0z4.4bd.mytemp.website Open in urlscan Pro
192.169.151.247 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://0z4.4bd.mytemp.website/
Submission: On June 14 via api (June 14th 2024, 1:58:36 pm UTC) from US — Scanned from DE

Summary HTTP 29 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 29 HTTP transactions. The main IP is 192.169.151.247, located in United States and belongs to GO-DADDY-COM-LLC, US. The main domain is 0z4.4bd.mytemp.website.
TLS certificate: Issued by R10 on June 10th 2024. Valid for: 3 months.

This is the only time 0z4.4bd.mytemp.website was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	192.169.151.247 192.169.151.247	398101 (GO-DADDY-...) (GO-DADDY-COM-LLC)
1 2	23.38.98.114 23.38.98.114	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2606:4700:440... 2606:4700:4400::6812:27c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:350... 2a02:26f0:3500:18::1724:a292	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:350... 2a02:26f0:3500:2aa::228b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
29	6

17 192.169.151.247 (United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 247.151.169.192.host.secureserver.net

0z4.4bd.mytemp.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.38.98.114 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-114.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::6812:27c3 (United States)

ASN13335 (CLOUDFLARENET, US)

gwhs.i.gov.ph	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:18::1724:a292 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

events.api.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:2aa::228b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

csp.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	mytemp.website 0z4.4bd.mytemp.website	8 MB
6	secureserver.net events.api.secureserver.net — Cisco Umbrella Rank: 14127 csp.secureserver.net — Cisco Umbrella Rank: 14267	574 B
4	i.gov.ph gwhs.i.gov.ph — Cisco Umbrella Rank: 172878	9 KB
2	wsimg.com 1 redirects img1.wsimg.com — Cisco Umbrella Rank: 11055	21 KB
29	4

	Domain	Requested by
17	0z4.4bd.mytemp.website	0z4.4bd.mytemp.website
4	csp.secureserver.net	img1.wsimg.com
4	gwhs.i.gov.ph	0z4.4bd.mytemp.website gwhs.i.gov.ph
2	events.api.secureserver.net	img1.wsimg.com
2	img1.wsimg.com	1 redirects 0z4.4bd.mytemp.website
29	5

This site contains links to these domains. Also see Links.

Domain
bpbc.ibpls.com
www.gov.ph
www.facebook.com
localhost
coron.gov.ph

Subject Issuer	Validity	Valid
0z4.4bd.mytemp.website R10	`2024-06-10` - `2024-09-08`	3 months	crt.sh
gwhs.i.gov.ph DigiCert EV RSA CA G2	`2023-11-23` - `2024-11-23`	a year	crt.sh
*.api.secureserver.net Starfield Secure Certificate Authority - G2	`2023-07-10` - `2024-08-10`	a year	crt.sh
*.secureserver.net Starfield Secure Certificate Authority - G2	`2023-10-10` - `2024-11-10`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://0z4.4bd.mytemp.website/
Frame ID: A93E377A0118B8AAB8362B7DE0DFF70D
Requests: 27 HTTP requests in this frame

Frame: https://gwhs.i.gov.ph/gwt-footer/footer-source.html
Frame ID: 70DB60814D9AFA4475B4B11C5DBB47D6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Municipality of Coron, Palawan

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

29
Requests

93 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

8427 kB
Transfer

9369 kB
Size

6
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://bpbc.ibpls.com/coronpalawan/?fbclid=IwAR3MivZtzG4xhTzEIPz1-wdWfeQa0SXbzWjTR_tsbNISVSkh4g_Y1-_Owno
Title: eBPLS | Business Permits Licensing System

Search URL Search Domain Scan URL

URL: http://www.gov.ph/
Title: GOVPH

Search URL Search Domain Scan URL

URL: https://www.gov.ph/
Title: GOVPH

Search URL Search Domain Scan URL

URL: https://www.facebook.com/profile.php?id=100069087854703
Title: Municipal Government of Coron

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mdrrmo.coron
Title: M

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CoronMHO
Title: Municipal Health Office Coron

