www.wickisergroup.com Open in urlscan Pro
52.86.1.86 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://wickisergroup.com/
Effective URL:
https://www.wickisergroup.com/
Submission Tags: phishingrod
Submission: On January 06 via api (January 6th 2024, 11:46:27 am UTC) from DE — Scanned from DE

Summary HTTP 46 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 46 HTTP transactions. The main IP is 52.86.1.86, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.wickisergroup.com.
TLS certificate: Issued by R3 on January 5th 2024. Valid for: 3 months.

This is the only time www.wickisergroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	184.169.141.142 184.169.141.142	16509 (AMAZON-02) (AMAZON-02)
5	52.86.1.86 52.86.1.86	14618 (AMAZON-AES) (AMAZON-AES)
9	18.66.112.114 18.66.112.114	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	52.70.63.47 52.70.63.47	14618 (AMAZON-AES) (AMAZON-AES)
6	2a02:6ea0:c70... 2a02:6ea0:c700::22	60068 (CDN77 ^_^) (CDN77 ^_^)
1	65.9.95.73 65.9.95.73	16509 (AMAZON-02) (AMAZON-02)
11	2a04:4e42::614 2a04:4e42::614	54113 (FASTLY) (FASTLY)
3	65.9.95.92 65.9.95.92	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2600:1f14:5db... 2600:1f14:5db:eb11:b426:fa12:9fa6:5d	16509 (AMAZON-02) (AMAZON-02)
46	13

1 184.169.141.142 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-184-169-141-142.us-west-1.compute.amazonaws.com

wickisergroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.86.1.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-1-86.compute-1.amazonaws.com

www.wickisergroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.66.112.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-114.fra56.r.cloudfront.net

static.myrealestateplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.70.63.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-63-47.compute-1.amazonaws.com

events-va.placester.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6ea0:c700::22 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-73.prg50.r.cloudfront.net

d126fxm3orgy3k.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a04:4e42::614 (United States)

ASN54113 (FASTLY, US)

media.placester.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.95.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-92.prg50.r.cloudfront.net

uploads-cf.cdn.placester.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:5db:eb11:b426:fa12:9fa6:5d (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	placester.com events-va.placester.com media.placester.com	2 MB
9	myrealestateplatform.com static.myrealestateplatform.com	2 MB
7	userway.org cdn.userway.org — Cisco Umbrella Rank: 7457 api.userway.org — Cisco Umbrella Rank: 6974	60 KB
6	wickisergroup.com 1 redirects wickisergroup.com www.wickisergroup.com	26 KB
5	gstatic.com fonts.gstatic.com	115 KB
3	placester.net uploads-cf.cdn.placester.net
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	153 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1695	259 B
1	cloudfront.net d126fxm3orgy3k.cloudfront.net
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	997 B
46	10

	Domain	Requested by
11	media.placester.com	www.wickisergroup.com
9	static.myrealestateplatform.com	www.wickisergroup.com static.myrealestateplatform.com
6	cdn.userway.org	static.myrealestateplatform.com cdn.userway.org
5	fonts.gstatic.com	fonts.googleapis.com
5	www.wickisergroup.com	www.wickisergroup.com static.myrealestateplatform.com
3	uploads-cf.cdn.placester.net	www.wickisergroup.com
2	www.googletagmanager.com	www.wickisergroup.com www.googletagmanager.com
1	api.userway.org	cdn.userway.org
1	region1.google-analytics.com	www.googletagmanager.com
1	d126fxm3orgy3k.cloudfront.net	www.wickisergroup.com
1	events-va.placester.com	static.myrealestateplatform.com
1	fonts.googleapis.com	www.wickisergroup.com
1	wickisergroup.com	1 redirects
46	13

This site contains links to these domains. Also see Links.

Domain
placester.com
www.facebook.com
twitter.com
www.linkedin.com
pinterest.com

Subject Issuer	Validity	Valid
www.wickisergroup.com R3	`2024-01-05` - `2024-04-04`	3 months	crt.sh
*.myrealestateplatform.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.placester.com Amazon RSA 2048 M01	`2023-02-16` - `2024-03-16`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
s4-san.cloudinary.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-13` - `2024-09-13`	a year	crt.sh
*.cdn.placester.net Amazon RSA 2048 M01	`2023-03-28` - `2024-04-25`	a year	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.wickisergroup.com/
Frame ID: 35CB338BD7DAF6F83693F0287C077C68
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Minnesota real estate - The company with a purpose

Page URL History Show full URLs

https://wickisergroup.com/ HTTP 301
https://www.wickisergroup.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

Page Statistics

46
Requests

100 %
HTTPS

54 %
IPv6

10
Domains

13
Subdomains

13
IPs

2
Countries

3762 kB
Transfer

6876 kB
Size

5
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://placester.com/?utm_source=CustomerSite&utm_medium=FooterLink
Title: Placester

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.wickisergroup.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.wickisergroup.com/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.wickisergroup.com/&title=David%20Wickiser

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.wickisergroup.com/&media=https://media.placester.com/image/upload/c_fill,q_80,w_1920

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wickisergroup.com/ HTTP 301
https://www.wickisergroup.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.wickisergroup.com/
Redirect Chain

https://wickisergroup.com/
https://www.wickisergroup.com/

202 KB
24 KB

427ms
200ms

Document
text/html

52.86.1.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wickisergroup.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.86.1.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-1-86.compute-1.amazonaws.com
Software: openresty / PHP/8.0.30
Resource Hash: 2c64be02dc3c3e18b405e04f08b702db127148be1cbf75026ef74a8b0966f820

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=3, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 06 Jan 2024 11:46:21 GMT
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding, Cookie
X-Powered-By: PHP/8.0.30
X-Served-By: app1
X-WP-Super-Cache: Served supercache file from PHP

Redirect headers

Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Sat, 06 Jan 2024 11:46:21 GMT
Location: https://www.wickisergroup.com/
Server: openresty
X-Served-By: web4

GET
H/1.1 200
OK classic-themes.min.css
www.wickisergroup.com/wp-includes/css/ 217 B
589 B 101ms
100ms Stylesheet
text/css 52.86.1.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wickisergroup.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.86.1.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-1-86.compute-1.amazonaws.com
Software: openresty /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

