_11XXxEc&redirect_uri=https%3A%2F%2Fcs-assistant-fe.amazon.com%2Fauth%2Fsigni...
0
0
mid=A1VC38T7YXB528:sid=123-456-7890:rid=15572QSSN3Y25ZW9AAXQ:sn=cs-assistant-fe.amazon.com
cs-assistant-fe.amazon.com/1/batch/2/OE/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cs-assistant-fe.amazon.com/1/batch/2/OE/mid=A1VC38T7YXB528:sid=123-456-7890:rid=15572QSSN3Y25ZW9AAXQ:sn=cs-assistant-fe.amazon.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-39.ams58.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://prod.aviary.cs.amazon.dev https://onebox.aviary.cs.amazon.dev https://cs-assistant-na.amazon.com https://cs-assistant-eu.amazon.com https://cs-assistant-fe.amazon.com https://prod.cs-assistant.cs.a2z.org.cn https://cs-assistant-na-preprod.iad.xcorp.amazon.com https://cs-assistant-eu-preprod.dub.xcorp.amazon.com https://cs-assistant-fe-preprod.pdx.xcorp.amazon.com https://gamma.cs-assistant.cs.a2z.org.cn https://gamma.aviary.cs.amazon.dev https://beta.aviary.cs.amazon.dev https://local.aviary.cs.amazon.dev https://qa.aviary.cs.amazon.dev http://local-development.testing.aviary.cs.amazon.dev http://beta-development.testing.aviary.cs.amazon.dev http://gamma-development.testing.aviary.cs.amazon.dev http://prod-development.testing.aviary.cs.amazon.dev https://local-release.testing.aviary.cs.amazon.dev https://beta-release.testing.aviary.cs.amazon.dev https://gamma-release.testing.aviary.cs.amazon.dev https://prod-release.testing.aviary.cs.amazon.dev
Strict-Transport-Security max-age=47474747; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/csp-report
Referer
https://cs-assistant-fe.amazon.com/

Response headers

x-content-type-options
nosniff
x-cache
Error from cloudfront
x-amz-cf-id
XrvDE8A5tsJWli362JQEMNCP0u8WRn46nNV76C786xKwkB3TM7xkxQ==
date
Fri, 20 Sep 2024 21:49:21 GMT
vary
Content-Type,Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=47474747; includeSubDomains; preload
content-security-policy
frame-ancestors 'self' https://prod.aviary.cs.amazon.dev https://onebox.aviary.cs.amazon.dev https://cs-assistant-na.amazon.com https://cs-assistant-eu.amazon.com https://cs-assistant-fe.amazon.com https://prod.cs-assistant.cs.a2z.org.cn https://cs-assistant-na-preprod.iad.xcorp.amazon.com https://cs-assistant-eu-preprod.dub.xcorp.amazon.com https://cs-assistant-fe-preprod.pdx.xcorp.amazon.com https://gamma.cs-assistant.cs.a2z.org.cn https://gamma.aviary.cs.amazon.dev https://beta.aviary.cs.amazon.dev https://local.aviary.cs.amazon.dev https://qa.aviary.cs.amazon.dev http://local-development.testing.aviary.cs.amazon.dev http://beta-development.testing.aviary.cs.amazon.dev http://gamma-development.testing.aviary.cs.amazon.dev http://prod-development.testing.aviary.cs.amazon.dev https://local-release.testing.aviary.cs.amazon.dev https://beta-release.testing.aviary.cs.amazon.dev https://gamma-release.testing.aviary.cs.amazon.dev https://prod-release.testing.aviary.cs.amazon.dev
content-security-policy-report-only
default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=A1VC38T7YXB528:sid=123-456-7890:rid=ZRGA7BTQ70RB0BRAZPMV:sn=cs-assistant-fe.amazon.com
via
1.1 ef04b5bd9d63162000acde84eaab4f9a.cloudfront.net (CloudFront)
x-amz-rid
ZRGA7BTQ70RB0BRAZPMV
content-length
0
x-xss-protection
1; mode=block
content-language
de-DE
x-amz-cf-pop
AMS58-P5
server
Server
mid=A1VC38T7YXB528:sid=123-456-7890:rid=15572QSSN3Y25ZW9AAXQ:sn=cs-assistant-fe.amazon.com
cs-assistant-fe.amazon.com/1/batch/2/OE/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cs-assistant-fe.amazon.com/1/batch/2/OE/mid=A1VC38T7YXB528:sid=123-456-7890:rid=15572QSSN3Y25ZW9AAXQ:sn=cs-assistant-fe.amazon.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-39.ams58.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://prod.aviary.cs.amazon.dev https://onebox.aviary.cs.amazon.dev https://cs-assistant-na.amazon.com https://cs-assistant-eu.amazon.com https://cs-assistant-fe.amazon.com https://prod.cs-assistant.cs.a2z.org.cn https://cs-assistant-na-preprod.iad.xcorp.amazon.com https://cs-assistant-eu-preprod.dub.xcorp.amazon.com https://cs-assistant-fe-preprod.pdx.xcorp.amazon.com https://gamma.cs-assistant.cs.a2z.org.cn https://gamma.aviary.cs.amazon.dev https://beta.aviary.cs.amazon.dev https://local.aviary.cs.amazon.dev https://qa.aviary.cs.amazon.dev http://local-development.testing.aviary.cs.amazon.dev http://beta-development.testing.aviary.cs.amazon.dev http://gamma-development.testing.aviary.cs.amazon.dev http://prod-development.testing.aviary.cs.amazon.dev https://local-release.testing.aviary.cs.amazon.dev https://beta-release.testing.aviary.cs.amazon.dev https://gamma-release.testing.aviary.cs.amazon.dev https://prod-release.testing.aviary.cs.amazon.dev
Strict-Transport-Security max-age=47474747; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/csp-report
Referer
https://cs-assistant-fe.amazon.com/

