www.wickedfunnynorthandover.com Open in urlscan Pro
2600:9000:2759:f000:b:165a:d640:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://wickedfunnynorthandover.com/
Effective URL:
https://www.wickedfunnynorthandover.com/
Submission Tags: phishingrod
Submission: On June 26 via api (June 26th 2024, 5:14:03 am UTC) from DE — Scanned from DE

Summary HTTP 14 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 14 HTTP transactions. The main IP is 2600:9000:2759:f000:b:165a:d640:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.wickedfunnynorthandover.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 26th 2023. Valid for: a year.

This is the only time www.wickedfunnynorthandover.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:275... 2600:9000:2759:9000:b:165a:d640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:275... 2600:9000:2759:f000:b:165a:d640:93a1	16509 (AMAZON-02) (AMAZON-02)
4	3.160.39.66 3.160.39.66	16509 (AMAZON-02) (AMAZON-02)
4	18.245.46.35 18.245.46.35	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	54.231.167.88 54.231.167.88	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
14	6

1 2600:9000:2759:9000:b:165a:d640:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

wickedfunnynorthandover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2759:f000:b:165a:d640:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.wickedfunnynorthandover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.160.39.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-39-66.txl50.r.cloudfront.net

cdn.seatengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.245.46.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-35.fra56.r.cloudfront.net

files.seatengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.167.88 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	seatengine.com cdn.seatengine.com — Cisco Umbrella Rank: 357689 files.seatengine.com — Cisco Umbrella Rank: 278018	993 KB
3	wickedfunnynorthandover.com 1 redirects wickedfunnynorthandover.com www.wickedfunnynorthandover.com	7 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	2 KB
1	gstatic.com fonts.gstatic.com	23 KB
1	amazonaws.com s3.amazonaws.com	665 KB
14	5

	Domain	Requested by
4	files.seatengine.com	www.wickedfunnynorthandover.com
4	cdn.seatengine.com	www.wickedfunnynorthandover.com cdn.seatengine.com
2	fonts.googleapis.com	www.wickedfunnynorthandover.com
2	www.wickedfunnynorthandover.com	www.wickedfunnynorthandover.com
1	fonts.gstatic.com	fonts.googleapis.com
1	s3.amazonaws.com	www.wickedfunnynorthandover.com
1	wickedfunnynorthandover.com	1 redirects
14	7

This site contains links to these domains. Also see Links.

Domain
www.chinablossom.com
facebook.com
twitter.com
instagram.com
www.seatengine.com

Subject Issuer	Validity	Valid
wickedfunnynorthandover.com Amazon RSA 2048 M02	`2023-07-26` - `2024-08-24`	a year	crt.sh
seatengine.com Amazon RSA 2048 M03	`2024-03-01` - `2025-03-29`	a year	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-05-25` - `2025-05-02`	a year	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.wickedfunnynorthandover.com/
Frame ID: 6A138C36BFEAB2508D6563E910E3C1C6
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wicked Funny Comedy Club North Andover

Page URL History Show full URLs

https://wickedfunnynorthandover.com/ HTTP 302
https://www.wickedfunnynorthandover.com/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

14
Requests

100 %
HTTPS

57 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

1690 kB
Transfer

2222 kB
Size

2
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.chinablossom.com/wp-content/uploads/2024/01/167743_proof_5.pdf
Title: Comedy Club Menu

Search URL Search Domain Scan URL

URL: http://facebook.com/Wicked%20Funny%20North%20Andover

Search URL Search Domain Scan URL

URL: http://twitter.com/

Search URL Search Domain Scan URL

URL: http://instagram.com/wickedfunnynorthandover

Search URL Search Domain Scan URL

URL: http://www.seatengine.com/
Title: SeatEngine

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wickedfunnynorthandover.com/ HTTP 302
https://www.wickedfunnynorthandover.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.wickedfunnynorthandover.com/
Redirect Chain

https://wickedfunnynorthandover.com/
https://www.wickedfunnynorthandover.com/

13 KB
5 KB

368ms
291ms

Document
text/html

2600:9000:2759:f000:b:165a:d640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wickedfunnynorthandover.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2759:f000:b:165a:d640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.2 + Phusion Passenger(R) 6.0.14 / Phusion Passenger(R) 6.0.14

