queenmobile.work Open in urlscan Pro
2606:4700:3036::ac43:b0b7  Malicious Activity! Public Scan

Submitted URL: https://snip.ly/Dhlll
Effective URL: https://queenmobile.work/css/login/
Submission: On February 22 via api from BE — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3036::ac43:b0b7, located in United States and belongs to CLOUDFLARENET, US. The main domain is queenmobile.work.
TLS certificate: Issued by GTS CA 1P5 on January 5th 2024. Valid for: 3 months.
This is the only time queenmobile.work was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
18 2
Apex Domain
Subdomains
Transfer
18 queenmobile.work
queenmobile.work
590 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 233
5 KB
1 snip.ly
snip.ly — Cisco Umbrella Rank: 496728
257 B
18 3
Domain Requested by
18 queenmobile.work 1 redirects queenmobile.work
1 cdnjs.cloudflare.com queenmobile.work
1 snip.ly 1 redirects
18 3

This site contains no links.

Subject Issuer Validity Valid
queenmobile.work
GTS CA 1P5
2024-01-05 -
2024-04-04
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh

This page contains 1 frames:

Primary Page: https://queenmobile.work/css/login/
Frame ID: 267337E9CAE342E904D7086E5B307C1D
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

Global Logistics - International Shipping | DHL Home | Israel

Page URL History Show full URLs

  1. https://snip.ly/Dhlll HTTP 302
    https://queenmobile.work/css/login HTTP 301
    https://queenmobile.work/css/login/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

595 kB
Transfer

1686 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://snip.ly/Dhlll HTTP 302
    https://queenmobile.work/css/login HTTP 301
    https://queenmobile.work/css/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
queenmobile.work/css/login/
Redirect Chain
  • https://snip.ly/Dhlll
  • https://queenmobile.work/css/login
  • https://queenmobile.work/css/login/
7 KB
2 KB
Document
General
Full URL
https://queenmobile.work/css/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b0b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4642296fdae00b3b3f07504bda5725bf3ecc82fb074c0352d2a56cc5bf2ae741