Referer: https://www.wickisergroup.com/
dpr: 1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
viewport-width: 1600

Response headers

Pragma: public
Date: Sat, 06 Jan 2024 11:46:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Nov 2023 13:10:36 GMT
Server: openresty
ETag: W/"656889cc-d9"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Mon, 08 Jan 2024 11:46:21 GMT

GET
H2 200 valhalla-tailwind-styles.css
static.myrealestateplatform.com/Valhalla/assets/dist/ 52 KB
8 KB 30ms
7ms Stylesheet
text/css 18.66.112.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-tailwind-styles.css?v=b40c95fa69b56b0754ec
Requested by: Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-114.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d93665a4d59f3cf2dbd94fb7fe545a9079138bd2311321c748132175efa4af8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 13:46:31 GMT
content-encoding: gzip
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 13:46:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 79191
etag: W/"bb907f65abb0af3c73846465cf97b8ff"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=86400
x-amz-cf-id: txmvKsvVlP2AHpYyR2bOBPe5b4sOKUbaWoczJC7xvWFhAN2-eJvZ4A==

GET
H2 200 valhalla-vendor-styles.css
static.myrealestateplatform.com/Valhalla/assets/dist/ 199 KB
47 KB 31ms
8ms Stylesheet
text/css 18.66.112.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=a839e3b091334c48a809
Requested by: Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-114.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 162f41badf3fde6be6dd92bdd812e2d6c9d979bb6cf0b6c629ad9feeeb7760e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 13:46:10 GMT
content-encoding: gzip
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 13:46:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 79212
etag: W/"bc0f15aacc809fb0c1fc5ebbd329dd4c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=86400
x-amz-cf-id: mlrSeez6ZXTXfGNDEKp8YOq6SskY5dQsR7FEKIpIc9q9SEHZkiKApA==

GET
H2 200 valhalla-styles.css
static.myrealestateplatform.com/Valhalla/assets/dist/ 2 MB
111 KB 37ms
14ms Stylesheet
text/css 18.66.112.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-styles.css?v=a1eb2c9ec2a81b602484
Requested by: Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-114.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e31a1811054e57e63802c93ed80ad118bebf7a813d80f29d5b06e9053cee4ee6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 13:45:59 GMT
content-encoding: gzip
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 13:46:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 79223
etag: W/"255123b3fd107a7c51e12cfa94186a4b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=86400
x-amz-cf-id: XCxdsAqIhDLR9ID2NRglP4GHNhdos9GhRMFHJhIHrq-6jFvHGd_2sw==

GET
H2 200 css
fonts.googleapis.com/ 5 KB
997 B 38ms
18ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ibarra+Real+Nova%3A400%2C400i%2C700%7CLato%3A300%2C400%2C600%2C700&display=swap&ver=6.1.1

Requested by

Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

59e7fa6d0a6ad6d8bb85872c03de9c0237de93a93a1af63095651052a5666778

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 06 Jan 2024 11:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 11:46:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Jan 2024 11:46:21 GMT

GET
H2 200 valhalla-scripts.js Show response
static.myrealestateplatform.com/Valhalla/assets/dist/ 866 KB
214 KB 45ms
22ms Script
application/javascript 18.66.112.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=e3587744a8
Requested by: Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-114.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e87d8bf6b8010c0172fd24b84320aff2d1a7fdf98d6fb2944cfd9aefc7d91f20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 13:46:31 GMT
content-encoding: gzip
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 13:46:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 79191
etag: W/"c35c0a3c458613298f1099c66c210b4a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: i1NYXVJtuWV5PQ9tp440eAOmHTnD8wTGpp39KxsRIhnziqMsI0ISPA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 169 KB
61 KB 44ms
23ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-52GHC3V

Requested by

Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3938f6ca3fa9e02dd210630abc9990d6ac0ed042fffdbfaa1a257c314a4028e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 11:46:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62276
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 06 Jan 2024 11:46:21 GMT

GET
H2 200 fa-light-300.woff2
static.myrealestateplatform.com/Valhalla/assets/dist/fonts/ 419 KB
421 KB 449ms
431ms Font
binary/octet-stream 18.66.112.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/fonts/fa-light-300.woff2?v=441b578192c1b1e771cf
Requested by: Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=a839e3b091334c48a809
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-114.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38b2e62bfbbeed100be9d1de0fcbd08fbe4dec34d2fb7f5986ce2ee233ad6546

Request headers

Referer: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=a839e3b091334c48a809
Origin: https://www.wickisergroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 11:46:23 GMT
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 429424
last-modified: Thu, 21 Dec 2023 13:46:52 GMT
server: AmazonS3
etag: "183f1c8f71f9b21737cb79caea0f6c3d"
access-control-max-age: 3000
access-control-allow-methods: POST, PUT, DELETE, GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Access-Control-Allow-Origin
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: wbDcG1giACXciq0iRSV515TQJLGxpbjO0DX2HUwfcOONarQvzM_sIA==

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 40ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ibarra+Real+Nova%3A400%2C400i%2C700%7CLato%3A300%2C400%2C600%2C700&display=swap&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wickisergroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 15:36:20 GMT
x-content-type-options: nosniff
age: 418201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 15:36:20 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ibarra+Real+Nova%3A400%2C400i%2C700%7CLato%3A300%2C400%2C600%2C700&display=swap&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wickisergroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 21:48:33 GMT
x-content-type-options: nosniff
age: 136668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 21:48:33 GMT

GET
H2 200 fa-regular-400.woff2
static.myrealestateplatform.com/Valhalla/assets/dist/fonts/ 386 KB
387 KB 422ms
405ms Font
binary/octet-stream 18.66.112.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/fonts/fa-regular-400.woff2?v=e4bb547bebf70ca2cb49
Requested by: Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=a839e3b091334c48a809
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-114.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b85c4d4bcb7be039d30281d940426203622394a85d4cd2b43048b57a924a7d51