Response headers

x-content-type-options
nosniff
x-cache
Error from cloudfront
x-amz-cf-id
AisX7vyEkIKzmGg3ZnSoH_vtLcfW45qrbxPAlTOdh9UzcLxohTCwYA==
date
Fri, 20 Sep 2024 21:49:21 GMT
vary
Content-Type,Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=47474747; includeSubDomains; preload
content-security-policy
frame-ancestors 'self' https://prod.aviary.cs.amazon.dev https://onebox.aviary.cs.amazon.dev https://cs-assistant-na.amazon.com https://cs-assistant-eu.amazon.com https://cs-assistant-fe.amazon.com https://prod.cs-assistant.cs.a2z.org.cn https://cs-assistant-na-preprod.iad.xcorp.amazon.com https://cs-assistant-eu-preprod.dub.xcorp.amazon.com https://cs-assistant-fe-preprod.pdx.xcorp.amazon.com https://gamma.cs-assistant.cs.a2z.org.cn https://gamma.aviary.cs.amazon.dev https://beta.aviary.cs.amazon.dev https://local.aviary.cs.amazon.dev https://qa.aviary.cs.amazon.dev http://local-development.testing.aviary.cs.amazon.dev http://beta-development.testing.aviary.cs.amazon.dev http://gamma-development.testing.aviary.cs.amazon.dev http://prod-development.testing.aviary.cs.amazon.dev https://local-release.testing.aviary.cs.amazon.dev https://beta-release.testing.aviary.cs.amazon.dev https://gamma-release.testing.aviary.cs.amazon.dev https://prod-release.testing.aviary.cs.amazon.dev
content-security-policy-report-only
default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=A1VC38T7YXB528:sid=123-456-7890:rid=ZP0D1CS16P7V9MZQHD7H:sn=cs-assistant-fe.amazon.com
via
1.1 ef04b5bd9d63162000acde84eaab4f9a.cloudfront.net (CloudFront)
x-amz-rid
ZP0D1CS16P7V9MZQHD7H
content-length
0
x-xss-protection
1; mode=block
content-language
de-DE
x-amz-cf-pop
AMS58-P5
server
Server
login
fe.amzheimdall.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fe.amzheimdall.com/login?clientId=CSTrebekHorizonteService-prod-fe&nonce=1%3A94mh0hODmrkfWOSTq_l-uxx6MF2COwsajO4FyxYk9fA&redirect_uri=https%3A%2F%2Fcs-assistant-fe.amazon.com%2Fauth%2Fsignin%3Fredirect%3D%252Fapi%252Fart%252Fregistered-weblabs%253FpackageName%253DCSTrebekWebApp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.246.98.11 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-246-98-11.us-west-2.compute.amazonaws.com
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-art-registered-weblabs
Access-Control-Request-Method
GET
Origin
https://cs-assistant-fe.amazon.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Security-Policy-Report-Only
default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=staticSessionId:rid=1Z7SBZ7CYNX7QQ9NCY21:sn=fe.amzheimdall.com
Date
Fri, 20 Sep 2024 21:49:22 GMT
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Origin,Content-Type,Accept-Encoding,User-Agent
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
x-amz-rid
1Z7SBZ7CYNX7QQ9NCY21
mid=A1VC38T7YXB528:sid=123-456-7890:rid=15572QSSN3Y25ZW9AAXQ:sn=cs-assistant-fe.amazon.com
cs-assistant-fe.amazon.com/1/batch/2/OE/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cs-assistant-fe.amazon.com/1/batch/2/OE/mid=A1VC38T7YXB528:sid=123-456-7890:rid=15572QSSN3Y25ZW9AAXQ:sn=cs-assistant-fe.amazon.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-39.ams58.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://prod.aviary.cs.amazon.dev https://onebox.aviary.cs.amazon.dev https://cs-assistant-na.amazon.com https://cs-assistant-eu.amazon.com https://cs-assistant-fe.amazon.com https://prod.cs-assistant.cs.a2z.org.cn https://cs-assistant-na-preprod.iad.xcorp.amazon.com https://cs-assistant-eu-preprod.dub.xcorp.amazon.com https://cs-assistant-fe-preprod.pdx.xcorp.amazon.com https://gamma.cs-assistant.cs.a2z.org.cn https://gamma.aviary.cs.amazon.dev https://beta.aviary.cs.amazon.dev https://local.aviary.cs.amazon.dev https://qa.aviary.cs.amazon.dev http://local-development.testing.aviary.cs.amazon.dev http://beta-development.testing.aviary.cs.amazon.dev http://gamma-development.testing.aviary.cs.amazon.dev http://prod-development.testing.aviary.cs.amazon.dev https://local-release.testing.aviary.cs.amazon.dev https://beta-release.testing.aviary.cs.amazon.dev https://gamma-release.testing.aviary.cs.amazon.dev https://prod-release.testing.aviary.cs.amazon.dev
Strict-Transport-Security max-age=47474747; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/csp-report
Referer
https://cs-assistant-fe.amazon.com/