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
BYPASS
cf-ray
8592f3b08d4c2d16-IAD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 22 Feb 2024 00:00:59 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wx8DzhLVjZ2yeUmQmm4wUIj1a86b1y10N0xjLmG6zeH5EJd8QJh8HlYOHKgah89mZMwdxsFb13wZCeQu0r3cZpAoqJxaIgdwSRErBXyOf6%2BX7tucFalZg4%2FjTpydww%2FIBLKkcsXRHmGE%2BbKFiIjj"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=43200
cf-cache-status
HIT
cf-ray
8592f3add97a2d16-IAD
content-type
text/html
date
Thu, 22 Feb 2024 00:00:58 GMT
location
https://queenmobile.work/css/login/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYMPrWwXvnc64x1Ll84u6xWtU2%2FA%2BQZ4JkLZbGs74sS%2BcMvBnK379ol2cNsH1ayPjcr9SYAiHDys7%2BUDY3v4KOGPOGhqb%2BSMnTnHtrhnybrRL7LF6lo3r8u%2BmzKRh5TZyRmT5SMF8LhlD3P0DI34"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
gGnhaFgUmAF6JgrLhG4_QBFxwNY.js
queenmobile.work/cdn-cgi/apps/head/
11 KB
4 KB
Script
General
Full URL
https://queenmobile.work/cdn-cgi/apps/head/gGnhaFgUmAF6JgrLhG4_QBFxwNY.js
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b0b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f1c73f2a9aaa7cc6ad6c7fab243b6218d031eee86b97d6d716f31815e6f71d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 00:00:59 GMT
x-amz-version-id
5Wp68z1GxEhXSpJxm3ma7n1Ar3e6Fsps
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NP0PT48GA2ZP4H8Z
age
31071
alt-svc
h3=":443"; ma=86400
x-amz-id-2
saCP5/Oy/PAjzyqJm9u573F8c3DasT6u1CFJY5uf/4CVESpxCjEq4CqCgTEtQ1D/LLbw1rzrm+U=
last-modified
Wed, 29 Nov 2023 06:09:56 GMT
server
cloudflare
etag
W/"9d8f86aa6140cdd456d44673eeef0f5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4bclpezyvTBGQkanUW%2FiQHaycffFVeMg7LxWuPdbXI3emPh4XpqJ3zmidTTlmd3epkdUFam8MBatT4UyVLMIkOeAYt6aszj%2F8smjdqQ9Plw1zjXqqPbPV90xqTrfn9IYuby6VTEDqygk6bMC0Ss"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
8592f3b2e9da7832-CDG
bootstrap.min.css
queenmobile.work/css/assets/css/
152 KB
24 KB
Stylesheet
General
Full URL
https://queenmobile.work/css/assets/css/bootstrap.min.css
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b0b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 00:00:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
31072
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVqY9ykunmqJL3Zf2SqbWsvnLZEJgE2zsBwXflY%2FlkadGJFANdwVsPFbFPcOYUnz1ApDC2kpL147oXj3e%2FR4WsChidTD1jTE9hRjOFVXMwvHRy0imCcL0j9x%2FQAsTekt447tmTi8i9uFwUI9skJ3"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
8592f3b2e9db7832-CDG
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 May 2024 09:48:02 GMT
helpers.css
queenmobile.work/css/assets/css/
40 KB
4 KB
Stylesheet
General
Full URL
https://queenmobile.work/css/assets/css/helpers.css
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b0b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62fae6162fdef36b6f29192c48a261de4c76b8fe868566b99ed690af652f0fb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 00:00:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31072
cf-polished
origSize=41752
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sC%2BXmJ0GalnbeBhQjQm2Oih7vZLlPFpufqK2kMQav3CNVQBjXleQRP2luXexICSe6TJIfPKluhLYoy2c6Xk35vG%2BJw7iK8wv4zIXVhSQyaxY8V2h8jJucIR%2F9xNmxa65WGJarX%2Ft%2FhFt78fJk68"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
8592f3b2e9dc7832-CDG
expires
Sat, 18 May 2024 09:48:02 GMT
fonts.css
queenmobile.work/css/assets/css/
3 KB
1012 B
Stylesheet
General
Full URL
https://queenmobile.work/css/assets/css/fonts.css
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b0b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6580d577168ce72c4d24561247070dfe13ca7b3242643ec4acf3f86dc66ffb60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 00:00:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31072
cf-polished
origSize=3315
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xLI3YoG4tPZ5w4JIJMUmm4YU4pO4jsh9YTDX%2Bh4TIj6%2BsJFbDrKnINpGdwSn0y9kk2iUrbEEMsqx4JwuxRTCqgaNhIHbbyP%2BpChosOVuXqyj7Z0bdOgblpsMsPpVc%2FqpKcSZgyN7zyeOGYK10pX"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
8592f3b2e9dd7832-CDG
expires
Sat, 18 May 2024 09:48:02 GMT
main.css
queenmobile.work/css/assets/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://queenmobile.work/css/assets/css/main.css
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b0b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8869cd90c82d8ed1c71c22f067973a04d424c883bc79db8e522504fc9507958f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 00:00:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
139883
cf-polished
origSize=6341
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QFLYUxF9hQ5rFoA9npms1WictRLe%2Fdz%2BPWvefF7LFLuNXCcgDMCq0WzQb91Itnf1DOg4v7iJoz%2FVNj4ZFfFSNl5Z2bsThFIK7cWu3FtZPUhPU9eFRDcpClbghKwVQ2fPl53KSHb3Gg6vGW8kO3k"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
8592f3b2e9de7832-CDG
expires
Sat, 18 May 2024 09:48:02 GMT
logo.svg
queenmobile.work/css/assets/images/
2 KB
1 KB
Image
General
Full URL
https://queenmobile.work/css/assets/images/logo.svg
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b0b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 00:00:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
31072
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtyV0fGwh89LOGsAFs%2FmOc0jsrQYC8mqJByAXCJERSXTUcSz5B8pZHTKys6hiIhME9iKLG42mXAcmAi2QElh1TnhRJ6ke2ehdi14G8wQ8ClpqWXqsu1O5%2F9Hn0u74PihLCmidgMMYbcj2xxQDfbM"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
8592f3b2e9df7832-CDG
alt-svc
h3=":443"; ma=86400
expires
Mon, 17 Feb 2025 09:48:02 GMT
glo-footer-logo.svg
queenmobile.work/css/assets/images/
12 KB
4 KB
Image
General
Full URL
https://queenmobile.work/css/assets/images/glo-footer-logo.svg
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b0b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5162de2ee844a80d76b7d7514c02ab7d5de72a5966113323d80eb56bf6ded038