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cgs.coron
Title: Coast Guard Coron

Search URL Search Domain Scan URL

URL: https://www.facebook.com/coronfire.station
Title: Coron Fire Station

Search URL Search Domain Scan URL

URL: https://www.facebook.com/coron.mps.5
Title: Coron Philippine National Police

Search URL Search Domain Scan URL

URL: https://www.facebook.com/maritime.coron
Title: Coron Maritime Police

Search URL Search Domain Scan URL

URL: https://www.facebook.com/profile.php?id=100069072733587
Title: Municipal Social Welfare and Development Office

Search URL Search Domain Scan URL

URL: http://localhost/wordpress/citizens-charter/
Title: Citizen's Charter

Search URL Search Domain Scan URL

URL: http://coron.gov.ph/
Title: coron.gov.ph

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

29 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
0z4.4bd.mytemp.website/ 49 KB
10 KB 1884ms
1560ms Document
text/html 192.169.151.247
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://0z4.4bd.mytemp.website/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.169.151.247 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

247.151.169.192.host.secureserver.net

Software

Apache / PHP/7.4.33

Resource Hash

7026e09a5c9484f01e810424a3e51a434b467e08f8a4f29c66aeb4fa5adcd69b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
content-length: 10406
content-type: text/html; charset=UTF-8
date: Fri, 14 Jun 2024 13:58:23 GMT
link: <https://0z4.4bd.mytemp.website/wp-json/>; rel="https://api.w.org/"
server: Apache
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.33

GET
H2 200 style.min.css
0z4.4bd.mytemp.website/wp-includes/css/dist/block-library/ 111 KB
14 KB 163ms
160ms Stylesheet
text/css 192.169.151.247
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://0z4.4bd.mytemp.website/wp-includes/css/dist/block-library/style.min.css?ver=6.5.4
Requested by: Host: 0z4.4bd.mytemp.website
URL: https://0z4.4bd.mytemp.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.169.151.247 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 247.151.169.192.host.secureserver.net
Software: Apache /
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://0z4.4bd.mytemp.website/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:58:24 GMT
content-encoding: br
last-modified: Tue, 27 Feb 2024 14:48:23 GMT
server: Apache
etag: "7840257-1bae5-6125e1e30bbc0-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 13902

GET
H2 200 foundation.min.css
0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/foundation/css/ 94 KB
13 KB 315ms
312ms Stylesheet
text/css 192.169.151.247
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/foundation/css/foundation.min.css?ver=20160530
Requested by: Host: 0z4.4bd.mytemp.website
URL: https://0z4.4bd.mytemp.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.169.151.247 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 247.151.169.192.host.secureserver.net
Software: Apache /
Resource Hash: 6409c68f26b73ad5f22cf7ee1a294b5398deb4a63b134e11f2ee6f939fc5d81e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://0z4.4bd.mytemp.website/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:58:24 GMT
content-encoding: br
last-modified: Mon, 10 Jun 2024 03:36:54 GMT
server: Apache
etag: "78c1f33-1782a-61a80dc557408-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 12925

GET
H2 200 font-awesome.min.css
0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/css/ 30 KB
7 KB 164ms
161ms Stylesheet
text/css 192.169.151.247
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/css/font-awesome.min.css?ver=20160530
Requested by: Host: 0z4.4bd.mytemp.website
URL: https://0z4.4bd.mytemp.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.169.151.247 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 247.151.169.192.host.secureserver.net
Software: Apache /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://0z4.4bd.mytemp.website/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:58:24 GMT
content-encoding: br
last-modified: Mon, 10 Jun 2024 03:36:54 GMT
server: Apache
etag: "78c1f24-7918-61a80dc553d58-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 6663

GET
H2 200 genericons.css
0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/genericons/ 28 KB
16 KB 162ms
159ms Stylesheet
text/css 192.169.151.247
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/genericons/genericons.css?ver=3.4.1
Requested by: Host: 0z4.4bd.mytemp.website
URL: https://0z4.4bd.mytemp.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.169.151.247 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 247.151.169.192.host.secureserver.net
Software: Apache /
Resource Hash: 4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://0z4.4bd.mytemp.website/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:58:24 GMT
content-encoding: br
last-modified: Mon, 10 Jun 2024 03:36:55 GMT
server: Apache
etag: "78e2c1b-6e6a-61a80dc55aab9-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 15973