Response headers

x-content-type-options
nosniff
x-cache
Error from cloudfront
x-amz-cf-id
6wZGLiHLIopMQJZ4I1X6XwSvUDpGYiKs5nQI431icB5XuhdHvB5Tmg==
date
Fri, 20 Sep 2024 21:49:21 GMT
vary
Content-Type,Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=47474747; includeSubDomains; preload
content-security-policy
frame-ancestors 'self' https://prod.aviary.cs.amazon.dev https://onebox.aviary.cs.amazon.dev https://cs-assistant-na.amazon.com https://cs-assistant-eu.amazon.com https://cs-assistant-fe.amazon.com https://prod.cs-assistant.cs.a2z.org.cn https://cs-assistant-na-preprod.iad.xcorp.amazon.com https://cs-assistant-eu-preprod.dub.xcorp.amazon.com https://cs-assistant-fe-preprod.pdx.xcorp.amazon.com https://gamma.cs-assistant.cs.a2z.org.cn https://gamma.aviary.cs.amazon.dev https://beta.aviary.cs.amazon.dev https://local.aviary.cs.amazon.dev https://qa.aviary.cs.amazon.dev http://local-development.testing.aviary.cs.amazon.dev http://beta-development.testing.aviary.cs.amazon.dev http://gamma-development.testing.aviary.cs.amazon.dev http://prod-development.testing.aviary.cs.amazon.dev https://local-release.testing.aviary.cs.amazon.dev https://beta-release.testing.aviary.cs.amazon.dev https://gamma-release.testing.aviary.cs.amazon.dev https://prod-release.testing.aviary.cs.amazon.dev
content-security-policy-report-only
default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=A1VC38T7YXB528:sid=123-456-7890:rid=ZSNYJ7ZVJAP7GPR2PTT9:sn=cs-assistant-fe.amazon.com
via
1.1 ef04b5bd9d63162000acde84eaab4f9a.cloudfront.net (CloudFront)
x-amz-rid
ZSNYJ7ZVJAP7GPR2PTT9
content-length
0
x-xss-protection
1; mode=block
content-language
de-DE
x-amz-cf-pop
AMS58-P5
server
Server