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 00:00:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
31072
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4018OGKBvlCw5REtRGFObkLDmK%2FvSFPS2R5%2BvxjPseRlAFA%2BrCiqXjrRNPrV9MkErMNGcOXyRuKB9zW0kufXK61ZL2vfXDO31DiG9jnOlAXhretalez4kHU3%2B8w7FB4IhQUQCsYR27VUsSfOAP%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
8592f3b2e9e07832-CDG
alt-svc
h3=":443"; ma=86400
expires
Mon, 17 Feb 2025 09:48:02 GMT
jquery.min.js
queenmobile.work/css/assets/js/
86 KB
32 KB
Script
General
Full URL
https://queenmobile.work/css/assets/js/jquery.min.js
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b0b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 00:00:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
31072
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBwfgRZpZUIdDo3cbq%2B3EKf%2BTM99geyx%2Fe25cbabjpGiNGo4PES1GByiN00NIn2axuvKUGceRErokE9kJK3pLdyCWGBB2eT4rVkCJApgJfsqnPa1Y0qPOYJMhuI8TGSo27kRlS0wf%2FHvQLTR%2BkDr"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
8592f3b33a167832-CDG
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 May 2024 09:48:02 GMT
popper.min.js
queenmobile.work/css/assets/js/
20 KB
8 KB
Script
General
Full URL
https://queenmobile.work/css/assets/js/popper.min.js
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b0b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 00:00:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
31072
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RW2qA4LKUIGezvxi4rrX58%2BqGKy2C5hHquJob%2BPTO83EQIoIa0MHUxCVyBlqHnUcJNYAlqzGAcyspudSMqDwYRsCc0Mal%2B0lrWSui7LcVMxGeYwf1gdr4kV%2FY%2B9pU1l%2B7P3SAZ57dPsEiYsPiB%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
8592f3b34a197832-CDG
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 May 2024 09:48:02 GMT
bootstrap.min.js
queenmobile.work/css/assets/js/
133 KB
26 KB
Script
General
Full URL
https://queenmobile.work/css/assets/js/bootstrap.min.js
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b0b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2caa6404ddb0de2b9d191b1e2c8b5c35c68ca48f2a9521140bbf83b27c063700

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 00:00:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
31071
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fF0zUb80%2Fb0D7aPXibQl9cgZ2NBb64NXdk%2FJyOudPgsOKXxyU%2FAvQaFKZZ8AZjjK4fkxgsxBP1n0XDCLuxxUV26aKXIIWByABWyk4d2WrqCxyFqPbKboDi7Wc6z%2BmHPsNz%2FV3LueasbKB%2BO3smV"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
8592f3b34a1a7832-CDG
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 May 2024 09:48:02 GMT
fontawesome.min.js
queenmobile.work/css/assets/js/
1 MB
371 KB
Script
General
Full URL
https://queenmobile.work/css/assets/js/fontawesome.min.js
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b0b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 00:00:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
31072
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5Z8muZuXwXAhv%2FIieTH0V4Ro%2Bglly%2FtVWQZZMDD9vwn%2BI9WP8OYgHKWj35ayIfYOGn%2F4AU58gO6BbFMhF8ddLIqfSaAYuVRCtEPCYHu9KBEc23eWIK%2Fzebr2epGc5ACDvrsAxcO0WSLyrg74uGX"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
8592f3b34a1c7832-CDG
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 May 2024 09:48:02 GMT
main.js
queenmobile.work/css/assets/js/
797 B
860 B
Script
General
Full URL
https://queenmobile.work/css/assets/js/main.js
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b0b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
198531279d3336f75ca9f47b6095a4d2e3ae2447d7c07b6262cd35ba166e73db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 00:00:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31071
cf-polished
origSize=1956
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VS63TniFsqAjJl%2FYSojCLnn5c%2BWmGAb36bUXGKRHEEGEE%2FL0205tVep7cqnuq%2F2EpTZVcgwmx3OWNmvmfq9o9%2ByzQl59uHG2T7rO01bOOIDgjCsm6dHqb3WNV5ynjf2PBMC4oxv96AJp6SxskqMr"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
8592f3b34a1d7832-CDG
expires
Sat, 18 May 2024 09:48:02 GMT
Lato-Regular.woff2
queenmobile.work/css/assets/fonts/
29 KB
29 KB
Font
General
Full URL
https://queenmobile.work/css/assets/fonts/Lato-Regular.woff2
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/assets/css/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b0b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76df5b67646f4f0f999d4e1c482ab2007b948f3b9acc2c8a207bfdb214103855

