wicktemp.com Open in urlscan Pro
208.109.48.184 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wicktemp.com/
Submission Tags: phishingrod
Submission: On June 08 via api (June 8th 2024, 9:06:27 am UTC) from DE — Scanned from DE

Summary HTTP 22 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 22 HTTP transactions. The main IP is 208.109.48.184, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is wicktemp.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 7th 2024. Valid for: a year.

This is the only time wicktemp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	208.109.48.184 208.109.48.184	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
3	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.237.160.145 35.237.160.145	15169 (GOOGLE) (GOOGLE)
1 2	92.123.106.121 92.123.106.121	6762 (SEABONE-N...) (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A.)
2	2a02:26f0:170... 2a02:26f0:1700:11::b856:678c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:350... 2a02:26f0:3500:899::228b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
22	7

10 208.109.48.184 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 184.48.109.208.host.secureserver.net

wicktemp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.237.160.145 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 145.160.237.35.bc.googleusercontent.com

wickhospdev.wpengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.106.121 (Rome, Italy) 1 redirects

ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT)
PTR: a92-123-106-121.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:11::b856:678c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

events.api.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:899::228b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

csp.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	wicktemp.com wicktemp.com	2 MB
6	secureserver.net events.api.secureserver.net — Cisco Umbrella Rank: 14156 csp.secureserver.net — Cisco Umbrella Rank: 14307	560 B
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1397	181 KB
2	wsimg.com 1 redirects img1.wsimg.com — Cisco Umbrella Rank: 10882	21 KB
1	wpengine.com wickhospdev.wpengine.com	23 KB
22	5

	Domain	Requested by
10	wicktemp.com	wicktemp.com
4	csp.secureserver.net	img1.wsimg.com
3	use.fontawesome.com	wicktemp.com use.fontawesome.com
2	events.api.secureserver.net	img1.wsimg.com
2	img1.wsimg.com	1 redirects wicktemp.com
1	wickhospdev.wpengine.com	wicktemp.com
22	6

This site contains links to these domains. Also see Links.

Domain
www.google.com
wickhosp.mysecurescripts.com
mycarecorner.net
jobs.wickhosp.com
goo.gl
www.facebook.com
www.instagram.com
www.linkedin.com
twitter.com
www.youtube.com
www.pinterest.com
wickhospfoundation.org

Subject Issuer	Validity	Valid
wicktemp.com Go Daddy Secure Certificate Authority - G2	`2024-06-07` - `2025-06-07`	a year	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.wpengine.com RapidSSL TLS RSA CA G1	`2023-08-01` - `2024-08-28`	a year	crt.sh
*.api.secureserver.net Starfield Secure Certificate Authority - G2	`2023-07-10` - `2024-08-10`	a year	crt.sh
*.secureserver.net Starfield Secure Certificate Authority - G2	`2023-10-10` - `2024-11-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://wicktemp.com/
Frame ID: 42C4FE47C7DD69E4FEA85BC928C32DC5
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HEALTHCARE

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

91 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

2624 kB
Transfer

3128 kB
Size

3
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/maps/place/520+Rose+Ln,+Wickenburg,+AZ+85390/@33.9782868,-112.741716,17z/data=!3m1!4b1!4m6!3m5!1s0x80d34ec08fe15697:0xd591f84708ada5af!8m2!3d33.9782824!4d-112.7391411!16s%2Fg%2F11bw3xkmj7?entry=ttu
Title: 520 Rose Lane, Wickenburg Arizona 85390

Search URL Search Domain Scan URL

URL: https://wickhosp.mysecurescripts.com/quick-refill?redirect=%2F
Title: Quick Rx Refill

Search URL Search Domain Scan URL

URL: https://mycarecorner.net/
Title: Patient Portal

Search URL Search Domain Scan URL

URL: https://jobs.wickhosp.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://wickhosp.mysecurescripts.com/
Title: Pharmacy

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/1zXpyhqtb3G5xBqt8
Title: 520 Rose Lane, Wickenburg Arizona 85390

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WickenburgCommunityHospital
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/wickenburgcommunityhospital/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/wickenburg-community-hospital
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/WickHosp
Title: X