Request headers

Referer: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=a839e3b091334c48a809
Origin: https://www.wickisergroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 11:46:23 GMT
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 395444
last-modified: Thu, 21 Dec 2023 13:46:52 GMT
server: AmazonS3
etag: "f3100ca1d6b8939d47fe7e23a831bcd3"
access-control-max-age: 3000
access-control-allow-methods: POST, PUT, DELETE, GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Access-Control-Allow-Origin
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: QmDSUlLtE7wgNv9-KtZzFgDUIDbHjRvLY60STxQhPbOL7wlEcmjUdg==

GET
H2 200 sZlfdQiA-DBIDCcaWtQzL4BZHoiDkHtYEQ.woff2
fonts.gstatic.com/s/ibarrarealnova/v27/ 27 KB
27 KB 37ms
16ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibarrarealnova/v27/sZlfdQiA-DBIDCcaWtQzL4BZHoiDkHtYEQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ibarra+Real+Nova%3A400%2C400i%2C700%7CLato%3A300%2C400%2C600%2C700&display=swap&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c4e6f6d670d4e6f75a995cd445979c7122714af85d4c1911b3b6de44e1846e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wickisergroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:16:52 GMT
x-content-type-options: nosniff
age: 19769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27656
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:05:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Jan 2025 06:16:52 GMT

GET
H2 200 fa-solid-900.woff2
static.myrealestateplatform.com/Valhalla/assets/dist/fonts/ 320 KB
321 KB 449ms
432ms Font
binary/octet-stream 18.66.112.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/fonts/fa-solid-900.woff2?v=2f8c37423114769918de
Requested by: Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=a839e3b091334c48a809
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-114.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a

Request headers

Referer: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=a839e3b091334c48a809
Origin: https://www.wickisergroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 11:46:23 GMT
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 327824
last-modified: Thu, 21 Dec 2023 13:46:52 GMT
server: AmazonS3
etag: "e0f1f10202002bf91422fd3768c2d744"
access-control-max-age: 3000
access-control-allow-methods: POST, PUT, DELETE, GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Access-Control-Allow-Origin
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: TJnvA9KGKUPX-bj67YrjTJlYk5-ay5sbzNsUmAP76ix0rPCsYO64bA==

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 34ms
13ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ibarra+Real+Nova%3A400%2C400i%2C700%7CLato%3A300%2C400%2C600%2C700&display=swap&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wickisergroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:00:02 GMT
x-content-type-options: nosniff
age: 92779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 10:00:02 GMT

GET
H2 200 sZlsdQiA-DBIDCcaWtQzL4BZHoiDkH5CH9yb5n3ZFmKopyiubzx7XA.woff2
fonts.gstatic.com/s/ibarrarealnova/v27/ 19 KB
19 KB 41ms
21ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibarrarealnova/v27/sZlsdQiA-DBIDCcaWtQzL4BZHoiDkH5CH9yb5n3ZFmKopyiubzx7XA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ibarra+Real+Nova%3A400%2C400i%2C700%7CLato%3A300%2C400%2C600%2C700&display=swap&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df9c08f8fcc7b027ffe00f1510796b13be07fbac8d4c47cc754771adfe992cb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wickisergroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 21:37:27 GMT
x-content-type-options: nosniff
age: 396534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18980
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:06:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 21:37:27 GMT

GET
H2 200 fa-brands-400.woff2
static.myrealestateplatform.com/Valhalla/assets/dist/fonts/ 108 KB
109 KB 433ms
416ms Font
binary/octet-stream 18.66.112.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/fonts/fa-brands-400.woff2?v=e24fcc1b7ece401606b1
Requested by: Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=a839e3b091334c48a809
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-114.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 063b9237e402c98dfb77a66e5de0d02d953640fc8fe44911808c2fdcb80df26e

Request headers

Referer: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-vendor-styles.css?v=a839e3b091334c48a809
Origin: https://www.wickisergroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 11:46:23 GMT
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 110932
last-modified: Thu, 21 Dec 2023 13:46:52 GMT
server: AmazonS3
etag: "f022fca674f561d3f3f9f187a7fa3222"
access-control-max-age: 3000
access-control-allow-methods: POST, PUT, DELETE, GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Access-Control-Allow-Origin
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: Txd40D7TfzVd0zrjEoO4cwiBsbrV8aWdbPvfGnsIWtJYrELdD405Jg==

POST
H/1.1 200
OK event Show response
events-va.placester.com/ 35 B
194 B 666ms
92ms XHR
application/json 52.70.63.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events-va.placester.com/event
Requested by: Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=e3587744a8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.63.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-63-47.compute-1.amazonaws.com
Software: Jetty(9.0.3.v20130506) /
Resource Hash: a06ab0c16ab0b446805cbe38ba18687b4d917ad435b162476d644f9d51e499ce

Request headers

Referer: https://www.wickisergroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Server: Jetty(9.0.3.v20130506)
Connection: keep-alive
Content-Length: 35
Content-Type: application/json

POST
H/1.1 200
OK placester-ajax.php Show response
www.wickisergroup.com/wp-content/plugins/toolbox/src// 507 B
711 B 171ms
171ms XHR
application/json 52.86.1.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wickisergroup.com/wp-content/plugins/toolbox/src//placester-ajax.php

Requested by

Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=e3587744a8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.86.1.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-1-86.compute-1.amazonaws.com

Software

openresty / PHP/8.0.30

Resource Hash

2182ef018fa0d2242c0e6d2c52a8fd1186372ca56d752cded26d8b1bd138d334

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
viewport-width: 1600
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://www.wickisergroup.com/
X-Requested-With: XMLHttpRequest
dpr: 1

Response headers

Expires: Wed, 11 Jan 1984 05:00:00 GMT
Pragma: no-cache
Date: Sat, 06 Jan 2024 11:46:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
X-Powered-By: PHP/8.0.30
Transfer-Encoding: chunked
Vary: Accept-Encoding, Cookie
Content-Type: application/json; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive
X-Served-By: app1

POST
H/1.1 200
OK placester-ajax.php Show response
www.wickisergroup.com/wp-content/plugins/toolbox/src// 40 B
488 B 300ms
143ms XHR
application/json 52.86.1.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wickisergroup.com/wp-content/plugins/toolbox/src//placester-ajax.php

