URL: http://nynjstadium.com/
Submission: On February 11 via api from BE — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 3.33.152.147, located in United States and belongs to AMAZON-02, US. The main domain is nynjstadium.com.
This is the only time nynjstadium.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3.33.152.147 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2
Apex Domain
Subdomains
Transfer
1 metlifestadium.com
www.metlifestadium.com — Cisco Umbrella Rank: 495101
1 nynjstadium.com
nynjstadium.com
577 B
2 2
Domain Requested by
1 www.metlifestadium.com nynjstadium.com
1 nynjstadium.com
2 2

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-08 -
2024-07-06
a year crt.sh

This page contains 2 frames:

Primary Page: http://nynjstadium.com/
Frame ID: 1D7E2E48E1952AA5C31877DFB683109D
Requests: 1 HTTP requests in this frame

Frame: https://www.metlifestadium.com/
Frame ID: 88A435CD1FC25C8825131DE8EBE341D0
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

** MetLife Stadium **

Page Statistics

2
Requests

50 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1 kB
Transfer

0 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
nynjstadium.com/
333 B
577 B
Document

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
333
Content-Type
text/html; charset=utf-8
Date
Sun, 11 Feb 2024 19:15:15 GMT
Server
ip-100-74-3-15.eu-west-2.compute.internal
X-Request-Id
3b5efd45-17eb-41e2-b44c-bda0959f96ea
/
www.metlifestadium.com/ Frame 88A4
0
0
Document
General
Full URL
https://www.metlifestadium.com/
Requested by
Host: nynjstadium.com
URL: http://nynjstadium.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://api-gateway.mappedin.com https://mappedin-web-load.mappedin.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://submit.jotform.com https://cdn.jotfor.ms https://cdn01.jotfor.ms https://cdn02.jotfor.ms https://cdn03.jotfor.ms www.jotform.com https://www.googletagmanager.com/ https://s7.addthis.com/ *.satis.fi *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org phmc.myloancare.com https://widget.intercom.io/ https://js.intercomcdn.com https://birdeye.com/ http://www.nmlsconsumeraccess.org https://d1p5cqqchvbqmy.cloudfront.net https://d2zi7r1qsrih6r.cloudfront.net *.blob.core.windows.net; style-src 'self' 'unsafe-inline' https://cdn.jotfor.ms https://cdn01.jotfor.ms https://cdn02.jotfor.ms https://cdn03.jotfor.ms *.satis.fi *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com phmc.myloancare.com http://www.nmlsconsumeraccess.org https://d1p5cqqchvbqmy.cloudfront.net; font-src 'self' https://cdn.jotfor.ms https://prod-satisfilabs-resources-gcs.satis.fi/ fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://js.intercomcdn.com/ https://birdeye.com/ https://d1p5cqqchvbqmy.cloudfront.net; img-src 'self' https://files.jotform.com https://events.jotform.com https://www.jotform.com https://www.metlifestadium.com https://cdn.jotfor.ms https://cdn01.jotfor.ms https://cdn02.jotfor.ms https://cdn03.jotfor.ms https://prod-satisfilabs-resources-gcs.satis.fi https://cms.metlifestadium.com https://mipubapistorageprod.blob.core.windows.net *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com phmc.myloancare.com https://static.intercomassets.com https://birdeye.com/ https://cdn.mappedin.com; media-src 'self' data: blob:; child-src 'self' https://submit.jotform.com https://metlife.skywayvr.com/ *.satis.fi https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com phmc.myloancare.com; connect-src 'self' https://api.jotform.com *.mappedin.com *.satis.fi https://d2zi7r1qsrih6r.cloudfront.net *.satis.fi *.satis.fi https://mappedin-web-load.mappedin.com https://api-gateway.mappedin.com https://mipubapistorageprod.blob.core.windows.net https://o72072.ingest.sentry.io accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com https://api.birdeye.com phmc.myloancare.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://birdeye.com/ http://www.nmlsconsumeraccess.org *.blob.core.windows.net;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://nynjstadium.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
https://chat.satis.fi
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
853eeb68b9f5abe6-CPH
content-encoding
gzip
content-security-policy
default-src 'self' https://api-gateway.mappedin.com https://mappedin-web-load.mappedin.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://submit.jotform.com https://cdn.jotfor.ms https://cdn01.jotfor.ms https://cdn02.jotfor.ms https://cdn03.jotfor.ms www.jotform.com https://www.googletagmanager.com/ https://s7.addthis.com/ *.satis.fi *.googleapis.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org phmc.myloancare.com https://widget.intercom.io/ https://js.intercomcdn.com https://birdeye.com/ http://www.nmlsconsumeraccess.org https://d1p5cqqchvbqmy.cloudfront.net https://d2zi7r1qsrih6r.cloudfront.net *.blob.core.windows.net; style-src 'self' 'unsafe-inline' https://cdn.jotfor.ms https://cdn01.jotfor.ms https://cdn02.jotfor.ms https://cdn03.jotfor.ms *.satis.fi *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com phmc.myloancare.com http://www.nmlsconsumeraccess.org https://d1p5cqqchvbqmy.cloudfront.net; font-src 'self' https://cdn.jotfor.ms https://prod-satisfilabs-resources-gcs.satis.fi/ fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: https://js.intercomcdn.com/ https://birdeye.com/ https://d1p5cqqchvbqmy.cloudfront.net; img-src 'self' https://files.jotform.com https://events.jotform.com https://www.jotform.com https://www.metlifestadium.com https://cdn.jotfor.ms https://cdn01.jotfor.ms https://cdn02.jotfor.ms https://cdn03.jotfor.ms https://prod-satisfilabs-resources-gcs.satis.fi https://cms.metlifestadium.com https://mipubapistorageprod.blob.core.windows.net *.gstatic.com *.googleapis.com *.google-analytics.com platform.tumblr.com web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com i.ytimg.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com phmc.myloancare.com https://static.intercomassets.com https://birdeye.com/ https://cdn.mappedin.com; media-src 'self' data: blob:; child-src 'self' https://submit.jotform.com https://metlife.skywayvr.com/ *.satis.fi https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com phmc.myloancare.com; connect-src 'self' https://api.jotform.com *.mappedin.com *.satis.fi https://d2zi7r1qsrih6r.cloudfront.net *.satis.fi *.satis.fi https://mappedin-web-load.mappedin.com https://api-gateway.mappedin.com https://mipubapistorageprod.blob.core.windows.net https://o72072.ingest.sentry.io accounts.google.com https://*.insight.sitefinity.com https://*.dec.sitefinity.com *.mktoresp.com *.google-analytics.com *.gstatic.com https://api.birdeye.com phmc.myloancare.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://birdeye.com/ http://www.nmlsconsumeraccess.org *.blob.core.windows.net;
content-type
text/html; charset=utf-8
date
Sun, 11 Feb 2024 19:15:18 GMT
expires
-1
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains;
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Domain/Path Name / Value
.metlifestadium.com/ Name: __cf_bm
Value: R1r8QuVU2fXzmBZc8eDmfkTKiVLFOrO_sqNkAH4nmAc-1707678918-1-AZdEZfSecZ/WAvh6qAOEOOnj1rH2v3gwGwyrJjq4EtXPy51MhqEfmTT8NG3Q0ZRqBcnOkV9NwWym6eCgXI3s69Q=

2 Console Messages

Source Level URL
Text
other warning URL: http://nynjstadium.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.metlifestadium.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nynjstadium.com
www.metlifestadium.com
2606:4700:10::6816:d3f
3.33.152.147
bc822df42062fdca8e122805423fa5093133f8d5d3b09922b9b630a1b3ccf057