urlscan.io logo urlscan.io
SecurityTrails logo

queenmobile.work Open in urlscan Pro
2606:4700:3035::6815:2393  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://snip.ly/Dhlll
Effective URL: https://queenmobile.work/css/login/
Submission: On February 21 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3035::6815:2393, located in United States and belongs to CLOUDFLARENET, US. The main domain is queenmobile.work.
TLS certificate: Issued by GTS CA 1P5 on January 5th 2024. Valid for: 3 months.
This is the only time queenmobile.work was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
18 2
Apex Domain
Subdomains		 Transfer
18 queenmobile.work
queenmobile.work
590 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 233
5 KB
1 snip.ly
snip.ly — Cisco Umbrella Rank: 496728
257 B
18 3
Domain Requested by
18 queenmobile.work 1 redirects queenmobile.work
1 cdnjs.cloudflare.com queenmobile.work
1 snip.ly 1 redirects
18 3

This site contains no links.

Subject Issuer Validity Valid
queenmobile.work
GTS CA 1P5		 2024-01-05 -
2024-04-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://queenmobile.work/css/login/
Frame ID: 932BF2FF40578C183ACB7CD11619080C
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Global Logistics - International Shipping | DHL Home | Israel

Page URL History Show full URLs

  1. https://snip.ly/Dhlll HTTP 302
    https://queenmobile.work/css/login HTTP 301
    https://queenmobile.work/css/login/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

595 kB
Transfer

1686 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://snip.ly/Dhlll HTTP 302
    https://queenmobile.work/css/login HTTP 301
    https://queenmobile.work/css/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
queenmobile.work/css/login/
Redirect Chain
  • https://snip.ly/Dhlll
  • https://queenmobile.work/css/login
  • https://queenmobile.work/css/login/
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8ea406149b8bdf888e3f8c9af8539f53545615c4f346690a9213d6f11fe4251

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
BYPASS
cf-ray
858f4b54dcb5b900-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 21 Feb 2024 13:21:46 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZBTEkmcZGARD5lpZWvU41lEFHP6kx4r6IQWMH1Y9twqtQMJf9hyT%2F2KxYNvxfteCm%2FX6CrYL7OJi0%2BfOhOyXdlJLSQdEmtPnC%2B7XAx3c%2BZBWU53OpL1FQZy69OHuCPMboWbrcJxW1Zxpzhw4K%2FWF"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