GET
H2 200 theme.css
0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/ 17 KB
5 KB 159ms
157ms Stylesheet
text/css 192.169.151.247
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/theme.css?ver=20160530
Requested by: Host: 0z4.4bd.mytemp.website
URL: https://0z4.4bd.mytemp.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.169.151.247 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 247.151.169.192.host.secureserver.net
Software: Apache /
Resource Hash: 61a8bddafb73769efd3380c5db4a191530a8a174728e17631f2aea8ef44279af

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://0z4.4bd.mytemp.website/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:58:24 GMT
content-encoding: br
last-modified: Mon, 10 Jun 2024 03:36:55 GMT
server: Apache
etag: "78a2050-4360-61a80dc55e551-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 4566

GET
H2 200 style.css
0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/ 753 B
505 B 157ms
155ms Stylesheet
text/css 192.169.151.247
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/style.css?ver=20160530
Requested by: Host: 0z4.4bd.mytemp.website
URL: https://0z4.4bd.mytemp.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.169.151.247 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 247.151.169.192.host.secureserver.net
Software: Apache /
Resource Hash: cb6443b36f4f109dae33e27ed59217330a80882b5bac184fbecd8a74ea502855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://0z4.4bd.mytemp.website/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:58:24 GMT
content-encoding: br
last-modified: Mon, 10 Jun 2024 03:36:55 GMT
server: Apache
etag: "78a204f-2f1-61a80dc55e169-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 389

GET
H2 200 jquery-3.6.0.min.js Show response
0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/foundation/js/vendor/ 87 KB
30 KB 314ms
312ms Script
text/javascript 192.169.151.247
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/foundation/js/vendor/jquery-3.6.0.min.js?ver=20160530
Requested by: Host: 0z4.4bd.mytemp.website
URL: https://0z4.4bd.mytemp.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.169.151.247 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 247.151.169.192.host.secureserver.net
Software: Apache /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://0z4.4bd.mytemp.website/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:58:24 GMT
content-encoding: br
last-modified: Mon, 10 Jun 2024 03:36:54 GMT
server: Apache
etag: "78e2c11-15d9d-61a80dc559349-br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 30304

GET
H2 200 foundation.min.js Show response
0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/foundation/js/vendor/ 524 KB
83 KB 318ms
316ms Script
text/javascript 192.169.151.247
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/foundation/js/vendor/foundation.min.js?ver=20160530
Requested by: Host: 0z4.4bd.mytemp.website
URL: https://0z4.4bd.mytemp.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.169.151.247 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 247.151.169.192.host.secureserver.net
Software: Apache /
Resource Hash: 9f6e104c2353bcb2b2da6e9cde14dac085bdd26391a86da639541ccb51646507

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://0z4.4bd.mytemp.website/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:58:24 GMT
content-encoding: br
last-modified: Mon, 10 Jun 2024 03:36:54 GMT
server: Apache
etag: "78e2c10-83056-61a80dc558f61-br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes

GET
H2 200 jquery.min.js Show response
0z4.4bd.mytemp.website/wp-includes/js/jquery/ 86 KB
29 KB 309ms
307ms Script
text/javascript 192.169.151.247
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://0z4.4bd.mytemp.website/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: 0z4.4bd.mytemp.website
URL: https://0z4.4bd.mytemp.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.169.151.247 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 247.151.169.192.host.secureserver.net
Software: Apache /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://0z4.4bd.mytemp.website/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:58:24 GMT
content-encoding: br
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: Apache
etag: "7841d7e-15601-603fed35e19c0-br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 29769