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fe.amzheimdall.com
URL
https://fe.amzheimdall.com/login?clientId=CSTrebekHorizonteService-prod-fe&nonce=1%3AqA8RF_rJQRwK_q4pqXl4ZKsS6nMoerRg0VhAgB1yaRk&redirect_uri=https%3A%2F%2Fcs-assistant-fe.amazon.com%2Fauth%2Fsignin%3Fredirect%3D%252Fhome%252Fapi%252Faccess%252FrestrictedFilters
Domain
fe.amzheimdall.com
URL
https://fe.amzheimdall.com/login?clientId=CSTrebekHorizonteService-prod-fe&nonce=1%3A94mh0hODmrkfWOSTq_l-uxx6MF2COwsajO4FyxYk9fA&redirect_uri=https%3A%2F%2Fcs-assistant-fe.amazon.com%2Fauth%2Fsignin%3Fredirect%3D%252Fapi%252Fart%252Fregistered-weblabs%253FpackageName%253DCSTrebekWebApp
Domain
fe.amzheimdall.com
URL
https://fe.amzheimdall.com/login?clientId=CSTrebekHorizonteService-prod-fe&nonce=1%3A_l0eEPzfDdMIPcptaTxxydhY80AmqDrgIaw_11XXxEc&redirect_uri=https%3A%2F%2Fcs-assistant-fe.amazon.com%2Fauth%2Fsignin%3Fredirect%3D%252F404

Verdicts & Comments Add Verdict or Comment

10 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| opConfig object| webpackManifest_CSTrebekWebApp object| webpackJsonp object| __ConsoleLogMetricsModule object| __MetricsModule object| __ConsoleLoggerModule object| awsuiVersions function| setImmediate function| clearImmediate object| __LoggerModule

2 Cookies

Domain/Path Name / Value
cs-assistant-fe.amazon.com/ Name: JSESSIONID
Value: 8A0F3918BF55D8AF1C1183CD4BC1EF4F
cs-assistant-fe.amazon.com/ Name: cstrebek-session
Value: RohL6F1vd_MG2V4REzmE7JKyBNNA43d9r1jCaF0WTew

