center.945.report Open in urlscan Pro
2606:4700:20::681a:eed Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/
Effective URL:
https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=
Submission: On March 25 via automatic, source openphish (March 25th 2024, 1:00:56 pm UTC) — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 2606:4700:20::681a:eed, located in United States and belongs to CLOUDFLARENET, US. The main domain is center.945.report.
TLS certificate: Issued by GTS CA 1P5 on March 23rd 2024. Valid for: 3 months.

This is the only time center.945.report was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 16	2606:4700:20:... 2606:4700:20::681a:eed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3038::6815:ea91	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	135.181.58.223 135.181.58.223	24940 (HETZNER-AS) (HETZNER-AS)
19	3

16 2606:4700:20::681a:eed (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

center.945.report	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea91 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-in.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 135.181.58.223 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: white.hostingcolor.com

dispatching-centre.lasamericascargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	945.report 1 redirects center.945.report	87 KB
3	lasamericascargo.com dispatching-centre.lasamericascargo.com	37 KB
1	lr-in.com cdn.lr-in.com — Cisco Umbrella Rank: 43109	165 KB
19	3

	Domain	Requested by
16	center.945.report	1 redirects center.945.report
3	dispatching-centre.lasamericascargo.com	center.945.report
1	cdn.lr-in.com	center.945.report
19	3

This site contains no links.

Subject Issuer	Validity	Valid
945.report GTS CA 1P5	`2024-03-23` - `2024-06-21`	3 months	crt.sh
lr-in.com E1	`2024-03-09` - `2024-06-07`	3 months	crt.sh
dispatching-centre.lasamericascargo.com cPanel, Inc. Certification Authority	`2024-02-22` - `2024-05-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=
Frame ID: 1D4DA909F6B42B33321705EEA25FE383
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Verification | DHL

Page URL History Show full URLs

https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/ HTTP 302
https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newt... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

19
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

289 kB
Transfer

1360 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/ HTTP 302
https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request home.php Show response
center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/
Redirect Chain

https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/
https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=

50 KB
9 KB

1189ms
1189ms

Document
text/html

2606:4700:20::681a:eed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45f81d986c733aae1e2b5058a1d732a8520097e9c7221b8b6fd941e0f366a9c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 869f16105f4d39c4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 25 Mar 2024 13:00:51 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jROO1iCZXdAUniGuQYWFo7%2BNr8d8xh7PXv0LRdaY9n%2FDNucq5vbkW7Cn3MfsOoTMVi5bnKWgI%2F9twDkn9gFGBA4C5IcNgT10ymSZrRLiweHCzWstPVeR%2BS%2BE3DTfg1izNDyhPZxA7iCW0njWLr%2BQ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 869f1602fa1939c4-FRA
content-type: text/html; charset=UTF-8
date: Mon, 25 Mar 2024 13:00:50 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: home.php?newtoken=
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vuo63KA9hVmmGdoNgFzOQA%2FGsHEM4NlHrwgB%2BoOUtVfyLTXRzanTmDNKLH5JCdd9ABaiVKT2J9My3Q%2BVLfwAJXkMFGrG%2Bu6zWum1Iv7SnQ%2BhNw0a81H7ogt6bPdtGjXi8a8kSv3H0zOM2K0D%2BhPI"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 app.css
center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/ 310 KB
52 KB 28ms
26ms Stylesheet
text/css 2606:4700:20::681a:eed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/app.css

Requested by

Host: center.945.report
URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d2e4fa7ad28a9dcd53cdd1d5633c15c3f2c10f2bdb24f6ad6f6667f412e5805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 13:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32277
cf-polished: origSize=415045
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 22 Mar 2024 23:15:23 GMT
server: cloudflare
etag: W/"65fe110b-65545"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RqQsPMrxBfq1CtR00dfF4OSPfmwMFWag6ezSghE0rTaTllH6HDcO%2FdbniSx9wx2hytfmJIpMXrw42KB5wU7FNquS4Iv%2Fj0iJaU7nX4zjMWFNNDtKoV7MVj3%2B5daNR992yw3yYJcfRLor6eAQRDxs"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 869f1617df5e39c4-FRA
expires: Wed, 24 Apr 2024 04:02:54 GMT

