urlscan.io logo urlscan.io
SecurityTrails logo

queenmobile.work Open in urlscan Pro
172.67.176.183  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://snip.ly/Dhool
Effective URL: https://queenmobile.work/css/login/
Submission: On February 21 via manual from IL — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 172.67.176.183, located in United States and belongs to CLOUDFLARENET, US. The main domain is queenmobile.work.
TLS certificate: Issued by GTS CA 1P5 on January 5th 2024. Valid for: 3 months.
This is the only time queenmobile.work was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

IP Address AS Autonomous System
1 1 104.22.7.164 13335 (CLOUDFLAR...)
1 18 172.67.176.183 13335 (CLOUDFLAR...)
1 104.17.24.14 13335 (CLOUDFLAR...)
18 2
Apex Domain
Subdomains		 Transfer
18 queenmobile.work
queenmobile.work
590 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 257
5 KB
1 snip.ly
snip.ly — Cisco Umbrella Rank: 452599
256 B
18 3
Domain Requested by
18 queenmobile.work 1 redirects queenmobile.work
1 cdnjs.cloudflare.com queenmobile.work
1 snip.ly 1 redirects
18 3

This site contains no links.

Subject Issuer Validity Valid
queenmobile.work
GTS CA 1P5		 2024-01-05 -
2024-04-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://queenmobile.work/css/login/
Frame ID: 26790AAD9F5F196D8E3CBE3E91125DAE
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Global Logistics - International Shipping | DHL Home | Israel

Page URL History Show full URLs

  1. https://snip.ly/Dhool HTTP 302
    https://queenmobile.work/css/login HTTP 301
    https://queenmobile.work/css/login/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

594 kB
Transfer

1686 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://snip.ly/Dhool HTTP 302
    https://queenmobile.work/css/login HTTP 301
    https://queenmobile.work/css/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
queenmobile.work/css/login/
Redirect Chain
  • https://snip.ly/Dhool
  • https://queenmobile.work/css/login
  • https://queenmobile.work/css/login/
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.176.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a7f159c75b5104921e2feebad2102a7c834f3eb065d1d2f3805c75093d24426

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
BYPASS
cf-ray
858cf5eb8fb90e97-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 21 Feb 2024 06:33:55 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B667lPIKdR%2FPjbUj%2BerkbprCCr9Ki%2F%2FgwXpjrpG77l98JqgOLogfNk58e%2FkKGgcJo597vDN%2BR2%2F6c3vllUecsHQHEKbfa2fy%2FKJn%2B%2BeL3KbsopHBnUcjpCESFP0ejGwBNmmc"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