Requested by

Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=e3587744a8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.86.1.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-1-86.compute-1.amazonaws.com

Software

openresty / PHP/8.0.30

Resource Hash

b67bfd6e6e4f939620c697b9ce751ee07df8583ff3fa4b29ed3ee3ea8f213372

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
viewport-width: 1600
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://www.wickisergroup.com/
X-Requested-With: XMLHttpRequest
dpr: 1

Response headers

Expires: Wed, 11 Jan 1984 05:00:00 GMT
Pragma: no-cache
Date: Sat, 06 Jan 2024 11:46:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
X-Powered-By: PHP/8.0.30
Transfer-Encoding: chunked
Vary: Accept-Encoding, Cookie
Content-Type: application/json; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive
X-Served-By: app1

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 40ms
6ms Script
application/javascript 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=e3587744a8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 03eeae789de3c45c82835e3d9e6a017ee2d3b12b683179c60ee888dece2e550e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 06 Jan 2024 11:46:22 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 577
x-amz-cf-pop: FRA60-P3
age: 552
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1704541005
x-77-nzt: EgwB1GY4tAH3QQIAAAwB1GY4EQH3DgAAAA
x-accel-expires: @1704544605
x-77-age: 591
x-cache-lb: HIT
last-modified: Thu, 04 Jan 2024 22:25:40 GMT
server: CDN77-Turbo
etag: W/"69a454f0fd9828821fc1027d7c18de43"
x-77-nzt-ray: 6d204d111247be828e3d99651a4e3400
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: ueeNvkT2oTM33E7g3jPXVGn5hHyfved2B8VdzUpRYoDp-AvQprHxJQ==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 403
Forbidden s-51bf1fcf1cdabc6b71000004.gif
d126fxm3orgy3k.cloudfront.net/logos/51bf1fcf1cdabc6b71000004/ 0
0 63ms
13ms Image
text/html 65.9.95.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d126fxm3orgy3k.cloudfront.net/logos/51bf1fcf1cdabc6b71000004/s-51bf1fcf1cdabc6b71000004.gif
Requested by: Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-73.prg50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 0b76664c6847dfc2fb9f4573eab6fe2d03381489.jpg
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_1024/c_scale,w_1024/v1/inception-app-prod/MGI0MmY3ZGItNDZlMC00MTI5LTgyNTAtZGM5M2FhYjhiZjI5/content/2024/01/ 22 KB
22 KB 254ms
164ms Image
image/webp 2a04:4e42::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_1024/c_scale,w_1024/v1/inception-app-prod/MGI0MmY3ZGItNDZlMC00MTI5LTgyNTAtZGM5M2FhYjhiZjI5/content/2024/01/0b76664c6847dfc2fb9f4573eab6fe2d03381489.jpg

Requested by

Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

ab3a374742a16a99dedf120a8ea412454bbb6e5df342d246f3a2c830af78d2b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 11:46:22 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="0b76664c6847dfc2fb9f4573eab6fe2d03381489.webp"
server-timing: cld-fastly;mitm=p;dur=157;cpu=0;start=2024-01-06T11:46:22.087Z;desc=miss,rtt;dur=5,content-info;desc="width=1024,height=683,bytes=22248,owidth=5184,oheight=3456,obytes=2045313,ef=(1,11,13,17,97)",cloudinary;dur=57;start=2024-01-06T11:46:22.143Z
content-length: 22248
last-modified: Fri, 05 Jan 2024 20:47:29 GMT
server: Cloudinary
etag: "3bf51382a644d7d7385a7c1b58f53dda"
vary: Save-Data
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 403
Forbidden images%2F51c08a291cdabc6164000002%2FNST6455031%2FNST6455031_1.jpeg
uploads-cf.cdn.placester.net/ 0
0 60ms
14ms Image
text/html 65.9.95.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-cf.cdn.placester.net/images%2F51c08a291cdabc6164000002%2FNST6455031%2FNST6455031_1.jpeg?d=400x225
Requested by: Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-92.prg50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 1ee5c3d5c7246f9da0e0d03d92689a0a6729d93d.jpg
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_1280/c_scale,w_1280/v1/inception-app-prod/MGI0MmY3ZGItNDZlMC00MTI5LTgyNTAtZGM5M2FhYjhiZjI5/content/2024/01/ 197 KB
197 KB 266ms
176ms Image
image/jpeg 2a04:4e42::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_1280/c_scale,w_1280/v1/inception-app-prod/MGI0MmY3ZGItNDZlMC00MTI5LTgyNTAtZGM5M2FhYjhiZjI5/content/2024/01/1ee5c3d5c7246f9da0e0d03d92689a0a6729d93d.jpg

Requested by

Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

a4995c00f0737212bd5244dbb40e5ee3e5643a1898cac6370d67f3993d1bfe10

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 11:46:22 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Fri, 05 Jan 2024 20:27:48 GMT
server: Cloudinary
etag: "c29fdc0532b0c937557aa24861a332a8"
vary: Save-Data
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
server-timing: cld-fastly;mitm=p;dur=168;cpu=1;start=2024-01-06T11:46:22.087Z;desc=miss,rtt;dur=5,content-info;desc="width=1280,height=853,bytes=201395,owidth=4954,oheight=3303,obytes=3772827,ef=(1,11,13,17,97)",cloudinary;dur=68;start=2024-01-06T11:46:22.139Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 201395

GET
H2 200 a13c262a7f3c9ad6a59f3ef0b7748e492d5438b4.jpg
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_1024/c_scale,w_1024/v1/inception-app-prod/MGI0MmY3ZGItNDZlMC00MTI5LTgyNTAtZGM5M2FhYjhiZjI5/content/2024/01/ 128 KB
129 KB 429ms
339ms Image
image/jpeg 2a04:4e42::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