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@wickenburgcommunityhospita5494
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/wickhosp/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://wickhospfoundation.org/
Title: WCH Foundation

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wicktemp.com/ 30 KB
8 KB 561ms
230ms Document
text/html 208.109.48.184
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicktemp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.109.48.184 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 184.48.109.208.host.secureserver.net
Software: Apache / PHP/8.2.19
Resource Hash: 1d7f11869094f51d6407913166e609f3c97923f1d2fb7a8a7dc8d37c71c177c4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
content-length: 7876
content-type: text/html; charset=UTF-8
date: Sat, 08 Jun 2024 09:06:19 GMT
link: <https://wicktemp.com/wp-json/>; rel="https://api.w.org/", <https://wicktemp.com/wp-json/wp/v2/pages/14>; rel="alternate"; type="application/json", <https://wicktemp.com/>; rel=shortlink
server: Apache
vary: Accept-Encoding
x-powered-by: PHP/8.2.19

GET
H2 200 style.min.css
wicktemp.com/wp-includes/css/dist/block-library/ 111 KB
14 KB 166ms
161ms Stylesheet
text/css 208.109.48.184
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicktemp.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.4
Requested by: Host: wicktemp.com
URL: https://wicktemp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.109.48.184 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 184.48.109.208.host.secureserver.net
Software: Apache /
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wicktemp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:06:19 GMT
content-encoding: br
last-modified: Tue, 27 Feb 2024 14:48:23 GMT
server: Apache
etag: "3d60d88-1bae5-6125e1e30bbc0-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 13902

GET
H2 200 bootstrap.min.css
wicktemp.com/wp-content/themes/HEALTHCARE_WCH_Clinics/css/ 141 KB
18 KB 312ms
308ms Stylesheet
text/css 208.109.48.184
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicktemp.com/wp-content/themes/HEALTHCARE_WCH_Clinics/css/bootstrap.min.css?ver=6.5.4
Requested by: Host: wicktemp.com
URL: https://wicktemp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.109.48.184 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 184.48.109.208.host.secureserver.net
Software: Apache /
Resource Hash: 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wicktemp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:06:19 GMT
content-encoding: br
last-modified: Fri, 07 Jun 2024 20:39:40 GMT
server: Apache
etag: "4a225c8-235ed-61a52cc7bc119-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 18527

GET
H2 200 style.css
wicktemp.com/wp-content/themes/HEALTHCARE_WCH_Clinics/ 12 KB
3 KB 161ms
157ms Stylesheet
text/css 208.109.48.184
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicktemp.com/wp-content/themes/HEALTHCARE_WCH_Clinics/style.css?ver=6.5.4
Requested by: Host: wicktemp.com
URL: https://wicktemp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.109.48.184 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 184.48.109.208.host.secureserver.net
Software: Apache /
Resource Hash: 227486ef96820a40cff226478c1e45a72a4e439db6eac45c1ad330d86dc19e04

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wicktemp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:06:19 GMT
content-encoding: br
last-modified: Sat, 08 Jun 2024 08:08:55 GMT
server: Apache
etag: "4a225f0-2f99-61a5c6d72ed98-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 3071

GET
H2 200 all.css
use.fontawesome.com/releases/v6.5.2/css/ 101 KB
23 KB 342ms
220ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.5.2/css/all.css
Requested by: Host: wicktemp.com
URL: https://wicktemp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ceaaba22d75b58e04150311f596306562a3e595e27ed4b1dfa451b82dda9e50