GET
H3 200 logger-1.min.js Show response
cdn.lr-in.com/ 832 KB
165 KB 77ms
41ms Script
text/javascript 2606:4700:3038::6815:ea91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-in.com/logger-1.min.js

Requested by

Host: center.945.report
URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:ea91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd75f442a8f366907554470ef31847372f02aaea069320d0ccca35dd35b9737a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://center.945.report/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 13:00:51 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 229
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-ams21060-AMS
last-modified: Fri, 22 Mar 2024 19:47:26 GMT
server: cloudflare
x-timer: S1711136920.291414,VS0,VE1
etag: W/"d4ebc70ae2baf006f443a8f107e42987b160c38db8a0f2caf01c84905a462be4-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=skRayAOGX%2B%2BNbnm7FBctEMme3WP9zTaPmUiBXx3Wa%2BOP5HiHamjw42spXRMEP8XUfFjQepBKch0idFoWFyepZJX3Ytg8RmbPhXB1oQz8eD%2BH6MGwnOp5qhaTPcPKoauKabm%2B%2FgveKsMCCEML"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 869f16180e9bb936-AMS
x-cache-hits: 1

GET
H2 200 logo.png
center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/ 2 KB
2 KB 22ms
22ms Image
image/png 2606:4700:20::681a:eed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/logo.png

Requested by

Host: center.945.report
URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 13:00:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32277
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2024 23:15:23 GMT
server: cloudflare
etag: W/"65fe110b-7ce"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RJCTxT7WULzoALVMQiMQ60gqEzjXy7z4WiApAFVJq8EsMpcrZUFMj4ywbb1rssT8uh2YnfdQgMwlffDgpH%2F8ZhttGY1NhAljXOdlUojiJaUHWI5tM4Pdwjj7ZaP8kjYZ5sths0tZ8cQgIP7zZ1%2FB"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 869f1617df6039c4-FRA
expires: Wed, 24 Apr 2024 04:02:54 GMT

GET
H2 200 col.png
center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/ 682 B
1 KB 21ms
21ms Image
image/png 2606:4700:20::681a:eed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/col.png

Requested by

Host: center.945.report
URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

381941fc8b5df86879d6e2fcf3392d281b796c33f430f045405a0e6af0e474b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 13:00:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32277
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2024 23:15:23 GMT
server: cloudflare
etag: W/"65fe110b-2aa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RZXv5CoM%2Fqkz%2BnELzll4FUmvugkgozTxfsp%2Ft9ydnfQE7pY5TrvbU0Gw5j6MZOu8bBWuJfk6OP%2F951LqH%2BPQAUvQ%2Fj2%2B6jA0WNeP6yu8ER7E2XDikfl5mZ5ya7nz5VNASgWrrwi%2F9yBh3zaeBzrH"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 869f1617df6139c4-FRA
expires: Wed, 24 Apr 2024 04:02:54 GMT

GET
H2 200 pak.png
center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/ 380 B
763 B 27ms
26ms Image
image/png 2606:4700:20::681a:eed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/pak.png

Requested by

Host: center.945.report
URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb6ca62c1e5d64c52be3ffa63c298dcda2483c04c4b17d1bfe605d134e52f91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 13:00:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32277
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2024 23:15:23 GMT
server: cloudflare
etag: W/"65fe110b-17c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=doPYCoDypYKyeCFpqpz7z7CySXNrfkuDn4aRzl61KP39wXRilIfMZ6cGkdz5lfRtWzAMNH8UiNamoJW23uP38oj%2FcP1TauylcREEFg2Oh%2FFqUDCANYj%2FjJ2A3K0%2FbyCJuiSk0sW37gmtYlvledC8"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 869f1617ef7239c4-FRA
expires: Wed, 24 Apr 2024 04:02:54 GMT

GET
H2 200 clan.png
center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/ 475 B
807 B 26ms
24ms Image
image/png 2606:4700:20::681a:eed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/clan.png