91708d11aaee380d97105ead5708984e12293184503669104c9fe549b67f46f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 11:46:22 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Fri, 05 Jan 2024 23:07:17 GMT
server: Cloudinary
etag: "3d713916a4e7110ad6d1bd7d709fa519"
vary: Save-Data
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
server-timing: cld-fastly;mitm=p;dur=331;cpu=0;start=2024-01-06T11:46:22.088Z;desc=miss,rtt;dur=5,content-info;desc="width=1024,height=683,bytes=131482,owidth=5760,oheight=3840,obytes=4895698,ef=(1,11,13,17,97)",cloudinary;dur=224;start=2024-01-06T11:46:22.147Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 131482

GET
H2 200 91b9870483381d4cbbf638b6a41761e24267319f.jpg
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_1320/c_scale,w_1280/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2022/01/ 96 KB
96 KB 98ms
8ms Image
image/webp 2a04:4e42::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_1320/c_scale,w_1280/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2022/01/91b9870483381d4cbbf638b6a41761e24267319f.jpg

Requested by

Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

a97e81b40eac7f60d236260531a9161a459735d25391489ef367c0b681c1d201

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 11:46:22 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="91b9870483381d4cbbf638b6a41761e24267319f.webp"
server-timing: cld-fastly;mitm=p;dur=2;cpu=1;start=2024-01-06T11:46:22.086Z;desc=hit,rtt;dur=5,content-info;desc="width=1280,height=853,owidth=1000,oheight=667,obytes=764920"
content-length: 97978
last-modified: Tue, 03 Jan 2023 07:43:50 GMT
server: Cloudinary
etag: "ef535fb615c4498809ba7be2d561cf53"
vary: Save-Data
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 dd94217d9b34569368428fd468b1ff5cb13ef421.jpg
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_1280/c_scale,w_1280/v1/inception-app-prod/MGI0MmY3ZGItNDZlMC00MTI5LTgyNTAtZGM5M2FhYjhiZjI5/content/2024/01/ 185 KB
185 KB 310ms
220ms Image
image/jpeg 2a04:4e42::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

cb97a42d646e5fd8ab2c01c99053d67c8edb9e4b34cb5425e9df3d12c375d86e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 11:46:22 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Fri, 05 Jan 2024 20:27:48 GMT
server: Cloudinary
etag: "7a5774feb15b8a441d6f2f4435a2d788"
vary: Save-Data
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
server-timing: cld-fastly;mitm=p;dur=213;cpu=1;start=2024-01-06T11:46:22.086Z;desc=miss,rtt;dur=5,content-info;desc="width=1280,height=853,bytes=189490,owidth=5472,oheight=3648,obytes=3612017,ef=(1,11,13,17,97)",cloudinary;dur=114;start=2024-01-06T11:46:22.136Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 189490

GET
H/1.1 403
Forbidden images%2F51c08a291cdabc6164000002%2FNST6466886%2FNST6466886_1.jpeg
uploads-cf.cdn.placester.net/ 0
0 57ms
12ms Image
text/html 65.9.95.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-cf.cdn.placester.net/images%2F51c08a291cdabc6164000002%2FNST6466886%2FNST6466886_1.jpeg?d=400x225
Requested by: Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-92.prg50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 2c85e90caaa6d479060d1094fb8e962dfac99c0e.jpg
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_1280/c_scale,w_1280/v1/inception-app-prod/MGI0MmY3ZGItNDZlMC00MTI5LTgyNTAtZGM5M2FhYjhiZjI5/content/2024/01/ 672 KB
673 KB 274ms
185ms Image
image/jpeg 2a04:4e42::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

af25bd2300e353f156bce1ecb6603364d0d5fad2556c3c06f8587b192bebb60c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 11:46:22 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Fri, 05 Jan 2024 20:27:49 GMT
server: Cloudinary
etag: "e32f3e810e6039798f79b3b8c394cc26"
vary: Save-Data
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
server-timing: cld-fastly;mitm=p;dur=178;cpu=0;start=2024-01-06T11:46:22.087Z;desc=miss,rtt;dur=5,content-info;desc="width=1280,height=1920,bytes=688621,owidth=4000,oheight=6000,obytes=6932615,ef=(1,11,13,17,97)",cloudinary;dur=78;start=2024-01-06T11:46:22.139Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 688621

GET
H2 200 210bc9ca307edce4969d231dc99f1e7d3c0a54ce.jpg
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto/c_scale,w_1660/v1/inception-app-prod/MGI0MmY3ZGItNDZlMC00MTI5LTgyNTAtZGM5M2FhYjhiZjI5/content/2024/01/ 226 KB
226 KB 246ms
246ms Image
image/jpeg 2a04:4e42::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto/c_scale,w_1660/v1/inception-app-prod/MGI0MmY3ZGItNDZlMC00MTI5LTgyNTAtZGM5M2FhYjhiZjI5/content/2024/01/210bc9ca307edce4969d231dc99f1e7d3c0a54ce.jpg

Requested by

Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

956fd1cb9ece1ef72dfc49e456e4ed9a9cce548ff141976f06a63bda3d59daa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 11:46:22 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Fri, 05 Jan 2024 20:43:46 GMT
server: Cloudinary
etag: "d724434befb217f8db72a459e4847a3e"
vary: Save-Data
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
server-timing: cld-fastly;mitm=p;dur=239;cpu=1;start=2024-01-06T11:46:22.098Z;desc=miss,rtt;dur=5,content-info;desc="width=1660,height=1107,bytes=231510,owidth=4831,oheight=3221,obytes=1584738,ef=(1,11,13,17,97)",cloudinary;dur=137;start=2024-01-06T11:46:22.151Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 231510

GET
H2 200 bc0657211dc976edef46e77cb8c897ef2fe4c451.jpg
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_1024/c_scale,w_1024/v1/inception-app-prod/MGI0MmY3ZGItNDZlMC00MTI5LTgyNTAtZGM5M2FhYjhiZjI5/content/2024/01/ 29 KB
29 KB 168ms
167ms Image
image/webp 2a04:4e42::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