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wicktemp.com/
Origin: https://wicktemp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:06:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 Apr 2024 15:42:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c325be79a5ecca85d68eb9e5b65a547a"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YWPn%2FOqlWYMs6TvcGrZJyiT7WE%2BDGvqUvPQR%2FhIwPO1OO854A%2FVEeDmi3BsBbFB7%2FEZkASt2QOTdrQh78VI2NsR6HWspNI0gNn7qJw%2BFTrTzdEtc%2BiEFV1WAhC3%2FPk6pp1iNjHmGoVo5JVvFjFEln7XO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8907b9a71f233737-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v6.5.2/css/ 27 KB
5 KB 332ms
209ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.5.2/css/v4-shims.css
Requested by: Host: wicktemp.com
URL: https://wicktemp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59da2eae4a505bc96abd025f48d2f8e2a985537424820c7908ac7eff22be1fe1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wicktemp.com/
Origin: https://wicktemp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:06:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 Apr 2024 15:42:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b179b3372e22ec97992038b52be36c15"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aVbEroX5N6qXUrZFx7NshqAwoC2mLQGq8uSbGk2ZXRmvJkia3bGTzclfujeimIwIi%2FKABJ5hXTL1%2B9zUerX6xvxuxy%2FoimrV8iqD5e6pS8VDHKSIuyqCCGfq83eCaQxghnFDoO9QMeh9s%2FM56TDdrsgg"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8907b9a71f203737-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 WCH-and-Clinics_clearbk.png
wicktemp.com/wp-content/uploads/2024/06/ 41 KB
41 KB 158ms
154ms Image
image/png 208.109.48.184
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicktemp.com/wp-content/uploads/2024/06/WCH-and-Clinics_clearbk.png
Requested by: Host: wicktemp.com
URL: https://wicktemp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.109.48.184 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 184.48.109.208.host.secureserver.net
Software: Apache /
Resource Hash: 3417edfaf82a85a73e550cc19484fef8a1317f892302e3ccab7df0584db3a5a3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wicktemp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:06:19 GMT
last-modified: Fri, 07 Jun 2024 23:49:33 GMT
server: Apache
accept-ranges: bytes
etag: "3d22f31-a571-61a557395b92e"
content-length: 42353
content-type: image/png

GET
H2 200 logo-1.png
wickhospdev.wpengine.com/wp-content/uploads/2019/09/ 23 KB
23 KB 491ms
143ms Image
image/png 35.237.160.145
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wickhospdev.wpengine.com/wp-content/uploads/2019/09/logo-1.png
Requested by: Host: wicktemp.com
URL: https://wicktemp.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.237.160.145 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 145.160.237.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7c7d79d430b58be1af12966b661b1537b565b3c99bff7eec70f4293a027a6c0a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wicktemp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:06:19 GMT
last-modified: Mon, 09 Sep 2019 01:28:59 GMT
server: nginx
etag: "5d75aadb-5ad5"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 23253

GET
H2 200 Hospital_Entrance.png
wicktemp.com/wp-content/uploads/2024/06/ 2 MB
2 MB 198ms
196ms Image
image/png 208.109.48.184
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicktemp.com/wp-content/uploads/2024/06/Hospital_Entrance.png
Requested by: Host: wicktemp.com
URL: https://wicktemp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.109.48.184 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 184.48.109.208.host.secureserver.net
Software: Apache /
Resource Hash: 4b802dbaeab9437885cfa41e4c2bca2196e5ff4fb53501d859705e94835be578

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wicktemp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:06:19 GMT
last-modified: Fri, 07 Jun 2024 22:22:28 GMT
server: Apache
accept-ranges: bytes
etag: "3d22f23-2355e2-61a543c268a1b"
content-length: 2315746
content-type: image/png

GET
H2 200 jquery3.1.1.min.js Show response
wicktemp.com/wp-content/themes/HEALTHCARE_WCH_Clinics/js/ 86 KB
29 KB 1298ms
1297ms Script
text/javascript 208.109.48.184
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicktemp.com/wp-content/themes/HEALTHCARE_WCH_Clinics/js/jquery3.1.1.min.js?ver=1
Requested by: Host: wicktemp.com
URL: https://wicktemp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.109.48.184 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 184.48.109.208.host.secureserver.net
Software: Apache /
Resource Hash: 2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wicktemp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:06:19 GMT
content-encoding: br
last-modified: Fri, 07 Jun 2024 20:39:40 GMT
server: Apache
etag: "4a225e3-15851-61a52cc7c0f39-br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 30083