Requested by

Host: center.945.report
URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8b7e6c193f0b11bece8c12b305cbf15130bc99b32ae92426eb747a3da3264d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 13:00:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32277
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2024 23:15:23 GMT
server: cloudflare
etag: W/"65fe110b-1db"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6jkstXu65H3V3F9KtGLiNWeQmiG8qVP66%2BRUPNwfCwC9GRgrqTm5l5BE9R8lyt9PDn7ZTuKbtcvWXJIAl33fQcwXhsJAhThucjH19R912Rhw%2BkZAV7%2FQ65ssAufe%2BxBm9w440niZeJSWznMteID6"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 869f1617ef7339c4-FRA
expires: Wed, 24 Apr 2024 04:02:54 GMT

GET
H2 200 alert.png
center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/ 469 B
770 B 24ms
23ms Image
image/png 2606:4700:20::681a:eed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/alert.png

Requested by

Host: center.945.report
URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b36e63b78f7ab077c9f74269deec4010ae803b687b27ca13e6aa58712520bb84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 13:00:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32277
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2024 23:15:23 GMT
server: cloudflare
etag: W/"65fe110b-1d5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0PR14%2BVAhcKCCvSpy2cEP2XNuYoMPRwqASWZP4SP4aEkD3DpNHVJtk2OmiDKCOBAMYZZeaiTjCT%2BfXGYHc%2FqMPcGvf1%2FS1glGNE8T4orgV%2BbetZpxZzAtDJM3QBP0eR6FWkVNAXlsAPiquxdekC7"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 869f1617ef7639c4-FRA
expires: Wed, 24 Apr 2024 04:02:54 GMT

GET
H2 200 foo.png
center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/ 17 KB
18 KB 24ms
23ms Image
image/png 2606:4700:20::681a:eed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/foo.png

Requested by

Host: center.945.report
URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae9d5adf2b0220c74a93b644c26d53e27c3a87f9b5d3fe57d06442e808074a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 13:00:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32277
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2024 23:15:23 GMT
server: cloudflare
etag: W/"65fe110b-44f0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UUO%2BE8IiVJ498AeAmG75RU4lvWay10KLMh%2FH78Jz2mkVbWdzPllQbflP%2Fm%2BI7YzNacAps9zt0YADexyMpwqPaUtroxEXryuutR9E0mWjTHir2N7bfKe2YApea80gWocP%2Buowj4n2BZHkxqXcsVqr"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 869f1617ef7939c4-FRA
expires: Wed, 24 Apr 2024 04:02:54 GMT

GET
H2 200 app.js Show response
center.945.report/js/ 0
290 B 23ms
22ms Script
text/html 2606:4700:20::681a:eed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://center.945.report/js/app.js

Requested by

Host: center.945.report
URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 13:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2024 12:29:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1887
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yrq0R46hsxNLb4Lq57pdaERfRvnXGhSIA8sRkpco1PE%2Bhe04it6JE5QJPrDFahzTmcCdF9yj%2B34xMHpPtdC2Bww6bZL%2BphllbHy64%2BT%2BLU7mqujnmWXznk5WgUwVQQnCCLmvs%2B86N2THTivC%2FRYi"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300
cf-ray: 869f1617ef7739c4-FRA
x-xss-protection: 1; mode=block

GET
H2 200 session-recorder.js Show response
center.945.report/js/ 0
346 B 22ms
21ms Script
text/html 2606:4700:20::681a:eed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://center.945.report/js/session-recorder.js

Requested by

Host: center.945.report
URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 13:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2024 12:29:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1887
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yzfohf6btDgIi3cT8WuUfhqNReq%2FepiuyMUyPXwEBj%2BWxE7SmDY0K7I1aqFkE6WYGIRHzpCqeHryUWY0sl4Fxx%2BgfWxWzCnEJq%2BDG3IQ5NLG1aS%2FXIIScPXSrypmCw6%2F7z3ZY8jwKJlzCoWYecGD"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300
cf-ray: 869f1617ef7839c4-FRA
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK card.js Show response
dispatching-centre.lasamericascargo.com/js/ 57 KB
14 KB 115ms
34ms Script
application/javascript 135.181.58.223
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dispatching-centre.lasamericascargo.com/js/card.js
Requested by: Host: center.945.report
URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.181.58.223 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: white.hostingcolor.com
Software: Apache /
Resource Hash: 18c4b9b4c27233b541a47300a4ee98239e1f8dec4bbcd9fabb6bdad12ca82025

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://center.945.report/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 25 Mar 2024 13:00:47 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Mar 2022 04:36:34 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=100
Content-Length: 14123