age
260
alt-svc
h3=":443"; ma=86400
cache-control
max-age=43200
cf-cache-status
HIT
cf-ray
858cf5eaaea60e97-MXP
content-type
text/html
date
Wed, 21 Feb 2024 06:33:55 GMT
location
https://queenmobile.work/css/login/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtDbg7HIyvX3zQg6gORqNuZfK0Lo355WtcAFLghWqxozY1a0YJCnLBUhVZb67fMm1o5WmZh53PYnV5Q4HRCr9%2FhIzg3L3AoXBojCQP0vaDw29nwXBS0a7LMhBacL0lZI6jIT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
gGnhaFgUmAF6JgrLhG4_QBFxwNY.js
queenmobile.work/cdn-cgi/apps/head/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/cdn-cgi/apps/head/gGnhaFgUmAF6JgrLhG4_QBFxwNY.js
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f1c73f2a9aaa7cc6ad6c7fab243b6218d031eee86b97d6d716f31815e6f71d0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 06:33:56 GMT
x-amz-version-id
5Wp68z1GxEhXSpJxm3ma7n1Ar3e6Fsps
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
GWFNCQE29X2501E2
age
87909
alt-svc
h3=":443"; ma=86400
x-amz-id-2
qxbADytdtekf9k/WHyJj7y9NI/lrcnMn2stM/rdOp2ItkumGPRedaD4R2m6xlvnGDYsGDXc2lNs=
last-modified
Wed, 29 Nov 2023 06:09:56 GMT
server
cloudflare
etag
W/"9d8f86aa6140cdd456d44673eeef0f5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRyNol5hPtALFkpxIQ8x8ekmRhIlR28MtovB1omMhBmzMlv7psQQIs1VmZtqqnxjBIThHKBLbRLkD3%2Bhfria6Mw6DrrqbxXIGoRduZU%2Bk%2FG8WqYX7vsYgVzsusLtQ4iDNGvO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
858cf5edbdbbbab1-MXP
bootstrap.min.css
queenmobile.work/css/assets/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/css/bootstrap.min.css
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 06:33:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
87909
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AE%2BOvnjhJTwiEGnHxgHIGth6ufbgY9Nob%2FCmeng4buCX9SpOOKWKBx%2FG7GlPrnofLerCXG64p3t0hwmPj2X%2FUsDo%2B7vzq4%2FQm4GkFwLk9m5fnnegVubs1lj%2BMBTZ4Ks6kahp"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
858cf5edbdbcbab1-MXP
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 May 2024 09:48:02 GMT
helpers.css
queenmobile.work/css/assets/css/ 		40 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/css/helpers.css
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62fae6162fdef36b6f29192c48a261de4c76b8fe868566b99ed690af652f0fb0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 06:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
87909
cf-polished
origSize=41752
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ro4uEtnUlgmk5SZxDsANzx4UQ44qm98FLrdi6edyR1oQ%2Flw2CRKTGhtqLmSzxmvVR6x6aqHl8npNV%2By0z5wB385YaLktH3qjk8BHcztK5VkLgbf%2FLbc6A6St%2FN20gWkobu6P"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
858cf5edbdbebab1-MXP
expires
Sat, 18 May 2024 09:48:02 GMT
fonts.css
queenmobile.work/css/assets/css/ 		3 KB
960 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/css/fonts.css
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6580d577168ce72c4d24561247070dfe13ca7b3242643ec4acf3f86dc66ffb60

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 06:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
87909
cf-polished
origSize=3315
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcINp7n2QfXpz2mzr6drxyznafIm%2FgO5OUAIeVNsTvb3vfrnprzutzNneqSlS%2Bd%2BREwRiqc3DjPxs9s9K3JxXeAVTfTgFsNmr5VdE2grSSjBTMAJAHOoHuMTa0IA6kFLTylW"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
858cf5edbdbfbab1-MXP
expires
Sat, 18 May 2024 09:48:02 GMT
main.css
queenmobile.work/css/assets/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/css/main.css
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8869cd90c82d8ed1c71c22f067973a04d424c883bc79db8e522504fc9507958f

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 06:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
87909
cf-polished
origSize=6341
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzO7yIe5rs8t7HzQw9ZeS7Inmo7FmyRZuLpyqxyoWz61g%2BXLroFOawLDo2vNLVKvRDeO9g6ozvRGaKGVV2w6eNJ6u4hL%2F%2BrkiSnAAUdJPgsHPK9sutGIaYjMA4kicGUmkIAe"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
858cf5edbdc0bab1-MXP
expires
Sat, 18 May 2024 09:48:02 GMT
logo.svg
queenmobile.work/css/assets/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://queenmobile.work/css/assets/images/logo.svg
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 06:33:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
87909
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zG%2FqJKldhduYIJjVG1MjxdNbcqAUitXUZQNuhBOun9nzfqfqab%2FyirrPDknz5ZzAFxrOV2viV8a8KcsjGWNIm5JGOsetQDVIOITr03l9FTomP4G1BPUyU3xzIkfxD%2FshEb1v"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
858cf5edbdc1bab1-MXP
alt-svc
h3=":443"; ma=86400
expires
Mon, 17 Feb 2025 09:48:02 GMT
glo-footer-logo.svg
queenmobile.work/css/assets/images/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://queenmobile.work/css/assets/images/glo-footer-logo.svg
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5162de2ee844a80d76b7d7514c02ab7d5de72a5966113323d80eb56bf6ded038