GET
H2 200 scripts.js Show response
wicktemp.com/wp-content/themes/HEALTHCARE_WCH_Clinics/js/ 42 B
96 B 1298ms
1297ms Script
text/javascript 208.109.48.184
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicktemp.com/wp-content/themes/HEALTHCARE_WCH_Clinics/js/scripts.js?ver=1
Requested by: Host: wicktemp.com
URL: https://wicktemp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.109.48.184 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 184.48.109.208.host.secureserver.net
Software: Apache /
Resource Hash: d71c8618fb6151bc53fc9c0adeb461c1e6666c702e5a5d799807159919dcdcd1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wicktemp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:06:19 GMT
content-encoding: br
last-modified: Fri, 07 Jun 2024 20:39:40 GMT
server: Apache
etag: "4a225e4-2a-61a52cc7c0f39-br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 28

GET
H2

200

scc-c2.min.js Show response
img1.wsimg.com/signals/js/clients/scc-c2/
Redirect Chain

https://img1.wsimg.com/traffic-assets/js/tccl.min.js
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

105 KB
21 KB

27ms
27ms

Script
text/javascript

92.123.106.121
SEABONE-NET TELEC...

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Requested by: Host: wicktemp.com
URL: https://wicktemp.com/
Protocol: H2
Server: 92.123.106.121 Rome, Italy, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),
Reverse DNS: a92-123-106-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8f7092c94ef904c57584706cdb5f1fd9fe1efce52ce3105e99b9a7def487f09f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://wicktemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

x-amz-version-id: VDVeY4oO8ClQrknn.k4OgPWK0heF1LAr
content-encoding: gzip
date: Sat, 08 Jun 2024 09:06:19 GMT
x-amz-request-id: DKY739SYM86WBK1G
x-amz-server-side-encryption: AES256
x-amz-meta-version: 0.4.0
content-length: 20848
x-amz-id-2: Tq2cyEcwXmL/+4MNIibfJctqanAGscCnXS2bnnnmn9izMFGb3hOKHZ3ZC6d8c81wG3Y7aDjYZeo=
last-modified: Fri, 17 May 2024 22:31:26 GMT
etag: "ace51bdb3b35a6b66c74fa115d4caa3f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jun 2024 09:36:19 GMT

Redirect headers

location: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
access-control-allow-origin: *
date: Sat, 08 Jun 2024 09:06:19 GMT
cache-control: max-age=31536000
timing-allow-origin: *
content-length: 0
expires: Sun, 08 Jun 2025 09:06:19 GMT

GET
BLOB 200
OK d1efe39c-c405-41e8-bf63-2fabbdcdedc7
https://wicktemp.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://wicktemp.com/d1efe39c-c405-41e8-bf63-2fabbdcdedc7
Requested by: Host: wicktemp.com
URL: https://wicktemp.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v6.5.2/webfonts/ 153 KB
153 KB 253ms
252ms Font
font/woff2 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.5.2/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v6.5.2/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae17c16afbea216707b2203ea1cf9bdb45b9bfe47d0f4ae3258ddbc6294dd02f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://use.fontawesome.com/releases/v6.5.2/css/all.css
Origin: https://wicktemp.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:06:19 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Apr 2024 15:44:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1ec0ba058c021acf7feaa18081445d63"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QzumBdSJhGMkP%2BFjDXN47xsHuinptPAbx8V2k8Xn3Rj5%2F8YlUk1HVfjxaCzcl58f87iX2hTl1pdlIgQZeSg3ykbpTgL%2Bnr94NI%2FFUHbOWvSGMU0ybgP%2F51jQrJGcr56VSKlHJi6QAVB4ljx1DJ1w36cM"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8907b9a8a9a83737-FRA
alt-svc: h3=":443"; ma=86400
content-length: 156400

GET
H2 200 wp-emoji-release.min.js Show response
wicktemp.com/wp-includes/js/ 18 KB
5 KB 160ms
160ms Script
text/javascript 208.109.48.184
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicktemp.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.4
Requested by: Host: wicktemp.com
URL: https://wicktemp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.109.48.184 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 184.48.109.208.host.secureserver.net
Software: Apache /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wicktemp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:06:20 GMT
content-encoding: br
last-modified: Tue, 13 Feb 2024 14:36:07 GMT
server: Apache
etag: "41827cf-4926-61144508b03c0-br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 4667