Request headers

Referer
https://queenmobile.work/css/assets/css/fonts.css
Origin
https://queenmobile.work
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 00:00:59 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7wgyv%2B%2B5kyiPfVmnqme%2BbMPPpu%2BzB6ZLYXBOyh8i9yNAD%2FRtbyZVMQbToHAeQrBBtequw%2BKLAAsil%2BH2v7ZnHTlSTAPLoKtYdQZpA70Ue2kMg73RRTrZoDPyv76Va%2FtXqNN%2BYKyq9EQzg9R71gC"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8592f3b3ba6f7832-CDG
alt-svc
h3=":443"; ma=86400
content-length
29188
expires
Sun, 25 Feb 2024 09:48:02 GMT
Lato-Black.woff2
queenmobile.work/css/assets/fonts/
28 KB
28 KB
Font
General
Full URL
https://queenmobile.work/css/assets/fonts/Lato-Black.woff2
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/assets/css/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b0b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c16911984dce7909e91263930a1f34352a03476a6c58894a482f33aad91cd379

Request headers

Referer
https://queenmobile.work/css/assets/css/fonts.css
Origin
https://queenmobile.work
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 00:00:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
139881
alt-svc
h3=":443"; ma=86400
content-length
28284
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vd%2F8usWVCBn366OdHz2V98fG1Te8IPm8XbK8EhhMXPAXgPZVAVCCSSrv4gq%2BTy0jO%2F52zrn2RWYGjge8kSpQbnwWRbA0aWT1DBHJuaQV7APWP%2BzNb4pdWyMN2CqAC6zOkMb8bBfb8MmXWy2hp536"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8592f3b3ba737832-CDG
expires
Sun, 25 Feb 2024 09:48:02 GMT
Lato-Light.woff2
queenmobile.work/css/assets/fonts/
24 KB
25 KB
Font
General
Full URL
https://queenmobile.work/css/assets/fonts/Lato-Light.woff2
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/assets/css/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b0b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4c2248c2087eb5f44a46a67b8b4ce961d0fde9053dbfda30cf6af08a6c70e6

Request headers

Referer
https://queenmobile.work/css/assets/css/fonts.css
Origin
https://queenmobile.work
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 00:00:59 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0Fe6yNsMSmz0iyAE3hydOFWsp2KS6wLD9TxD0XmN0%2BUPzzTJVCgUsQ%2BrWV58fvxfjNc6rNhUqZnbkfigMd28mn0gzQKbKbxsttAI89iSf%2Byw2P4V30uDlfl%2FB6FAGdIZYAOhgjKjE%2FT7tSXJCNn"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8592f3b3ba747832-CDG
alt-svc
h3=":443"; ma=86400
content-length
24880
expires
Sun, 25 Feb 2024 09:48:02 GMT
Lato-Bold.woff2
queenmobile.work/css/assets/fonts/
28 KB
29 KB
Font
General
Full URL
https://queenmobile.work/css/assets/fonts/Lato-Bold.woff2
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/assets/css/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b0b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e47c34e4bb6a2fe7f50c02b0656e10666ded963f874015cb10ee1be923ea4448

Request headers

Referer
https://queenmobile.work/css/assets/css/fonts.css
Origin
https://queenmobile.work
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 00:01:00 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=endp7O3UU9ZgdnJaBqxBINFx6MpyJD3DELiHsgjsqkheM74XkIeYmPqnVMMYfH2z1IqgwHEy9kipZjsnH15FT04WmDsyUU2wQueKAXQ5RSapw1S9dODMI%2BHUUtIgVZcTohV1R3aryeElreZRy7Aq"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8592f3b3ba767832-CDG
alt-svc
h3=":443"; ma=86400
content-length
28676
expires
Sun, 25 Feb 2024 09:48:02 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/
70 KB
5 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/cdn-cgi/apps/head/gGnhaFgUmAF6JgrLhG4_QBFxwNY.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 00:00:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2417387
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4216
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpWI0nIOsQtt6qs7%2FwoIzc7y7jllpKxEhVV5pN7YHRyVHypaT4P8M5GWpxWeujsMBg61JItpBI%2BpqeYzzT5r0GdSU8SZVFx5Cjrw3c7yCH7Q514KAoPZeA9Q%2BPLvfbepYNi31s1D4%2FaJxGJt3weFy8zG"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8592f3b50b4065b8-FRA
expires
Tue, 11 Feb 2025 00:00:59 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CloudflareApps function| $ function| jQuery function| Popper object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome boolean| isShift string| seperator string| dash function| cc_date function| date_of_birth string| dispatch

2 Cookies

Domain/Path Name / Value
snip.ly/ Name: sessionid
Value: lbszq3a5kt5ph5ixpgvrw5bl9rlrx0zj
queenmobile.work/ Name: PHPSESSID
Value: 6c459189dde71ceb3490811110ecba20