10 Console Messages

Source Level URL
Text
security error URL: https://cs-assistant-fe.amazon.com/
Message:
[Report Only] Refused to connect to 'https://fe.amzheimdall.com/login?clientId=CSTrebekHorizonteService-prod-fe&nonce=1%3AqA8RF_rJQRwK_q4pqXl4ZKsS6nMoerRg0VhAgB1yaRk&redirect_uri=https%3A%2F%2Fcs-assistant-fe.amazon.com%2Fauth%2Fsignin%3Fredirect%3D%252Fhome%252Fapi%252Faccess%252FrestrictedFilters' because it violates the following Content Security Policy directive: "default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://cs-assistant-fe.amazon.com/
Message:
[Report Only] Refused to connect to 'https://fe.amzheimdall.com/login?clientId=CSTrebekHorizonteService-prod-fe&nonce=1%3A94mh0hODmrkfWOSTq_l-uxx6MF2COwsajO4FyxYk9fA&redirect_uri=https%3A%2F%2Fcs-assistant-fe.amazon.com%2Fauth%2Fsignin%3Fredirect%3D%252Fapi%252Fart%252Fregistered-weblabs%253FpackageName%253DCSTrebekWebApp' because it violates the following Content Security Policy directive: "default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
network error URL: https://cs-assistant-fe.amazon.com/1/batch/2/OE/mid=A1VC38T7YXB528:sid=123-456-7890:rid=15572QSSN3Y25ZW9AAXQ:sn=cs-assistant-fe.amazon.com
Message:
Failed to load resource: the server responded with a status of 401 ()
security error URL: https://cs-assistant-fe.amazon.com/
Message:
[Report Only] Refused to load the image 'https://fe.amzheimdall.com/login?clientId=CSTrebekHorizonteService-prod-fe&nonce=1%3A_l0eEPzfDdMIPcptaTxxydhY80AmqDrgIaw_11XXxEc&redirect_uri=https%3A%2F%2Fcs-assistant-fe.amazon.com%2Fauth%2Fsignin%3Fredirect%3D%252F404' because it violates the following Content Security Policy directive: "default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
network error URL: https://cs-assistant-fe.amazon.com/1/batch/2/OE/mid=A1VC38T7YXB528:sid=123-456-7890:rid=15572QSSN3Y25ZW9AAXQ:sn=cs-assistant-fe.amazon.com
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://cs-assistant-fe.amazon.com/1/batch/2/OE/mid=A1VC38T7YXB528:sid=123-456-7890:rid=15572QSSN3Y25ZW9AAXQ:sn=cs-assistant-fe.amazon.com
Message:
Failed to load resource: the server responded with a status of 401 ()
javascript error URL: https://cs-assistant-fe.amazon.com/
Message:
Access to fetch at 'https://fe.amzheimdall.com/login?clientId=CSTrebekHorizonteService-prod-fe&nonce=1%3A94mh0hODmrkfWOSTq_l-uxx6MF2COwsajO4FyxYk9fA&redirect_uri=https%3A%2F%2Fcs-assistant-fe.amazon.com%2Fauth%2Fsignin%3Fredirect%3D%252Fapi%252Fart%252Fregistered-weblabs%253FpackageName%253DCSTrebekWebApp' (redirected from 'https://cs-assistant-fe.amazon.com/api/art/registered-weblabs?packageName=CSTrebekWebApp') from origin 'https://cs-assistant-fe.amazon.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://fe.amzheimdall.com/login?clientId=CSTrebekHorizonteService-prod-fe&nonce=1%3A94mh0hODmrkfWOSTq_l-uxx6MF2COwsajO4FyxYk9fA&redirect_uri=https%3A%2F%2Fcs-assistant-fe.amazon.com%2Fauth%2Fsignin%3Fredirect%3D%252Fapi%252Fart%252Fregistered-weblabs%253FpackageName%253DCSTrebekWebApp
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://cs-assistant-fe.amazon.com/
Message:
Access to XMLHttpRequest at 'https://fe.amzheimdall.com/login?clientId=CSTrebekHorizonteService-prod-fe&nonce=1%3AqA8RF_rJQRwK_q4pqXl4ZKsS6nMoerRg0VhAgB1yaRk&redirect_uri=https%3A%2F%2Fcs-assistant-fe.amazon.com%2Fauth%2Fsignin%3Fredirect%3D%252Fhome%252Fapi%252Faccess%252FrestrictedFilters' (redirected from 'https://cs-assistant-fe.amazon.com/home/api/access/restrictedFilters') from origin 'https://cs-assistant-fe.amazon.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://fe.amzheimdall.com/login?clientId=CSTrebekHorizonteService-prod-fe&nonce=1%3AqA8RF_rJQRwK_q4pqXl4ZKsS6nMoerRg0VhAgB1yaRk&redirect_uri=https%3A%2F%2Fcs-assistant-fe.amazon.com%2Fauth%2Fsignin%3Fredirect%3D%252Fhome%252Fapi%252Faccess%252FrestrictedFilters
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://prod.aviary.cs.amazon.dev https://onebox.aviary.cs.amazon.dev https://cs-assistant-na.amazon.com https://cs-assistant-eu.amazon.com https://cs-assistant-fe.amazon.com https://prod.cs-assistant.cs.a2z.org.cn https://cs-assistant-na-preprod.iad.xcorp.amazon.com https://cs-assistant-eu-preprod.dub.xcorp.amazon.com https://cs-assistant-fe-preprod.pdx.xcorp.amazon.com https://gamma.cs-assistant.cs.a2z.org.cn https://gamma.aviary.cs.amazon.dev https://beta.aviary.cs.amazon.dev https://local.aviary.cs.amazon.dev https://qa.aviary.cs.amazon.dev http://local-development.testing.aviary.cs.amazon.dev http://beta-development.testing.aviary.cs.amazon.dev http://gamma-development.testing.aviary.cs.amazon.dev http://prod-development.testing.aviary.cs.amazon.dev https://local-release.testing.aviary.cs.amazon.dev https://beta-release.testing.aviary.cs.amazon.dev https://gamma-release.testing.aviary.cs.amazon.dev https://prod-release.testing.aviary.cs.amazon.dev
Strict-Transport-Security max-age=47474747; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block