Resource Hash

90b7d6f1b46dc82facf091c3ac95023cb0dab24687259606da46611580758a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 26 Jun 2024 05:13:57 GMT
etag: W/"57a7fd1ef123de40695732dbf934d62b"
server: nginx/1.20.2 + Phusion Passenger(R) 6.0.14
status: 200 OK
via: 1.1 b42f6cdb46a1db6b1ce16d3a0ddbba7a.cloudfront.net (CloudFront)
x-amz-cf-id: einJMjA4qmveFCV1jVt7IlCGlplbskcBloDeWFJZSb3PCL3rQurWNA==
x-amz-cf-pop: TXL50-P5
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R) 6.0.14
x-request-id: 4ce18023-e4e7-4d99-aff4-3b31715a6818
x-runtime: 0.070088
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
content-type: text/html; charset=utf-8
date: Wed, 26 Jun 2024 05:13:57 GMT
location: https://www.wickedfunnynorthandover.com/
server: nginx/1.20.2 + Phusion Passenger(R) 6.0.14
status: 302 Found
via: 1.1 365a977b864574759e83e211b333db7e.cloudfront.net (CloudFront)
x-amz-cf-id: YF2aAJn2LvZczvTXaZEGVVCcsTVho0MpsZxvXo-1obcBgpT3WvRPrg==
x-amz-cf-pop: TXL50-P5
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Phusion Passenger(R) 6.0.14
x-request-id: d22977a3-ccf2-4008-8c6f-c05d77e0c488
x-runtime: 0.042329
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK application-ed7ad7dae58a6480ac764fa9ab9a53ad.css
cdn.seatengine.com/assets/ 288 KB
28 KB 503ms
432ms Stylesheet
text/css 3.160.39.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.seatengine.com/assets/application-ed7ad7dae58a6480ac764fa9ab9a53ad.css
Requested by: Host: www.wickedfunnynorthandover.com
URL: https://www.wickedfunnynorthandover.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.39.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-39-66.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 692ee1b299f2da0386c4a9969252713aab2946a2aefb27cffc87a211dbd95fe6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.wickedfunnynorthandover.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 26 Jun 2024 05:13:59 GMT
Content-Encoding: gzip
Via: 1.1 ab0a5e1a9c4f75b6cc56f0c31ca36f0c.cloudfront.net (CloudFront)
x-amz-version-id: JBb48eKWV_6uoTeN8V1zaSthL9XgXxd6
X-Amz-Cf-Pop: TXL50-P6
x-amz-server-side-encryption: AES256
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 28352
Last-Modified: Mon, 24 Jun 2024 08:10:51 GMT
Server: AmazonS3
ETag: "dc00b6c6c9a78b18040c963d218feb52"
Content-Type: text/css
Cache-Control: max-age=315360000
Accept-Ranges: bytes
X-Amz-Cf-Id: LHymoTVO0yh-en2pB7O-_1lyrTrc0G_e8GFz-5EAetfgEd435z9slw==
Expires: Thu, 22 Jun 2034 08:10:14 GMT

GET
H2 200 stylesheet.css
www.wickedfunnynorthandover.com/ 6 KB
2 KB 256ms
256ms Stylesheet
text/css 2600:9000:2759:f000:b:165a:d640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wickedfunnynorthandover.com/stylesheet.css

Requested by

Host: www.wickedfunnynorthandover.com
URL: https://www.wickedfunnynorthandover.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2759:f000:b:165a:d640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.2 + Phusion Passenger(R) 6.0.14 / Phusion Passenger(R) 6.0.14

Resource Hash

c6e4c218af56f796909b5b8ffe6146dbf685da6f31c8b39a75f50d217bceb8fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.wickedfunnynorthandover.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 05:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b42f6cdb46a1db6b1ce16d3a0ddbba7a.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P5
x-powered-by: Phusion Passenger(R) 6.0.14
x-cache: Miss from cloudfront
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 1c0525c5-32ce-4d70-bb65-77d193ea1240
x-runtime: 0.020741
server: nginx/1.20.2 + Phusion Passenger(R) 6.0.14
etag: W/"4b61e1b96b660b704117aa1aa064234a"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: ypnKWDkZ0s4GpnaqkF7ZV3XDZJ913IX4plW0I2I0Jgp4Go2rQL1bMw==