05edfc7615b4e1ab53a2312c592b782ad178470eeea0cc19520e8d5cde5e8dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 11:46:22 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="bc0657211dc976edef46e77cb8c897ef2fe4c451.webp"
server-timing: cld-fastly;mitm=p;dur=161;cpu=0;start=2024-01-06T11:46:22.098Z;desc=miss,rtt;dur=5,content-info;desc="width=1024,height=769,bytes=29782,owidth=4592,oheight=3448,obytes=983089,ef=(1,11,13,17,97)",cloudinary;dur=60;start=2024-01-06T11:46:22.149Z
content-length: 29782
last-modified: Fri, 05 Jan 2024 20:45:58 GMT
server: Cloudinary
etag: "d438a13e182ba57e740e9706c644b9d2"
vary: Save-Data
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ef427419926ce3f30bf2773786b33cae05890d8c.png
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto/c_scale,w_1660/v1/inception-app-prod/MGI0MmY3ZGItNDZlMC00MTI5LTgyNTAtZGM5M2FhYjhiZjI5/content/2023/12/ 28 KB
28 KB 164ms
163ms Image
image/webp 2a04:4e42::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

ad611f5112bb1ed39b9ecde8e2b6f11c976c58af5fa272aa0351a28f51952f7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 11:46:22 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="ef427419926ce3f30bf2773786b33cae05890d8c.webp"
server-timing: cld-fastly;mitm=p;dur=156;cpu=0;start=2024-01-06T11:46:22.099Z;desc=miss,rtt;dur=5,content-info;desc="width=1660,height=922,bytes=28192,owidth=2332,oheight=1295,obytes=85633,ef=(1,11,13,17,97)",cloudinary;dur=56;start=2024-01-06T11:46:22.150Z
content-length: 28192
last-modified: Sun, 31 Dec 2023 03:14:02 GMT
server: Cloudinary
etag: "c4809f218d45b08f3e7166afca7da4db"
vary: Save-Data
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 403
Forbidden images%2F51c08a291cdabc6164000002%2FNST6418927%2FNST6418927_1.jpeg
uploads-cf.cdn.placester.net/ 0
0 43ms
13ms Image
text/html 65.9.95.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-cf.cdn.placester.net/images%2F51c08a291cdabc6164000002%2FNST6418927%2FNST6418927_1.jpeg?d=400x225
Requested by: Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-92.prg50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 4923f82a5c107d9a4546c1014284605a92c524bc.jpg
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_1320/c_scale,w_1280/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2022/01/ 102 KB
102 KB 10ms
9ms Image
image/webp 2a04:4e42::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

95efc32a81dda7e76eddbc1453833379f0b3e76bb48481d5ab5be43b0b97547a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 11:46:22 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="4923f82a5c107d9a4546c1014284605a92c524bc.webp"
server-timing: cld-fastly;mitm=p;dur=2;cpu=0;start=2024-01-06T11:46:22.098Z;desc=hit,rtt;dur=5,content-info;desc="width=1280,height=853,owidth=1000,oheight=667,obytes=852338"
content-length: 104568
last-modified: Tue, 03 Jan 2023 07:43:50 GMT
server: Cloudinary
etag: "49a941ee60562e3d7ac778e6b49d1721"
vary: Save-Data
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MVBTMC2CXZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52GHC3V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

712c4579eb4731c5704c45d11144344aba2ca08580df8225ce28d30b6da3039e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 11:46:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93948
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 Jan 2024 11:46:22 GMT

GET
H2 200 widget_app_base_1704406956321.js Show response
cdn.userway.org/widgetapp/2024-01-04-22-22-36/ 138 KB
41 KB 25ms
11ms Script
application/javascript 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-01-04-22-22-36/widget_app_base_1704406956321.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: cf09ebdeff6e7f8894e79b9c2c179c2d3203b7956fd942b07a1333638f7d8e6e

Request headers

Referer: https://www.wickisergroup.com/
Origin: https://www.wickisergroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 06 Jan 2024 11:46:22 GMT
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 133799
x-amz-cf-pop: FRA60-P3
age: 542
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1704407783
x-77-nzt: EgwB1GY4tAH3pwoCAAwB1GY4mQH3EgAAAA
x-accel-expires: @1730327765
x-77-age: 133817
x-cache-lb: HIT
last-modified: Thu, 04 Jan 2024 22:25:34 GMT
server: CDN77-Turbo
etag: W/"607c015deda3dc2dee614b7adc919a8d"
x-77-nzt-ray: 6d204d11593f33838e3d996534a58a01
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: TrD8v2C8f6U8CincZ0srXtoTVgiEUVodsYnFRg208QPh6XwtkZ9BXA==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 35ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MVBTMC2CXZ&gtm=45je4130v9132880429z89132864846&_p=1704541581838&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=363778113.1704541582&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704541582&sct=1&seg=0&dl=https%3A%2F%2Fwww.wickisergroup.com%2F&dt=Minnesota%20real%20estate%20-%20The%20company%20with%20a%20purpose&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1271
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MVBTMC2CXZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 11:46:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wickisergroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RealSatisfied-30px.png
static.myrealestateplatform.com/Valhalla/assets/dist/images/ 1 KB
2 KB 11ms
10ms Image
image/png 18.66.112.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/images/RealSatisfied-30px.png?v=7b630f6314afd8e8628b
Requested by: Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-styles.css?v=a1eb2c9ec2a81b602484
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-114.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fda2493818952c9d8c00d69ec86ecacd37399673978fed11fd54db57bc017326

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-styles.css?v=a1eb2c9ec2a81b602484
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 14:13:17 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 13:46:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 77585
etag: "b5f44efe63ef536c3625672e4a03ccb8"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1261
x-amz-cf-id: otClGaxl1QrdxuYy6r-xdEBpF6WfQumlRHDCNH245k0H0o7rQtxKUA==

POST
H2 200 prdCKqbzRS Show response
api.userway.org/api/tunings/ 230 B
616 B 598ms
192ms XHR
application/json 2600:1f14:5db:eb11:b426:fa12:9fa6:5d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/prdCKqbzRS
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-01-04-22-22-36/widget_app_base_1704406956321.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb11:b426:fa12:9fa6:5d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95d9799b1ca0dfd40429df20c17fad612e975090646acd15e41c162ad8d3a27e

Request headers

Referer: https://www.wickisergroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 06 Jan 2024 11:46:22 GMT
etag: W/"e6-52RgKBdr29BH8UHaqnzBpg7tvXk"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usrb15da766839444d
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 230
x-service-version: uw-pr