GET
H2 200 jquery-migrate.min.js Show response
0z4.4bd.mytemp.website/wp-includes/js/jquery/ 13 KB
5 KB 159ms
158ms Script
text/javascript 192.169.151.247
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://0z4.4bd.mytemp.website/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: 0z4.4bd.mytemp.website
URL: https://0z4.4bd.mytemp.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.169.151.247 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 247.151.169.192.host.secureserver.net
Software: Apache /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://0z4.4bd.mytemp.website/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:58:24 GMT
content-encoding: br
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: Apache
etag: "7841d72-3509-5fdabee5f2100-br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 4685

GET
H2 200 NEW-CORON-LOGO.png
0z4.4bd.mytemp.website/wp-content/uploads/2024/06/ 8 MB
8 MB 160ms
160ms Image
image/png 192.169.151.247
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0z4.4bd.mytemp.website/wp-content/uploads/2024/06/NEW-CORON-LOGO.png
Requested by: Host: 0z4.4bd.mytemp.website
URL: https://0z4.4bd.mytemp.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.169.151.247 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 247.151.169.192.host.secureserver.net
Software: Apache /
Resource Hash: 8172a22371b7646efa8924779c9cf5dbbfb9173270984f105f90be5b11646689

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://0z4.4bd.mytemp.website/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:58:25 GMT
last-modified: Mon, 10 Jun 2024 03:40:08 GMT
server: Apache
accept-ranges: bytes
etag: "7843713-7e5489-61a80e7dcdd19"
content-length: 8279177
content-type: image/png

GET
H2 200 skip-link-focus-fix.js Show response
0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/js/ 1 KB
559 B 465ms
464ms Script
text/javascript 192.169.151.247
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/js/skip-link-focus-fix.js?ver=20130115
Requested by: Host: 0z4.4bd.mytemp.website
URL: https://0z4.4bd.mytemp.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.169.151.247 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 247.151.169.192.host.secureserver.net
Software: Apache /
Resource Hash: 6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://0z4.4bd.mytemp.website/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:58:25 GMT
content-encoding: br
last-modified: Mon, 10 Jun 2024 03:36:55 GMT
server: Apache
etag: "7902c29-423-61a80dc55d999-br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 478

GET
H2 200 theme.js Show response
0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/js/ 10 KB
2 KB 466ms
465ms Script
text/javascript 192.169.151.247
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/js/theme.js?ver=20160530
Requested by: Host: 0z4.4bd.mytemp.website
URL: https://0z4.4bd.mytemp.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.169.151.247 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 247.151.169.192.host.secureserver.net
Software: Apache /
Resource Hash: 2a93ced2397b3b021f94aa9b23976a873e2c453eea6a186b80c5eb1d8e78c202

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://0z4.4bd.mytemp.website/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:58:25 GMT
content-encoding: br
last-modified: Mon, 10 Jun 2024 03:36:55 GMT
server: Apache
etag: "7902c2a-29de-61a80dc55d999-br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 2135

GET
H2

200

scc-c2.min.js Show response
img1.wsimg.com/signals/js/clients/scc-c2/
Redirect Chain

https://img1.wsimg.com/traffic-assets/js/tccl.min.js
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

105 KB
21 KB

10ms
9ms

Script
text/javascript

23.38.98.114
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Requested by: Host: 0z4.4bd.mytemp.website
URL: https://0z4.4bd.mytemp.website/
Protocol: H2
Server: 23.38.98.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-114.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8f7092c94ef904c57584706cdb5f1fd9fe1efce52ce3105e99b9a7def487f09f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://0z4.4bd.mytemp.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: VDVeY4oO8ClQrknn.k4OgPWK0heF1LAr
content-encoding: gzip
date: Fri, 14 Jun 2024 13:58:25 GMT
x-amz-request-id: YZ7SGDZDGX67DBSN
x-amz-server-side-encryption: AES256
x-amz-meta-version: 0.4.0
content-length: 20848
x-amz-id-2: /qG+3U5faooB5kxZoHvImH3nBhU4yiJkA7qYM2c8/iH4+1h2iVH+zv3Ina1/O2XL7Wq215FT8zA=
last-modified: Fri, 17 May 2024 22:31:26 GMT
etag: "ace51bdb3b35a6b66c74fa115d4caa3f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 14:28:25 GMT