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
280 B 144ms
110ms Fetch
image/gif 2a02:26f0:1700:11::b856:678c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:1700:11::b856:678c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wicktemp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Sat, 08 Jun 2024 09:06:20 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://wicktemp.com
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
280 B 141ms
110ms Fetch
image/gif 2a02:26f0:1700:11::b856:678c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?dh=wicktemp.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.4.0&vg=f740ef10-e34b-47c2-a8bc-fac09b7af385&vtg=f740ef10-e34b-47c2-a8bc-fac09b7af385&dp=%2F&trace_id=ad85bee157324e11be510343d56056d2&cts=2024-06-08T09%3A06%3A20.860Z&hit_id=5cac0ccc-c4c6-4f0a-a3ff-66987459b357&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22p3plzcpnl502910%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%229932546%22%2C%22cp_cl%22%3A%228%22%7D&ap=cpsh-oh&vci=1371796742&z=1039679438&tce=1717837578993&tcs=1717837578671&tdc=1717837580856&tdclee=1717837580692&tdcles=1717837580692&tdi=1717837580692&tdl=1717837579230&tdle=1717837578671&tdls=1717837578671&tfs=1717837578661&tns=1717837578660&trqs=1717837578993&tre=1717837579224&trps=1717837579223&tles=1717837580856&tlee=0&nt=navigate&LCP=2031&nav_type=hard

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:1700:11::b856:678c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wicktemp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Sat, 08 Jun 2024 09:06:20 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://wicktemp.com
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 Favicon-150x150.png
wicktemp.com/wp-content/uploads/2024/06/ 17 KB
18 KB 158ms
158ms Other
image/png 208.109.48.184
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://wicktemp.com/wp-content/uploads/2024/06/Favicon-150x150.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.109.48.184 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 184.48.109.208.host.secureserver.net
Software: Apache /
Resource Hash: 64d6fedbb23ec98269e64b2bf3b601093565c53b12867dba83179129c9d09bc9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://wicktemp.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 09:06:20 GMT
last-modified: Fri, 07 Jun 2024 22:10:09 GMT
server: Apache
accept-ranges: bytes
etag: "3d22f22-45ba-61a54101899bf"
content-length: 17850
content-type: image/png

OPTIONS
H/1.1 200
OK eventbus
csp.secureserver.net/ 0
0 196ms
110ms Preflight
application/json 2a02:26f0:3500:899::228b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:899::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://wicktemp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,authorization
Access-Control-Allow-Methods: OPTIONS,POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Sat, 08 Jun 2024 09:06:21 GMT
Expires: Sat, 08 Jun 2024 09:06:21 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id: ZCnKHGENIAMEGWg=
x-amzn-requestid: 4fd8f1d8-70bf-418c-8e0d-8636d644f2e2
x-amzn-trace-id: Root=1-66641f0d-5add1b2105583cfd55390bf5
x-envoy-upstream-service-time: 6

POST
H/1.1 202
Accepted eventbus
csp.secureserver.net/ 0
0 217ms
217ms Fetch
application/json 2a02:26f0:3500:899::228b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:899::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: api-key b18ef4f046435b64a469b32c3c1c20a3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://wicktemp.com/
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sat, 08 Jun 2024 09:06:21 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amzn-trace-id: Root=1-66641f0d-7f96d5841e21a2b52872a8ad
x-amzn-requestid: 78252ef4-ede3-434b-b467-0641b498c41d
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 107
Connection: keep-alive
x-amz-apigw-id: ZCnKIElYoAMEBwA=
Content-Length: 0
Expires: Sat, 08 Jun 2024 09:06:21 GMT