GET
H2 200 b46cdcc78ecccb860180f8839e17a852792f809f.jpg
media.placester.com/image/upload/c_scale,dpr_1.0,f_auto,fl_lossy,q_auto,w_1320/c_scale,w_1280/v1/inception-app-prod/YmI4ZWFlZWEtNjUyZC00NjRhLTlkNTgtY2M2MGUyYzEwNzRi/content/2022/01/ 98 KB
99 KB 182ms
182ms Image
image/webp 2a04:4e42::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.wickisergroup.com
URL: https://www.wickisergroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

6ef857560608e0ba57b2ffe92ac2644a3a9655ed85c93be1221a69a32ccad5de

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 11:46:22 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="b46cdcc78ecccb860180f8839e17a852792f809f.webp"
server-timing: cld-fastly;mitm=p;dur=175;cpu=0;start=2024-01-06T11:46:22.227Z;desc=hit,rtt;dur=5,content-info;desc="width=1280,height=896,owidth=1000,oheight=700,obytes=801322"
content-length: 100828
last-modified: Tue, 03 Jan 2023 07:43:50 GMT
server: Cloudinary
etag: "5e29585427b1a76da659b8d0069eb3ee"
vary: Save-Data
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200
OK placester-ajax.php Show response
www.wickisergroup.com/wp-content/plugins/toolbox/src// 227 B
586 B 203ms
203ms XHR
application/json 52.86.1.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wickisergroup.com/wp-content/plugins/toolbox/src//placester-ajax.php

Requested by

Host: static.myrealestateplatform.com
URL: https://static.myrealestateplatform.com/Valhalla/assets/dist/valhalla-scripts.js?v=e3587744a8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.86.1.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-1-86.compute-1.amazonaws.com

Software

openresty / PHP/8.0.30

Resource Hash

b6bf41b73f441956ca5d8ea44990bf822f7feedc49ad0baf3b07035022ecbae1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
viewport-width: 1600
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://www.wickisergroup.com/
X-Requested-With: XMLHttpRequest
dpr: 1

Response headers

Expires: Wed, 11 Jan 1984 05:00:00 GMT
Pragma: no-cache
Date: Sat, 06 Jan 2024 11:46:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
X-Powered-By: PHP/8.0.30
Transfer-Encoding: chunked
Vary: Accept-Encoding, Cookie
Content-Type: application/json; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive
X-Served-By: app1

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-01-04-22-22-36/locales/ 501 B
962 B 8ms
7ms XHR
application/json 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-01-04-22-22-36/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-01-04-22-22-36/widget_app_base_1704406956321.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b87d34c5425a5b6bc0d37a08c2cd36cf21c2dac2645262a375f7460829859138

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 06 Jan 2024 11:46:22 GMT
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 133793
x-amz-cf-pop: FRA60-P3
age: 542
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1704407789
x-77-nzt: EgwB1GY4tAH3oQoCAAwBJRPCKAH3FgAAAA
x-accel-expires: @1730327767
x-77-age: 133815
x-cache-lb: HIT
last-modified: Thu, 04 Jan 2024 22:25:33 GMT
server: CDN77-Turbo
etag: W/"27831556b168f3c27f0819652aac1fb5"
x-77-nzt-ray: 6d204d11593f33838e3d9965e0223d2a
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: WN43vaMgxcXltTj3d5Y5RIHGpL2zbHaKZShJrZ5Zb1VTKeT8a3-Q_g==

GET
H2 200 remediation-tool-free.js Show response
cdn.userway.org/remediation/free/ 27 KB
11 KB 7ms
7ms Script
application/javascript 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/free/remediation-tool-free.js?ts=1704406956321
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-01-04-22-22-36/widget_app_base_1704406956321.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 183cc45dba738c437188902f73b52d1da7f33ebeef5d96d786c601901d6d7d9e

Request headers

Referer: https://www.wickisergroup.com/
Origin: https://www.wickisergroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 06 Jan 2024 11:46:23 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 133794
x-amz-cf-pop: FRA60-P3
age: 543
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1704407789
x-77-nzt: EgwB1GY4tAH3ogoCAAwB1GY4nAH3FAAAAA
x-accel-expires: @1730327769
x-77-age: 133814
x-cache-lb: HIT
last-modified: Thu, 04 Jan 2024 22:25:39 GMT
server: CDN77-Turbo
etag: W/"35bb37fed26c368b55578369432199af"
x-77-nzt-ray: 6d204d11593f33838f3d99658e5b800c
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: fczdN6sQwg6M-hTJmB0LJKkvqJHf4oXc59bJ0UG575q5o4YutTtXLQ==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 4 KB
3 KB 6ms
6ms Image
image/svg+xml 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 06 Jan 2024 11:46:23 GMT
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 133798
x-amz-cf-pop: FRA60-P3
age: 9
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1704407785
x-77-nzt: EgwB1GY4tAH3pgoCAAwBJRPCMQH3EAAAAA
x-accel-expires: @1730327769
x-77-age: 133814
x-cache-lb: HIT
last-modified: Wed, 27 Dec 2023 13:17:34 GMT
server: CDN77-Turbo
etag: W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray: 6d204d111247be828f3d996521dc910d
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: QhQPyba2d139eg-U6XkGtYeHX8sknmkzPvFE5RQtUXcAKSoLSIItSw==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 7ms
7ms Image
image/svg+xml 2a02:6ea0:c700::22
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wickisergroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 06 Jan 2024 11:46:23 GMT
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 133798
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1704407785
x-77-nzt: EgwB1GY4tAHXpgoCAAwB1GY4EQH3EQAAAA
x-accel-expires: @1730327768
x-77-age: 133815
x-cache-lb: HIT
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: 6d204d111247be828f3d99653aba970d
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: 3o_OQDQ859llWVim6ZtuE43KMLsfspZRo3V9UeYcbI30joaPSI8SlQ==