Redirect headers

location: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
access-control-allow-origin: *
date: Fri, 14 Jun 2024 13:58:25 GMT
cache-control: max-age=31536000
timing-allow-origin: *
content-length: 0
expires: Sat, 14 Jun 2025 13:58:25 GMT

GET
BLOB 200
OK 82418372-1c13-4825-bc7f-ef897e50ac78
https://0z4.4bd.mytemp.website/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://0z4.4bd.mytemp.website/82418372-1c13-4825-bc7f-ef897e50ac78
Requested by: Host: 0z4.4bd.mytemp.website
URL: https://0z4.4bd.mytemp.website/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 footer.js Show response
gwhs.i.gov.ph/gwt-footer/ 6 KB
3 KB 260ms
218ms Script
application/javascript 2606:4700:4400::6812:27c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gwhs.i.gov.ph/gwt-footer/footer.js

Requested by

Host: 0z4.4bd.mytemp.website
URL: https://0z4.4bd.mytemp.website/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GOSD

Resource Hash

f693b667acebfeadb6e4acf408e4e4c75197cfd96d6542118fb548130b297351

Security Headers

Name	Value
Content-Security-Policy	worker-src 'self' https://*
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://0z4.4bd.mytemp.website/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:58:25 GMT
content-security-policy: worker-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: GOSD
x-xss-protection: 1; mode=block
pragma: cache
referrer-policy: no-referrer
last-modified: Sat, 30 Dec 2023 06:31:49 GMT
server: cloudflare
etag: W/"658fb955-179f"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), microphone=(), camera=(), fullscreen=(self), usb=(self)
cf-ray: 893ad5c8a8bc4dc3-FRA
expires: Sat, 14 Jun 2025 13:58:25 GMT

GET
H2 200 gwtpst.js Show response
gwhs.i.gov.ph/pst/ 13 KB
5 KB 819ms
778ms Script
application/javascript 2606:4700:4400::6812:27c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gwhs.i.gov.ph/pst/gwtpst.js?1718373505338

Requested by

Host: 0z4.4bd.mytemp.website
URL: https://0z4.4bd.mytemp.website/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GOSD

Resource Hash

b12ea76b72228b9369cf697f594192153c132db30aff0e6a3b2695d9e7009077

Security Headers

Name	Value
Content-Security-Policy	worker-src 'self' https://*
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://0z4.4bd.mytemp.website/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:58:26 GMT
content-security-policy: worker-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: GOSD
x-xss-protection: 1; mode=block
pragma: cache
referrer-policy: no-referrer
last-modified: Sat, 30 Dec 2023 06:35:46 GMT
server: cloudflare
etag: W/"658fba42-32ba"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), microphone=(), camera=(), fullscreen=(self), usb=(self)
cf-ray: 893ad5c8a8b94dc3-FRA
expires: Sat, 14 Jun 2025 13:58:26 GMT

GET
H2 200 fontawesome-webfont.woff2
0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/fonts/ 75 KB
75 KB 6107ms
6106ms Font
font/woff2 192.169.151.247
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: 0z4.4bd.mytemp.website
URL: https://0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/css/font-awesome.min.css?ver=20160530
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.169.151.247 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 247.151.169.192.host.secureserver.net
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/css/font-awesome.min.css?ver=20160530
Origin: https://0z4.4bd.mytemp.website
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:58:26 GMT
content-encoding: br
last-modified: Mon, 10 Jun 2024 03:36:54 GMT
server: Apache
etag: "78c1f30-12d68-61a80dc556c38-br"
vary: Accept-Encoding
content-type: font/woff2
accept-ranges: bytes
content-length: 77165