GET
H/1.1 200
OK application.lib-0b426ff69c6e21d32ac65da4a68702c8.js Show response
cdn.seatengine.com/assets/ 342 KB
91 KB 538ms
467ms Script
text/javascript 3.160.39.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.seatengine.com/assets/application.lib-0b426ff69c6e21d32ac65da4a68702c8.js
Requested by: Host: www.wickedfunnynorthandover.com
URL: https://www.wickedfunnynorthandover.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.39.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-39-66.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c1ab1f12b7d4e86fd598fa30258bbc7b641a6c4ea23017df6400e3aa37036d4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.wickedfunnynorthandover.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 26 Jun 2024 05:13:59 GMT
Content-Encoding: gzip
Via: 1.1 ff90ef1c5118435828a9e7b21116a598.cloudfront.net (CloudFront)
x-amz-version-id: UYuOLC3SCOIDLnRSUJz2ttUEBdy4VvUV
X-Amz-Cf-Pop: TXL50-P6
x-amz-server-side-encryption: AES256
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 92407
Last-Modified: Mon, 24 Jun 2024 08:10:21 GMT
Server: AmazonS3
ETag: "860d56996eb42a9da94eb43108525799"
Content-Type: text/javascript
Cache-Control: max-age=315360000
Accept-Ranges: bytes
X-Amz-Cf-Id: dK95N-a8wuFvbOAZjNmEym_qgqjBQwRPX0N-KgUxIjfYx8CKFNJX3Q==
Expires: Thu, 22 Jun 2034 08:10:14 GMT

GET
H2 200 CFPlogo_%281%29.png
files.seatengine.com/styles/logos/472/original/ 11 KB
12 KB 470ms
409ms Image
image/png 18.245.46.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.seatengine.com/styles/logos/472/original/CFPlogo_%281%29.png?1707323549
Requested by: Host: www.wickedfunnynorthandover.com
URL: https://www.wickedfunnynorthandover.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-35.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 824f88554e9a6146255c159ea69450d3cf1fffd032981a5c55d56dab8bedc21c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.wickedfunnynorthandover.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 05:13:59 GMT
via: 1.1 77e414816706879c16a3707f261f0b5a.cloudfront.net (CloudFront)
last-modified: Wed, 07 Feb 2024 16:32:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
etag: "023adcc295863fde6212d3c46fc5b5bc"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 11498
x-amz-cf-id: nTfnM-Qq-coxU76Gj89MVqyH8wmngy9k-y9lK4moyTDti-uuSOkrlg==

GET
H2 200 wicked_funny_HOME_WEB_PAGE_HEADER.jpg
files.seatengine.com/styles/header_images/472/full/ 79 KB
80 KB 499ms
438ms Image
image/jpeg 18.245.46.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.seatengine.com/styles/header_images/472/full/wicked_funny_HOME_WEB_PAGE_HEADER.jpg?1707331788
Requested by: Host: www.wickedfunnynorthandover.com
URL: https://www.wickedfunnynorthandover.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-35.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 962e438d4f694d3721d78d39cb23906a45006a6747971bccdd60eac413524711

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.wickedfunnynorthandover.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 05:13:59 GMT
via: 1.1 77e414816706879c16a3707f261f0b5a.cloudfront.net (CloudFront)
last-modified: Wed, 07 Feb 2024 18:49:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
etag: "6ec7f6976d5192c6a115f3e3a6f322fc"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 81240
x-amz-cf-id: F1xiY5PAZLWg7X_GLG7J_3sBMFbzbAPfWMOFcnlcTC9fZ8lGX33r0Q==

GET
H2 200 data
files.seatengine.com/talent/headshots/photos/44423/full/ 382 KB
383 KB 415ms
415ms Image
image/png 18.245.46.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.seatengine.com/talent/headshots/photos/44423/full/data
Requested by: Host: www.wickedfunnynorthandover.com
URL: https://www.wickedfunnynorthandover.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-35.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d95fac42b772cb4903c9e6b1148e6bf1063944083950556b9d13c8f4fdaf6207

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.wickedfunnynorthandover.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 05:13:59 GMT
via: 1.1 77e414816706879c16a3707f261f0b5a.cloudfront.net (CloudFront)
last-modified: Sat, 13 Aug 2022 01:03:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "34baaa138092463a1b4fa1506f5d3b90"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 391288
x-amz-cf-id: HnrH-XOa6n6sJKPTQWwUHxQ74BRgcmOxNpLldKlUd3s-6tXIGBAEbg==

GET
H/1.1 200
OK application-f89b033a6264cd37cd7bd7f0c67a807e.js Show response
cdn.seatengine.com/assets/ 9 KB
3 KB 463ms
415ms Script
text/javascript 3.160.39.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.seatengine.com/assets/application-f89b033a6264cd37cd7bd7f0c67a807e.js
Requested by: Host: www.wickedfunnynorthandover.com
URL: https://www.wickedfunnynorthandover.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.39.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-39-66.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f68943eff0d8e52e06e215763df01aa389fdec24385dd8f78e47d02eb6fc7710