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.wickisergroup.com/	1969-12-31 23:59:59	Name: placester_events_session Value: 27a4dd55-d736-4eb9-a602-e71c8a581825
www.wickisergroup.com/	1970-01-21 02:14:37	Name: placester_events_uuid Value: e1a86563-4655-4f96-968d-4e25f6eff1f3
.wickisergroup.com/	1970-01-21 03:05:01	Name: _ga_MVBTMC2CXZ Value: GS1.1.1704541582.1.0.1704541582.0.0.0
.wickisergroup.com/	1970-01-21 03:05:01	Name: _ga Value: GA1.1.363778113.1704541582
www.wickisergroup.com/	1970-01-20 17:29:30	Name: placester_events_session_timestamp Value: 1704541582

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://uploads-cf.cdn.placester.net/images%2F51c08a291cdabc6164000002%2FNST6466886%2FNST6466886_1.jpeg?d=400x225 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://uploads-cf.cdn.placester.net/images%2F51c08a291cdabc6164000002%2FNST6418927%2FNST6418927_1.jpeg?d=400x225 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://uploads-cf.cdn.placester.net/images%2F51c08a291cdabc6164000002%2FNST6455031%2FNST6455031_1.jpeg?d=400x225 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://d126fxm3orgy3k.cloudfront.net/logos/51bf1fcf1cdabc6b71000004/s-51bf1fcf1cdabc6b71000004.gif Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
cdn.userway.org
d126fxm3orgy3k.cloudfront.net
events-va.placester.com
fonts.googleapis.com
fonts.gstatic.com
media.placester.com
region1.google-analytics.com
static.myrealestateplatform.com
uploads-cf.cdn.placester.net
wickisergroup.com
www.googletagmanager.com
www.wickisergroup.com
18.66.112.114
184.169.141.142
2001:4860:4802:34::36
2600:1f14:5db:eb11:b426:fa12:9fa6:5d
2a00:1450:4001:813::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:831::200a
2a02:6ea0:c700::22
2a04:4e42::614
52.70.63.47
52.86.1.86
65.9.95.73
65.9.95.92
03eeae789de3c45c82835e3d9e6a017ee2d3b12b683179c60ee888dece2e550e
05edfc7615b4e1ab53a2312c592b782ad178470eeea0cc19520e8d5cde5e8dd1
063b9237e402c98dfb77a66e5de0d02d953640fc8fe44911808c2fdcb80df26e
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
162f41badf3fde6be6dd92bdd812e2d6c9d979bb6cf0b6c629ad9feeeb7760e8
183cc45dba738c437188902f73b52d1da7f33ebeef5d96d786c601901d6d7d9e
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2182ef018fa0d2242c0e6d2c52a8fd1186372ca56d752cded26d8b1bd138d334
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
2c64be02dc3c3e18b405e04f08b702db127148be1cbf75026ef74a8b0966f820
36c4e6f6d670d4e6f75a995cd445979c7122714af85d4c1911b3b6de44e1846e
38b2e62bfbbeed100be9d1de0fcbd08fbe4dec34d2fb7f5986ce2ee233ad6546
3938f6ca3fa9e02dd210630abc9990d6ac0ed042fffdbfaa1a257c314a4028e1
59e7fa6d0a6ad6d8bb85872c03de9c0237de93a93a1af63095651052a5666778
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5d93665a4d59f3cf2dbd94fb7fe545a9079138bd2311321c748132175efa4af8
6ef857560608e0ba57b2ffe92ac2644a3a9655ed85c93be1221a69a32ccad5de
712c4579eb4731c5704c45d11144344aba2ca08580df8225ce28d30b6da3039e
91708d11aaee380d97105ead5708984e12293184503669104c9fe549b67f46f1
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
956fd1cb9ece1ef72dfc49e456e4ed9a9cce548ff141976f06a63bda3d59daa9
95d9799b1ca0dfd40429df20c17fad612e975090646acd15e41c162ad8d3a27e
95efc32a81dda7e76eddbc1453833379f0b3e76bb48481d5ab5be43b0b97547a
a06ab0c16ab0b446805cbe38ba18687b4d917ad435b162476d644f9d51e499ce
a4995c00f0737212bd5244dbb40e5ee3e5643a1898cac6370d67f3993d1bfe10
a97e81b40eac7f60d236260531a9161a459735d25391489ef367c0b681c1d201
ab3a374742a16a99dedf120a8ea412454bbb6e5df342d246f3a2c830af78d2b1
ad611f5112bb1ed39b9ecde8e2b6f11c976c58af5fa272aa0351a28f51952f7b
af25bd2300e353f156bce1ecb6603364d0d5fad2556c3c06f8587b192bebb60c
b67bfd6e6e4f939620c697b9ce751ee07df8583ff3fa4b29ed3ee3ea8f213372
b6bf41b73f441956ca5d8ea44990bf822f7feedc49ad0baf3b07035022ecbae1
b85c4d4bcb7be039d30281d940426203622394a85d4cd2b43048b57a924a7d51
b87d34c5425a5b6bc0d37a08c2cd36cf21c2dac2645262a375f7460829859138
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
cb97a42d646e5fd8ab2c01c99053d67c8edb9e4b34cb5425e9df3d12c375d86e
cf09ebdeff6e7f8894e79b9c2c179c2d3203b7956fd942b07a1333638f7d8e6e
df9c08f8fcc7b027ffe00f1510796b13be07fbac8d4c47cc754771adfe992cb6
e31a1811054e57e63802c93ed80ad118bebf7a813d80f29d5b06e9053cee4ee6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87d8bf6b8010c0172fd24b84320aff2d1a7fdf98d6fb2944cfd9aefc7d91f20
fda2493818952c9d8c00d69ec86ecacd37399673978fed11fd54db57bc017326

www.wickisergroup.com Open in urlscan Pro 52.86.1.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

54 %IPv6

10 Domains

13 Subdomains

13 IPs

2 Countries

3762 kBTransfer

6876 kBSize

5 Cookies

5 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.wickisergroup.com Open in urlscan Pro
52.86.1.86 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

54 %
IPv6

10
Domains

13
Subdomains

13
IPs

2
Countries

3762 kB
Transfer

6876 kB
Size

5
Cookies

46 HTTP transactions
1 data transactions