POST
H/1.1 202
Accepted eventbus
csp.secureserver.net/ 0
0 230ms
230ms Fetch
application/json 2a02:26f0:3500:899::228b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:899::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: api-key 8da2217409854bee82e12dc4ca0b39fb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://wicktemp.com/
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sat, 08 Jun 2024 09:06:21 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amzn-trace-id: Root=1-66641f0d-6da1ceec527f2e80631ab3e8
x-amzn-requestid: 545f833a-532e-4f03-a99b-1258b4336919
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 108
Connection: keep-alive
x-amz-apigw-id: ZCnKIEvkoAMEQYQ=
Content-Length: 0
Expires: Sat, 08 Jun 2024 09:06:21 GMT

OPTIONS
H/1.1 200
OK eventbus
csp.secureserver.net/ 0
0 195ms
110ms Preflight
application/json 2a02:26f0:3500:899::228b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:899::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://wicktemp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,authorization
Access-Control-Allow-Methods: OPTIONS,POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Sat, 08 Jun 2024 09:06:21 GMT
Expires: Sat, 08 Jun 2024 09:06:21 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id: ZCnKHHleIAMEQjA=
x-amzn-requestid: f3bd32fd-5b2c-42d0-af82-face4056cf90
x-amzn-trace-id: Root=1-66641f0d-19d4dbab68bf192c0e2294ef
x-envoy-upstream-service-time: 7

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wicktemp.com/	1970-01-21 05:56:13	Name: _tccl_visitor Value: f740ef10-e34b-47c2-a8bc-fac09b7af385
.wicktemp.com/	1970-01-20 21:10:39	Name: _tccl_visit Value: f740ef10-e34b-47c2-a8bc-fac09b7af385
.wicktemp.com/	1970-01-20 21:10:38	Name: _scc_session Value: pc=1&C_TOUCH=2024-06-08T09:06:20.690Z

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://wicktemp.com/ Message: Mixed Content: The page at 'https://wicktemp.com/' was loaded over HTTPS, but requested an insecure element 'http://wickhospdev.wpengine.com/wp-content/uploads/2019/09/logo-1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://wicktemp.com/(Line 223) Message: Mixed Content: The page at 'https://wicktemp.com/' was loaded over HTTPS, but requested an insecure element 'http://wickhospdev.wpengine.com/wp-content/uploads/2019/09/logo-1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csp.secureserver.net
events.api.secureserver.net
img1.wsimg.com
use.fontawesome.com
wickhospdev.wpengine.com
wicktemp.com
208.109.48.184
2606:4700:3036::6815:1b98
2a02:26f0:1700:11::b856:678c
2a02:26f0:3500:899::228b
35.237.160.145
92.123.106.121
1d7f11869094f51d6407913166e609f3c97923f1d2fb7a8a7dc8d37c71c177c4
227486ef96820a40cff226478c1e45a72a4e439db6eac45c1ad330d86dc19e04
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
3417edfaf82a85a73e550cc19484fef8a1317f892302e3ccab7df0584db3a5a3
4b802dbaeab9437885cfa41e4c2bca2196e5ff4fb53501d859705e94835be578
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
59da2eae4a505bc96abd025f48d2f8e2a985537424820c7908ac7eff22be1fe1
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5ceaaba22d75b58e04150311f596306562a3e595e27ed4b1dfa451b82dda9e50
64d6fedbb23ec98269e64b2bf3b601093565c53b12867dba83179129c9d09bc9
7c7d79d430b58be1af12966b661b1537b565b3c99bff7eec70f4293a027a6c0a
8f7092c94ef904c57584706cdb5f1fd9fe1efce52ce3105e99b9a7def487f09f
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
ae17c16afbea216707b2203ea1cf9bdb45b9bfe47d0f4ae3258ddbc6294dd02f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
d71c8618fb6151bc53fc9c0adeb461c1e6666c702e5a5d799807159919dcdcd1

wicktemp.com Open in urlscan Pro 208.109.48.184 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

22 Requests

91 %HTTPS

50 %IPv6

5 Domains

6 Subdomains

7 IPs

3 Countries

2624 kBTransfer

3128 kBSize

3 Cookies

13 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

3 Cookies

2 Console Messages

Indicators

wicktemp.com Open in urlscan Pro
208.109.48.184 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

91 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

2624 kB
Transfer

3128 kB
Size

3
Cookies

22 HTTP transactions
0 data transactions