indexo.dev

jazwares.de

.de user

First seen 2026-05-13 · Last seen 2026-05-13 · ok HTTP/1.1 200 98 ms crawled 2026-05-13

DE · 18.196.88.199 · AS16509 Amazon.com, Inc.

Reputation 100/100

sector entertainment type homepage

HTML metadata

Title
Jazwares
Description
Jazwares engages consumers through innovative play experiences with popular brands such as Squishmallows, Pokémon, Star Wars, CoComelon, Fortnite, AEW, Adopt Me!, Hello Kitty, and many more. In addition to toys, offerings also include Metaverse gaming, costumes, and products for pets.
Language
en

Open Graph

url
https://jazwares.com/
title
Jazwares | Action Figures | Kids Toys | Collectibles | Toys Online
site name
Jazwares
description
Jazwares engages consumers through innovative play experiences with popular brands such as Squishmallows, Pokémon, Star Wars, CoComelon, Fortnite, AEW, Adopt Me!, Hello Kitty, and many more. In addition to toys, offerings also include Metaverse gaming, costumes, and products for pets.

Technology

Server
nginx
Analytics
  • Google Tag Manager
Cookie consent
  • OneTrust

Third-party hosts loaded (6)

  • cdn.cookielaw.org×2
  • cdn.jsdelivr.net×2
  • 38c78ed23782.us-east-2.sdk.awswaf.com×1
  • cdnjs.cloudflare.com×1
  • code.jquery.com×1
  • www.googletagmanager.com×1

Registration

Updated
2024-01-05
Name servers
  • ns-1048.awsdns-03.org.
  • ns-1875.awsdns-42.co.uk.
  • ns-340.awsdns-42.com.
  • ns-532.awsdns-02.net.

DNS records live

NS
  • ns-1048.awsdns-03.org
  • ns-1875.awsdns-42.co.uk
  • ns-340.awsdns-42.com
  • ns-532.awsdns-02.net
Verified for
  • Google

Email authentication no MX

SPF
not published
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

Amazon RSA 2048 M01
from 2025-11-04 to 2026-12-04
Expires in 196 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://jazwares.de/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
Header values
referrer-policy
strict-origin
x-frame-options
SAMEORIGIN
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src 'self' https://cdn.userway.org/widgetapp/ https://privacyportal.onetrust.com/request/ https://analytics.google.com https://api.userway.org https://cdn.cookielaw.org https://geolocation.onetrust.com https://api.jazwares.de https://stats.g.doubleclick.net https://cdn77.api.userway.org/api/ https://www.google-analytics.com; font-src 'self' https://cdn.userway.org/widgetapp/bundles/ https://fonts.gstatic.com; img-src 'self' https://www.google-analytics.com/ https://cdn.cookielaw.org https://cdn.userway.org https://production-jazwares-de-db.s3.amazonaws.com/ https://production-jazwares-de-db.s3.us-east-2.amazonaws.com/; object-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://cdn.userway.org/widgetapp/ https://cdn.jsdelivr.net; frame-src 'self' https://cdn.userway.org/ https://www.google.com/ https://cdn.userway.org/widget/2023-06-30-08-16-58/en-US/index.html; form-action 'none'; base-uri 'self'; media-src 'self' https://
strict-transport-security
max-age=31536000

Links to (1)