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7

Request headers

Referer
Origin: https://0z4.4bd.mytemp.website
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 wp-emoji-release.min.js Show response
0z4.4bd.mytemp.website/wp-includes/js/ 18 KB
5 KB 6069ms
6068ms Script
text/javascript 192.169.151.247
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://0z4.4bd.mytemp.website/wp-includes/js/wp-emoji-release.min.js?ver=6.5.4
Requested by: Host: 0z4.4bd.mytemp.website
URL: https://0z4.4bd.mytemp.website/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.169.151.247 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 247.151.169.192.host.secureserver.net
Software: Apache /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://0z4.4bd.mytemp.website/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:58:26 GMT
content-encoding: br
last-modified: Tue, 13 Feb 2024 14:36:07 GMT
server: Apache
etag: "7842006-4926-61144508b03c0-br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 4667

GET
H2 200 footer-source.html
gwhs.i.gov.ph/gwt-footer/ Frame 70DB 0
0 242ms
216ms Document
text/html 2606:4700:4400::6812:27c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gwhs.i.gov.ph/gwt-footer/footer-source.html

Requested by

Host: gwhs.i.gov.ph
URL: https://gwhs.i.gov.ph/gwt-footer/footer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GOSD

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	worker-src 'self' https://*
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://0z4.4bd.mytemp.website/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: public, max-age=31536000
cf-cache-status: DYNAMIC
cf-ray: 893ad5ca399a3609-FRA
content-encoding: gzip
content-security-policy: worker-src 'self' https://*
content-type: text/html
date: Fri, 14 Jun 2024 13:58:25 GMT
expires: max
last-modified: Sat, 30 Dec 2023 06:31:38 GMT
permissions-policy: geolocation=(), microphone=(), camera=(), fullscreen=(self), usb=(self)
pragma: cache
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: GOSD
x-xss-protection: 1; mode=block

GET
H2 200 jsonp_unix.php Show response
gwhs.i.gov.ph/pst/ 179 B
351 B 215ms
215ms Script
application/javascript 2606:4700:4400::6812:27c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gwhs.i.gov.ph/pst/jsonp_unix.php?1718373506160

Requested by

Host: gwhs.i.gov.ph
URL: https://gwhs.i.gov.ph/pst/gwtpst.js?1718373505338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GOSD

Resource Hash

ea0cd239c7ecb80a4b25cd78447b05b5460cd82ed2aa396ed738d9f7dd7a16fb

Security Headers

Name	Value
Content-Security-Policy	worker-src 'self' https://*
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://0z4.4bd.mytemp.website/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:58:26 GMT
content-security-policy: worker-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
content-encoding: gzip
x-powered-by: GOSD
x-xss-protection: 1; mode=block
pragma: cache
referrer-policy: no-referrer
server: cloudflare
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: public, max-age=31536000
permissions-policy: geolocation=(), microphone=(), camera=(), fullscreen=(self), usb=(self)
cf-ray: 893ad5cd8edd4dc3-FRA
expires: max

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
287 B 159ms
126ms Fetch
image/gif 2a02:26f0:3500:18::1724:a292
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:18::1724:a292 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://0z4.4bd.mytemp.website/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Fri, 14 Jun 2024 13:58:31 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://0z4.4bd.mytemp.website
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
287 B 158ms
127ms Fetch
image/gif 2a02:26f0:3500:18::1724:a292
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?dh=0z4.4bd.mytemp.website&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.4.0&vg=9cdf6220-2390-4022-a886-f123444a5343&vtg=9cdf6220-2390-4022-a886-f123444a5343&dp=%2F&trace_id=246dae6fd6e34163ba70a517cd0a22a5&cts=2024-06-14T13%3A58%3A31.618Z&hit_id=97da0854-1778-4010-adbd-3eedc84f8964&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22p3plzcpnl491767%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%229934870%22%2C%22cp_cl%22%3A%228%22%7D&ap=cpsh-oh&vci=386037933&z=803081197&tce=1718373503257&tcs=1718373502948&tdc=1718373511613&tdclee=1718373505429&tdcles=1718373505428&tdi=1718373505428&tdl=1718373504821&tdle=1718373502948&tdls=1718373502948&tfs=1718373502932&tns=1718373502931&trqs=1718373503257&tre=1718373504818&trps=1718373504817&tles=1718373511613&tlee=0&nt=navigate&LCP=2492&nav_type=hard