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.wickedfunnynorthandover.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 26 Jun 2024 05:13:59 GMT
Content-Encoding: gzip
Via: 1.1 b0bcf28a9fd6a6d6da1d365359e434b4.cloudfront.net (CloudFront)
x-amz-version-id: S3SKguJjSEsa8giDRQJ32Cip97OSqqMx
X-Amz-Cf-Pop: TXL50-P6
x-amz-server-side-encryption: AES256
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 2640
Last-Modified: Mon, 24 Jun 2024 08:10:37 GMT
Server: AmazonS3
ETag: "82d48431d9615b56c3405648c1ae679f"
Content-Type: text/javascript
Cache-Control: max-age=315360000
Accept-Ranges: bytes
X-Amz-Cf-Id: OQ1w5sP_R1d3rapLeb6vji7fWKCOxcilo6Uzk8VEIVpB1euGki63hw==
Expires: Thu, 22 Jun 2034 08:10:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 73ms
26ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:400,700

Requested by

Host: www.wickedfunnynorthandover.com
URL: https://www.wickedfunnynorthandover.com/stylesheet.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17507a18a0e418e29ad7c02da3d1fd03510491b186ee99b6fb6a3ffe8b464294

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.wickedfunnynorthandover.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Jun 2024 05:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Jun 2024 04:50:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jun 2024 05:13:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
726 B 74ms
27ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,600|Paytone+One

Requested by

Host: www.wickedfunnynorthandover.com
URL: https://www.wickedfunnynorthandover.com/stylesheet.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a130c37da4dec09d394b1e786fa89e25fedbfa3642827b10919f59f061fdf145

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.wickedfunnynorthandover.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Jun 2024 05:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Jun 2024 05:13:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jun 2024 05:13:58 GMT

GET
H/1.1 200
OK 1707320819-received_3748672715394405.jpeg
s3.amazonaws.com/seat-engine-user-images/591903/ 664 KB
665 KB 409ms
191ms Image
image/jpeg 54.231.167.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/seat-engine-user-images/591903/1707320819-received_3748672715394405.jpeg
Requested by: Host: www.wickedfunnynorthandover.com
URL: https://www.wickedfunnynorthandover.com/stylesheet.css
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 54.231.167.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4b18a41ccdb9c313d77c5878b91916bb43cdee4ffd9eaff87d41677835fdb7f8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.wickedfunnynorthandover.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 26 Jun 2024 05:13:59 GMT
Last-Modified: Wed, 07 Feb 2024 15:47:00 GMT
Server: AmazonS3
x-amz-request-id: RKGAC6F7XX2M9AED
ETag: "3cd3b8698d7300178f9c93ecfd1402d3"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 680112
x-amz-id-2: PvT8V9kYNcBvwN/PWEre6OuvJE8ywvON91keUioSWiIL5Ir5mxaLEQo3ZGmqohRbh9U6ZtybOQc=

GET
H2 200 0nksC9P7MfYHj2oFtYm2ChTtgPs.woff2
fonts.gstatic.com/s/paytoneone/v23/ 23 KB
23 KB 73ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/paytoneone/v23/0nksC9P7MfYHj2oFtYm2ChTtgPs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,600|Paytone+One

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

168c5fc9446db472cbf9e25c0af43e551f18568b20828973eb2068b9d42401c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.wickedfunnynorthandover.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:42:57 GMT
x-content-type-options: nosniff
age: 52261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23064
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 22:01:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 14:42:57 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
cdn.seatengine.com/assets/font-awesome/ 65 KB
66 KB 502ms
450ms Font
application/octet-stream 3.160.39.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.seatengine.com/assets/font-awesome/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: cdn.seatengine.com
URL: https://cdn.seatengine.com/assets/application-ed7ad7dae58a6480ac764fa9ab9a53ad.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.39.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-39-66.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.seatengine.com/assets/application-ed7ad7dae58a6480ac764fa9ab9a53ad.css
Origin: https://www.wickedfunnynorthandover.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 26 Jun 2024 05:13:59 GMT
x-amz-version-id: v68Y4DFfOXPaon0wblCXu4RgCgw58wFn
Via: 1.1 9971da442482ed5dc21ad38ae9cc9248.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: TXL50-P6
x-amz-server-side-encryption: AES256
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 66624
Last-Modified: Mon, 24 Jun 2024 08:11:02 GMT
Server: AmazonS3
ETag: "db812d8a70a4e88e888744c1c9a27e89"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
X-Amz-Cf-Id: VnhUdDe-CZ0ludJordiht1VAR3OT2uVltH_XA_F1wTFhL6w0yw3u0g==
Expires: Thu, 22 Jun 2034 08:10:14 GMT