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 06:33:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
87909
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BhLh%2FGwA09TedVO65i%2BobGfuR18GfscGnK7L4TZSwi3KqAvbzy2B2YI26maxSXUwpUNP0SFLwjhJJtClpz3YCex16w0bvwNxIHQdpx0lIB79Ag7stWkZOQU%2Bb%2FDOrrNDIPUP"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
858cf5edbdc2bab1-MXP
alt-svc
h3=":443"; ma=86400
expires
Mon, 17 Feb 2025 09:48:02 GMT
jquery.min.js
queenmobile.work/css/assets/js/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/js/jquery.min.js
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 06:33:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
87909
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5DeCtyMlepWOqx5ip5aLPRrlrfEuU93FL9RJ%2F2Z7Iv9I7Ggyl9aAl4oA1zI%2BEmLfgA2%2FvGA%2ByaV1Xkk%2FOePdv2aUYw72sBBZDsW3HxeZrTl%2B%2FO2Xf%2FdpL7wiWbKVDE%2BYP1X"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
858cf5ee8e66bab1-MXP
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 May 2024 09:48:02 GMT
popper.min.js
queenmobile.work/css/assets/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/js/popper.min.js
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 06:33:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
87909
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kcbr9ZoGNbBZDD1SP7pMNikCbp0oEG7cV7DHrzeP%2BM7Hp6Hs%2FVyGe0OFi6Ww5Gx04tnkxh08hOQRDjuHE8qNDqA%2Fy5upp9ipEPZPUrX62KzzD%2BKNaZhcZlunTYt7eWhtr7OK"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
858cf5ee8e68bab1-MXP
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 May 2024 09:48:02 GMT
bootstrap.min.js
queenmobile.work/css/assets/js/ 		133 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/js/bootstrap.min.js
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2caa6404ddb0de2b9d191b1e2c8b5c35c68ca48f2a9521140bbf83b27c063700

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 06:33:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
87909
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOJIJrPyIMowfYkXt%2BpcRkJXaZsPMoW6ouM6Wh1zRdQUYqinTNEMWX3c3NqaCVnhHh2Q%2BZEwjhHXXW2%2FDcpFPCOXX22DK3ixpqyufNov02lYN7fW3nrgc0icHW4eZFfvCOgB"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
858cf5ee8e69bab1-MXP
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 May 2024 09:48:02 GMT
fontawesome.min.js
queenmobile.work/css/assets/js/ 		1 MB
371 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/js/fontawesome.min.js
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 06:33:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
87909
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwTLBBmawGLN7xdMLY4%2Bx8CRB3RMhfdzk5pl4SIpI4NNld%2BOztW0W2iD2IsA4UZnI7ZS6B8605P9rvG683aIJOz0oq%2F4xuiR20gpoUoqqRHTH3YMsfn8yhAZteJT1YQnEe2a"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
858cf5ee8e6abab1-MXP
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 May 2024 09:48:02 GMT
main.js
queenmobile.work/css/assets/js/ 		797 B
843 B 		Script
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/js/main.js
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
198531279d3336f75ca9f47b6095a4d2e3ae2447d7c07b6262cd35ba166e73db

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 06:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
87909
cf-polished
origSize=1956
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIiXRt4uE%2BqUKfqYAwktUSPhemDKGqIzRiiJYGK0e2YUtdcwtahysXm24W6nJpaagwNe5%2FdswOwXmAXsT1DdYGKHeQNu3g1quwEJouYQF7OyTWSL7aHMMQGcf2ZEPPaQkkto"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
858cf5ee8e6cbab1-MXP
expires
Sat, 18 May 2024 09:48:02 GMT
Lato-Regular.woff2
queenmobile.work/css/assets/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/fonts/Lato-Regular.woff2
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/assets/css/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76df5b67646f4f0f999d4e1c482ab2007b948f3b9acc2c8a207bfdb214103855