GET
H/1.1 200
OK intlTelInput.js Show response
dispatching-centre.lasamericascargo.com/js/ 87 KB
21 KB 118ms
37ms Script
application/javascript 135.181.58.223
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dispatching-centre.lasamericascargo.com/js/intlTelInput.js
Requested by: Host: center.945.report
URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.181.58.223 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: white.hostingcolor.com
Software: Apache /
Resource Hash: 691ff3918fb72cddc3abf2b84af0d66e0d2875b18b032ef6864923789c7e4077

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://center.945.report/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 25 Mar 2024 13:00:47 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Mar 2022 04:36:34 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=100
Content-Length: 20974

GET
H2 200 roboto-latin-400-normal.woff2
center.945.report/fonts/vendor/@fontsource/roboto/files/ 0
317 B 23ms
22ms Font
text/html 2606:4700:20::681a:eed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://center.945.report/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b

Requested by

Host: center.945.report
URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/app.css
Origin: https://center.945.report
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 13:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2024 12:29:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1857
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wE2AWv4C8i8lhaucC3gJ9WuuhdoRvNQVNHBgpnYJRpfzd%2F5q4InrE5EihV1xy4ARwNOzkuBwmBpPPbodmac7lR%2FVs4OLdyz%2Bdr3E4uuXeKbeC6%2BoQJBV%2B3L7V6KflqJOUsCr2LPvLNiYhDvL2CPJ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300
cf-ray: 869f16181f9e39c4-FRA
x-xss-protection: 1; mode=block

GET
H2 200 webfa-solid-900.woff2
center.945.report/fonts/vendor/@fortawesome/fontawesome-free/ 0
319 B 27ms
26ms Font
text/html 2606:4700:20::681a:eed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://center.945.report/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80

Requested by

Host: center.945.report
URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/app.css
Origin: https://center.945.report
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 13:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2024 12:29:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1858
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aDt1QSTDLtW4%2FmXF7cP3161xGVBN5Sh0g4Vw9%2FHumjMtH%2BlqFV3Pz%2FY8GACSaLnbG7G6XcswoAyaDVd%2FZ572YXWa9bm1lcr9%2Fr%2Ba6TLhM1K6AoPOxu%2FO7xqOawIF7HwfIPspNXXwORZbIBaKIAVL"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300
cf-ray: 869f16181f9f39c4-FRA
x-xss-protection: 1; mode=block

GET
H2 200 roboto-all-400-normal.woff
center.945.report/fonts/vendor/@fontsource/roboto/files/ 0
478 B 1665ms
1664ms Font
text/html 2606:4700:20::681a:eed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://center.945.report/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c

Requested by

Host: center.945.report
URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/app.css
Origin: https://center.945.report
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 13:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Mon, 25 Mar 2024 09:20:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w0K5UHI4C0S2zYuSuiTDKaND92XaC%2FrtN4NcpoD%2BvlflfoYn4Ryb6CyYeQvEsGP67Vd3jwEEwrU4HsWwpNyA9z4ttaqGNso7FM%2BWYrGRlacXQ1pIFiBoEPDgN4ri5mRftbb5uva%2BcfDeZavAIxsj"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300
cf-ray: 869f16184fc339c4-FRA
x-xss-protection: 1; mode=block

GET
H2 200 webfa-solid-900.woff
center.945.report/fonts/vendor/@fortawesome/fontawesome-free/ 0
343 B 23ms
22ms Font
text/html 2606:4700:20::681a:eed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://center.945.report/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2

Requested by

Host: center.945.report
URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/app.css
Origin: https://center.945.report
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 13:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2024 12:29:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1856
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y5%2BBE%2F9ic9qdeRyFs9f59UOPQ5QhtPwEfg2EWUg%2BXIy29DbOmqRcnhvJPSpGSuaHFfDThxBEeWBoBBxy6QPmLck%2Fs4SaOcVxpLsdZQaUxE95qplptQN05COWVQw6veQO%2BHW4pnECPrgWiDg3qsaj"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300
cf-ray: 869f16184fc539c4-FRA
x-xss-protection: 1; mode=block