GET
H2 200 logoAD.png
files.seatengine.com/styles/favicons/472/icon/ 330 KB
331 KB 427ms
427ms Other
image/png 18.245.46.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://files.seatengine.com/styles/favicons/472/icon/logoAD.png?1659548492
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-35.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec3a7ae986e166e9424aae73e8fb156d452ea7f91a25af6c14583fbf55a11ac9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.wickedfunnynorthandover.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 05:14:00 GMT
via: 1.1 77e414816706879c16a3707f261f0b5a.cloudfront.net (CloudFront)
last-modified: Wed, 03 Aug 2022 17:41:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "b4396df478e42ec0c4e100976f21802a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 338131
x-amz-cf-id: Ao5J8kkgtY60EFJ-yjhk6mLGlUIYWINY2uS9HDRgGpsi0tBXjGyE3A==

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.wickedfunnynorthandover.com/	1970-01-20 21:36:24	Name: cart_id Value: 4acf968b-1352-4ab3-b607-9534a20bdf90
			www.wickedfunnynorthandover.com/	1969-12-31 23:59:59	Name: _seat_engine_session Value: Qm1pMUpGdHNZMXhDbEsrQU9yZ1J5TmNJbDMzVDJ2SDZjRVVqV25Qd21mZUhlYmJFTTIva000MGNlQ0lZVWltV1QwdFV4OEw2a3g0RlhtUGYwV1hwTHMwT2QvN08wbzZtRXFVUDFsQVVra20vK1A3Sy94T2ZHWWk0NzhidG9wMzdjUFlwSEQ1eHQvbEFBY1FDWFR4cHB3RmI4OC9QMHFRemJtenZ6RWNEdER1YWRVOS9YSmdFWFVIa2tCYVZibEhxLS05OW5GVGdYUnhhdC9td1NUU3BHemtBPT0%3D--aa8a6f7a474f7a96e017a9717b6e2c2f79256145

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.seatengine.com
files.seatengine.com
fonts.googleapis.com
fonts.gstatic.com
s3.amazonaws.com
wickedfunnynorthandover.com
www.wickedfunnynorthandover.com
18.245.46.35
2600:9000:2759:9000:b:165a:d640:93a1
2600:9000:2759:f000:b:165a:d640:93a1
2a00:1450:4001:806::200a
2a00:1450:4001:82b::2003
3.160.39.66
54.231.167.88
168c5fc9446db472cbf9e25c0af43e551f18568b20828973eb2068b9d42401c8
17507a18a0e418e29ad7c02da3d1fd03510491b186ee99b6fb6a3ffe8b464294
3c1ab1f12b7d4e86fd598fa30258bbc7b641a6c4ea23017df6400e3aa37036d4
4b18a41ccdb9c313d77c5878b91916bb43cdee4ffd9eaff87d41677835fdb7f8
692ee1b299f2da0386c4a9969252713aab2946a2aefb27cffc87a211dbd95fe6
824f88554e9a6146255c159ea69450d3cf1fffd032981a5c55d56dab8bedc21c
90b7d6f1b46dc82facf091c3ac95023cb0dab24687259606da46611580758a95
962e438d4f694d3721d78d39cb23906a45006a6747971bccdd60eac413524711
a130c37da4dec09d394b1e786fa89e25fedbfa3642827b10919f59f061fdf145
c6e4c218af56f796909b5b8ffe6146dbf685da6f31c8b39a75f50d217bceb8fa
d95fac42b772cb4903c9e6b1148e6bf1063944083950556b9d13c8f4fdaf6207
ec3a7ae986e166e9424aae73e8fb156d452ea7f91a25af6c14583fbf55a11ac9
f68943eff0d8e52e06e215763df01aa389fdec24385dd8f78e47d02eb6fc7710
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.wickedfunnynorthandover.com Open in urlscan Pro 2600:9000:2759:f000:b:165a:d640:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

57 %IPv6

5 Domains

7 Subdomains

6 IPs

2 Countries

1690 kBTransfer

2222 kBSize

2 Cookies

5 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

www.wickedfunnynorthandover.com Open in urlscan Pro
2600:9000:2759:f000:b:165a:d640:93a1 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

57 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

1690 kB
Transfer

2222 kB
Size

2
Cookies

14 HTTP transactions
0 data transactions