Request headers

Referer
https://queenmobile.work/css/assets/css/fonts.css
Origin
https://queenmobile.work
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 06:33:56 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfM79lMn%2FDKefTAc95nmTYk%2Bw9QwkR93VRw%2FlwHfBEcMF75PGXok7ryrLWVmKawsG5sTQjBEJUrAprjZtaTUZGTyyCISDNr6%2BkGcNP0Kz%2BhS5DzoXvl0wWlsfQwREWAuwAfE"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
858cf5f00882bab1-MXP
alt-svc
h3=":443"; ma=86400
content-length
29188
expires
Sun, 25 Feb 2024 09:48:02 GMT
Lato-Black.woff2
queenmobile.work/css/assets/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/fonts/Lato-Black.woff2
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/assets/css/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c16911984dce7909e91263930a1f34352a03476a6c58894a482f33aad91cd379

Request headers

Referer
https://queenmobile.work/css/assets/css/fonts.css
Origin
https://queenmobile.work
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 06:33:56 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vFEDWuxvz1Gwl8JQeEdfL6yngbwY66GaD363R6GNs%2Bv3rLgg4Cxxx9aflU%2Bk%2FUE3ZTxAXv2dTMhCPKVloabkXiEtUSnWf2n2Z5DKjnGefX8P8OEJ1B084hn6QZEfvtLP1nr"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
858cf5f00886bab1-MXP
alt-svc
h3=":443"; ma=86400
content-length
28284
expires
Sun, 25 Feb 2024 09:48:02 GMT
Lato-Light.woff2
queenmobile.work/css/assets/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/fonts/Lato-Light.woff2
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/assets/css/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4c2248c2087eb5f44a46a67b8b4ce961d0fde9053dbfda30cf6af08a6c70e6

Request headers

Referer
https://queenmobile.work/css/assets/css/fonts.css
Origin
https://queenmobile.work
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 06:33:56 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fT1qLd%2Bjrzyq5KqEK9dp5iMEwZeV97lSxXwfDlE35x92ZDBxLm3g6YLphRlC7sOl24XKgXCOThoGBUImJEgT%2F%2FRRPGX0FKTe7Fh8Yay%2F8sQ7NNtBoBP9KOCG2%2F6BQDpzqsEo"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
858cf5f0088abab1-MXP
alt-svc
h3=":443"; ma=86400
content-length
24880
expires
Sun, 25 Feb 2024 09:48:02 GMT
Lato-Bold.woff2
queenmobile.work/css/assets/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/fonts/Lato-Bold.woff2
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/assets/css/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e47c34e4bb6a2fe7f50c02b0656e10666ded963f874015cb10ee1be923ea4448

Request headers

Referer
https://queenmobile.work/css/assets/css/fonts.css
Origin
https://queenmobile.work
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 06:33:56 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=me0u%2BFCMvKfdO0dw14de50omI3vc7xCNXRHxx5wUA8KqGtpnyxqangSru4lN6f7ozoGZ%2Fo6sTU6cS7dSO8v4o6CIx3%2FnO8oUUYlGU103ml%2Br4zJxt4nmTvlDqfymGNXIZ23C"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
858cf5f0088bbab1-MXP
alt-svc
h3=":443"; ma=86400
content-length
28676
expires
Sun, 25 Feb 2024 09:48:02 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 		70 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/cdn-cgi/apps/head/gGnhaFgUmAF6JgrLhG4_QBFxwNY.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://queenmobile.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 06:33:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8309139
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4216
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJqBptq75dannkUvxG4H4Dv9YofDKupiwIZTlFhZcRT1maW1bCOWQqgx7%2FAl9%2FA24nBCOfHoxhgGsKBLwE0S663D%2FdkhKVTuIoY9%2BtW9%2BQqt3wz8BGeiESNQxr6E%2FQFnKoaUhyBC"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
858cf5f33b91e3e7-TLV
expires
Mon, 10 Feb 2025 06:33:57 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CloudflareApps function| $ function| jQuery function| Popper object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome boolean| isShift string| seperator string| dash function| cc_date function| date_of_birth string| dispatch

2 Cookies

Domain/Path Name / Value
snip.ly/ Name: sessionid
Value: fydi3m115gmscetzla7in4ip4it78ce5
queenmobile.work/ Name: PHPSESSID
Value: 61c274f9a842d292e047a58d774cdf34