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:18::1724:a292 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://0z4.4bd.mytemp.website/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Fri, 14 Jun 2024 13:58:31 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://0z4.4bd.mytemp.website
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 favicon.ico
0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/ 1 KB
902 B 153ms
153ms Other
image/x-icon 192.169.151.247
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://0z4.4bd.mytemp.website/wp-content/themes/gwt-wordpress-26.0.0/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.169.151.247 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: 247.151.169.192.host.secureserver.net
Software: Apache /
Resource Hash: 8ab5084307d73a1332aaef033266c2e499c7584230058ef2971281429dd83efb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://0z4.4bd.mytemp.website/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:58:31 GMT
content-encoding: br
last-modified: Mon, 10 Jun 2024 03:36:54 GMT
server: Apache
etag: "78a203f-47e-61a80dc554528-br"
vary: Accept-Encoding
content-type: image/x-icon
accept-ranges: bytes
content-length: 812

OPTIONS
H/1.1 200
OK eventbus
csp.secureserver.net/ Frame 0
0 154ms
122ms Preflight
application/json 2a02:26f0:3500:2aa::228b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:2aa::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://0z4.4bd.mytemp.website
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,authorization
Access-Control-Allow-Methods: OPTIONS,POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Fri, 14 Jun 2024 13:58:32 GMT
Expires: Fri, 14 Jun 2024 13:58:32 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id: ZXDlSHmuoAMEUDg=
x-amzn-requestid: 26030e8d-4852-4d13-8f22-8ae83ef0ff6d
x-amzn-trace-id: Root=1-666c4c87-636c03f072b911fd2259dba2
x-envoy-upstream-service-time: 7

POST
H/1.1 202
Accepted eventbus
csp.secureserver.net/ 0
0 226ms
226ms Fetch
application/json 2a02:26f0:3500:2aa::228b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:2aa::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: api-key b18ef4f046435b64a469b32c3c1c20a3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://0z4.4bd.mytemp.website/
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Fri, 14 Jun 2024 13:58:32 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amzn-trace-id: Root=1-666c4c88-0924cad53a4c045a7ec8fab6
x-amzn-requestid: c6dd7758-9ad6-4c5d-a881-80d719b2ae83
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 112
Connection: keep-alive
x-amz-apigw-id: ZXDlTGN0oAMEZgA=
Content-Length: 0
Expires: Fri, 14 Jun 2024 13:58:32 GMT

POST
H/1.1 202
Accepted eventbus
csp.secureserver.net/ 0
0 232ms
232ms Fetch
application/json 2a02:26f0:3500:2aa::228b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:2aa::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: api-key 8da2217409854bee82e12dc4ca0b39fb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://0z4.4bd.mytemp.website/
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Fri, 14 Jun 2024 13:58:32 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amzn-trace-id: Root=1-666c4c88-6578434717e457da20169935
x-amzn-requestid: 2a56fc6e-2d97-4fa2-a280-0104dbc92d2c
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 114
Connection: keep-alive
x-amz-apigw-id: ZXDlTGIIIAMEcJQ=
Content-Length: 0
Expires: Fri, 14 Jun 2024 13:58:32 GMT

OPTIONS
H/1.1 200
OK eventbus
csp.secureserver.net/ Frame 0
0 144ms
112ms Preflight
application/json 2a02:26f0:3500:2aa::228b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:2aa::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://0z4.4bd.mytemp.website
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,authorization
Access-Control-Allow-Methods: OPTIONS,POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Fri, 14 Jun 2024 13:58:32 GMT
Expires: Fri, 14 Jun 2024 13:58:32 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id: ZXDlSGRSIAMEc3g=
x-amzn-requestid: 66504dc0-84d3-458e-8b8d-1795b9bdc34b
x-amzn-trace-id: Root=1-666c4c87-68ed065c4f7a02d81a479a80
x-envoy-upstream-service-time: 6