GET
H2 200 webfa-solid-900.ttf
center.945.report/fonts/vendor/@fortawesome/fontawesome-free/ 0
313 B 25ms
25ms Font
text/html 2606:4700:20::681a:eed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://center.945.report/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f

Requested by

Host: center.945.report
URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/assets/app.css
Origin: https://center.945.report
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 13:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2024 12:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1854
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ke6Ww52OrNn4CfHTWxbZupUXgB96K1Vn4E98lTrJZYZnLD8%2Bhc1JdWvFzEEZOVCiA43x5zLiHywGTnJLrHCgaSBTxjqzwqGg0bkBjMhKrcJugEFsCL46yxh%2Fm5le9LBxfofmET2u%2Fz2Aek6Uggtr"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300
cf-ray: 869f16187fe839c4-FRA
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK favicon.gif
dispatching-centre.lasamericascargo.com/images/ 2 KB
2 KB 81ms
27ms Other
image/gif 135.181.58.223
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dispatching-centre.lasamericascargo.com/images/favicon.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.181.58.223 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: white.hostingcolor.com
Software: Apache /
Resource Hash: b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://center.945.report/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 25 Mar 2024 13:00:48 GMT
Last-Modified: Sun, 13 Mar 2022 04:36:32 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=100
Content-Length: 2238

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			center.945.report/	1969-12-31 23:59:59	Name: PHPSESSID Value: l4gb6f9ko9pcman90mla8eboi9

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken= Message: Refused to execute script from 'https://center.945.report/js/app.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken= Message: Refused to execute script from 'https://center.945.report/js/session-recorder.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
other	warning	URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken= Message: Failed to decode downloaded font: https://center.945.report/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b
other	warning	URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken= Message: Failed to decode downloaded font: https://center.945.report/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80
other	warning	URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken= Message: Failed to decode downloaded font: https://center.945.report/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2
other	warning	URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken= Message: Failed to decode downloaded font: https://center.945.report/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f
other	warning	URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken= Message: Failed to decode downloaded font: https://center.945.report/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c
other	warning	URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken= Message: Failed to decode downloaded font: https://center.945.report/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c
other	warning	URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken= Message: Failed to decode downloaded font: https://center.945.report/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c
other	warning	URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken= Message: Failed to decode downloaded font: https://center.945.report/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c
other	warning	URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken= Message: Failed to decode downloaded font: https://center.945.report/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c
other	warning	URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken= Message: Failed to decode downloaded font: https://center.945.report/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c
other	warning	URL: https://center.945.report/wp-content/themes/cosmobit/inc/customizer/controls/new/locatar/home.php?newtoken= Message: Failed to decode downloaded font: https://center.945.report/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.lr-in.com
center.945.report
dispatching-centre.lasamericascargo.com
135.181.58.223
2606:4700:20::681a:eed
2606:4700:3038::6815:ea91
18c4b9b4c27233b541a47300a4ee98239e1f8dec4bbcd9fabb6bdad12ca82025
1d2e4fa7ad28a9dcd53cdd1d5633c15c3f2c10f2bdb24f6ad6f6667f412e5805
381941fc8b5df86879d6e2fcf3392d281b796c33f430f045405a0e6af0e474b9
3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756
45f81d986c733aae1e2b5058a1d732a8520097e9c7221b8b6fd941e0f366a9c0
691ff3918fb72cddc3abf2b84af0d66e0d2875b18b032ef6864923789c7e4077
b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807
b36e63b78f7ab077c9f74269deec4010ae803b687b27ca13e6aa58712520bb84
b8b7e6c193f0b11bece8c12b305cbf15130bc99b32ae92426eb747a3da3264d6
cae9d5adf2b0220c74a93b644c26d53e27c3a87f9b5d3fe57d06442e808074a2
dd75f442a8f366907554470ef31847372f02aaea069320d0ccca35dd35b9737a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb6ca62c1e5d64c52be3ffa63c298dcda2483c04c4b17d1bfe605d134e52f91b

center.945.report Open in urlscan Pro 2606:4700:20::681a:eed Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

289 kBTransfer

1360 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

15 JavaScript Global Variables

1 Cookies

13 Console Messages

Security Headers

Indicators

center.945.report Open in urlscan Pro
2606:4700:20::681a:eed Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

289 kB
Transfer

1360 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!