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mytemp.website/	1970-01-21 06:05:09	Name: _tccl_visitor Value: 9cdf6220-2390-4022-a886-f123444a5343
.mytemp.website/	1970-01-20 21:19:35	Name: _tccl_visit Value: 9cdf6220-2390-4022-a886-f123444a5343
.mytemp.website/	1970-01-20 21:19:34	Name: _scc_session Value: pc=1&C_TOUCH=2024-06-14T13:58:25.426Z
gwhs.i.gov.ph/	1969-12-31 23:59:59	Name: Value: HttpOnly
.gwhs.i.gov.ph/	1970-01-20 21:19:35	Name: __cf_bm Value: kCqXBMfHzQ8xO32Ei9KRJxdimX59simKF3QqEPY.LXA-1718373506-1.0.1.1-3.0A4HaiIMNkCXsJN.wQMPiGm5w3Xx38P_S9LqweWlp5gTMF21876Ja9IEKgkEdMu7zShM5BydSPf.jd_TCVJQ
.gwhs.i.gov.ph/	1970-01-21 06:05:09	Name: cf_clearance Value: VXgafMlerAc6SuW3J1BhHV7hc5MJpjL.m3l11F5CaRg-1718373506-1.0.1.1-IhtyTLSp0qLChKBK_in9mjI_UwQkBOvynacYtv7SIqhOdij0gegHyJdDHXSkbzP0YymY6uxguOzNWzCLcVGFRA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://0z4.4bd.mytemp.website/ Message: Mixed Content: The page at 'https://0z4.4bd.mytemp.website/' was loaded over HTTPS, but requested an insecure element 'http://0z4.4bd.mytemp.website/wp-content/uploads/2024/06/NEW-CORON-LOGO.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://0z4.4bd.mytemp.website/(Line 615) Message: Mixed Content: The page at 'https://0z4.4bd.mytemp.website/' was loaded over HTTPS, but requested an insecure element 'http://0z4.4bd.mytemp.website/wp-content/uploads/2024/06/NEW-CORON-LOGO.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0z4.4bd.mytemp.website
csp.secureserver.net
events.api.secureserver.net
gwhs.i.gov.ph
img1.wsimg.com
192.169.151.247
23.38.98.114
2606:4700:4400::6812:27c3
2a02:26f0:3500:18::1724:a292
2a02:26f0:3500:2aa::228b
2a93ced2397b3b021f94aa9b23976a873e2c453eea6a186b80c5eb1d8e78c202
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
61a8bddafb73769efd3380c5db4a191530a8a174728e17631f2aea8ef44279af
6409c68f26b73ad5f22cf7ee1a294b5398deb4a63b134e11f2ee6f939fc5d81e
6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a
7026e09a5c9484f01e810424a3e51a434b467e08f8a4f29c66aeb4fa5adcd69b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8172a22371b7646efa8924779c9cf5dbbfb9173270984f105f90be5b11646689
8ab5084307d73a1332aaef033266c2e499c7584230058ef2971281429dd83efb
8f7092c94ef904c57584706cdb5f1fd9fe1efce52ce3105e99b9a7def487f09f
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9f6e104c2353bcb2b2da6e9cde14dac085bdd26391a86da639541ccb51646507
b12ea76b72228b9369cf697f594192153c132db30aff0e6a3b2695d9e7009077
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
cb6443b36f4f109dae33e27ed59217330a80882b5bac184fbecd8a74ea502855
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ea0cd239c7ecb80a4b25cd78447b05b5460cd82ed2aa396ed738d9f7dd7a16fb
f693b667acebfeadb6e4acf408e4e4c75197cfd96d6542118fb548130b297351
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

0z4.4bd.mytemp.website Open in urlscan Pro 192.169.151.247 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

29 Requests

93 %HTTPS

60 %IPv6

4 Domains

5 Subdomains

6 IPs

2 Countries

8427 kBTransfer

9369 kBSize

6 Cookies

13 Outgoing links

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

0z4.4bd.mytemp.website Open in urlscan Pro
192.169.151.247 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

93 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

8427 kB
Transfer

9369 kB
Size

6
Cookies

29 HTTP transactions
1 data transactions