age
711
alt-svc
h3=":443"; ma=86400
cache-control
max-age=43200
cf-cache-status
HIT
cf-ray
858f4b548c31b900-AMS
content-type
text/html
date
Wed, 21 Feb 2024 13:21:45 GMT
location
https://queenmobile.work/css/login/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIYHukAVO%2B0JkJ8wimP0JW4apnSVMA%2FdxdSmHdDLyG2c4UVPLrEzEezfcJZ6R6D3CvvG0yAULJFGDLnO2PHXcoxhW4nhuiG0zfm5nLX8DAhlb7jv2tvf%2B8TLXkheI36CFKrNnSdzgBKvIPR%2BXFVX"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
gGnhaFgUmAF6JgrLhG4_QBFxwNY.js
queenmobile.work/cdn-cgi/apps/head/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/cdn-cgi/apps/head/gGnhaFgUmAF6JgrLhG4_QBFxwNY.js
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f1c73f2a9aaa7cc6ad6c7fab243b6218d031eee86b97d6d716f31815e6f71d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 13:21:46 GMT
x-amz-version-id
5Wp68z1GxEhXSpJxm3ma7n1Ar3e6Fsps
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
V23RGC018DGF8VFW
age
262894
alt-svc
h3=":443"; ma=86400
x-amz-id-2
uE1d7SoMoNYGiub0Ve/ScSinYKD2qie+gRfFTCKgSKq1GDyHYdVYN+OvWk+9xVhNtDns/S84BXU=
last-modified
Wed, 29 Nov 2023 06:09:56 GMT
server
cloudflare
etag
W/"9d8f86aa6140cdd456d44673eeef0f5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5ZvKNndyloYhvfmXdfef5f%2FFLlYRTKPyqmiF8hxWi4EkX2hMJHhOFqFCzYKuVLRSQ1zzbP6GEGOG%2Fn6ix6MN%2FsGPq0bJaplasDIFWZzN65zfge6MUg5gX58fqXKVqDHCCwcAGxuBufFfVQoUbNy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
858f4b586dfb66a5-AMS
bootstrap.min.css
queenmobile.work/css/assets/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/css/bootstrap.min.css
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 13:21:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
262894
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0AvdThq7VXqLCl2v7CalZ5XUOCCuXf7g75obhw51qmuGZfHZXqVmHJ6ZGvSEM7YF6%2BCZm5%2FCHJ%2FiE8ljgGw8h6uulruqNp0fpGnklM4keZxnh80Ngwyu760Yhi14spAnWmQFXVpfOLOVprGuw6q"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
858f4b586e0166a5-AMS
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 May 2024 09:48:02 GMT
helpers.css
queenmobile.work/css/assets/css/ 		40 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/css/helpers.css
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62fae6162fdef36b6f29192c48a261de4c76b8fe868566b99ed690af652f0fb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 13:21:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262894
cf-polished
origSize=41752
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nO7QV7pxBVUV913Iz00Ch3hE49TGu8n2Q3gvc8SvCuP9xLaCbFCiX2OmhwX2vQGng%2FSYYuld2YKXelJvrHHpz51b%2BaajTqxCq8G4DZNO72bBVblpgv94TOW49t24DpvtwS8j3wjHf3ynp7Vmj00O"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
858f4b586e0466a5-AMS
expires
Sat, 18 May 2024 09:48:02 GMT
fonts.css
queenmobile.work/css/assets/css/ 		3 KB
984 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/css/fonts.css
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6580d577168ce72c4d24561247070dfe13ca7b3242643ec4acf3f86dc66ffb60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 13:21:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262894
cf-polished
origSize=3315
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPzj%2BE3I%2Fo6saHuGfitKEHkMJRYZiY22Ajn7A8%2FNlNVCv0TUlp8%2FfUk%2FLCKYerEgFBrJp%2FQoGXOCpY%2FfwSzzvNK04EC4VQS950glQxmsHSVSk4lOUlpLDde4gmUPq%2Bn%2F1iuWis3SnVywlD3jMhGb"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
858f4b586e0766a5-AMS
expires
Sat, 18 May 2024 09:48:02 GMT
main.css
queenmobile.work/css/assets/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/css/main.css
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8869cd90c82d8ed1c71c22f067973a04d424c883bc79db8e522504fc9507958f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 13:21:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262894
cf-polished
origSize=6341
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4WoklMAa4AUwJXsqy1Ni5v6lyQ5RAX%2B309jZ701MCeRt2J1FAZ7f24fQInsvth82rW%2FI3V51vs182J7661bL5iY%2F%2BfXr%2BxmxrdhcNTzoeQhQb%2FbNSWfCPI8KFjnilbRn%2BVIJdNEgAnitUsGwxIa"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
858f4b586e0b66a5-AMS
expires
Sat, 18 May 2024 09:48:02 GMT
logo.svg
queenmobile.work/css/assets/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://queenmobile.work/css/assets/images/logo.svg
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 13:21:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
268544
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbqQx2sT0cP4tFsJhJ3kkKQ%2BiJF0Wc8kuKqJfcQHXQjMzfR86b%2FL0x2SINzqerRn%2BH5Sd%2Fu61TOMUjbb%2Bexs%2BtFLytqEkIsu6ezNHtAf27Tpwa1FUnIHa1Q247ihu6nOYgx%2B%2BD0EEdpn2S67YhwL"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
858f4b586e0c66a5-AMS
alt-svc
h3=":443"; ma=86400
expires
Mon, 17 Feb 2025 09:48:02 GMT
glo-footer-logo.svg
queenmobile.work/css/assets/images/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://queenmobile.work/css/assets/images/glo-footer-logo.svg
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5162de2ee844a80d76b7d7514c02ab7d5de72a5966113323d80eb56bf6ded038

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 13:21:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
110669
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3t%2FgHZ4ptxbMHI4YVa%2FWro%2BOFMbCTzL%2FX88j2a3%2B8H1HhPMpDMXJ2JPZv%2BboJqnRSbqXc36bgdb6dLoYz1uvv2FTZoe8RaQyh%2BAbUFCZCtRlpvFeOTtP6AlH5aivIMVXEGMITxrUwbrnAma8EjgL"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
858f4b586e0f66a5-AMS
alt-svc
h3=":443"; ma=86400
expires
Mon, 17 Feb 2025 09:48:02 GMT
jquery.min.js
queenmobile.work/css/assets/js/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/js/jquery.min.js
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 13:21:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
24770
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CaI2OFmkgLvWwXki0N9ByawZ9KtAYYybQt1UxGkejpTIVaky1XqA7rvgm66x2SrB0WMRm4%2FfC44NTZHi%2BI%2FNj%2BpOL8CnRX5udcZywK1cfhLU1pt1e84CWp%2Bv8nGg9sgpkLHWJC0EL3Z7jm5fPnp1"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
858f4b58bea966a5-AMS
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 May 2024 09:48:02 GMT
popper.min.js
queenmobile.work/css/assets/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/js/popper.min.js
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 13:21:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
268548
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nv1QD98RS2o5WUIGofYlKrrWjdOLjrx50xPwNDu9SuPcj1RaV0LWTKtgN9yxsmYQtQlD8kPhI8Ffi%2BZQ9BKZKK991INHeV4kG9NHSkIGyPK3KLZvMap%2BraxrTb%2F0JjQRETNgLHWOSoIK%2FARmt%2BpV"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
858f4b58eeff66a5-AMS
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 May 2024 09:48:02 GMT
bootstrap.min.js
queenmobile.work/css/assets/js/ 		133 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/js/bootstrap.min.js
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2caa6404ddb0de2b9d191b1e2c8b5c35c68ca48f2a9521140bbf83b27c063700

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 13:21:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
113639
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWELpc80BMxB7D8nyC3SsNeN0tr1U5nfH4fhyMbLase8vb7CqWiPwaR3EgppoxIiw2CPJFUI1iCQrHISW9bJYN4R7F0EPW4A91vz%2B2SqO%2FcOMUI6O5vskPZTeW1rG3kBPN72x9bGnemjYtHHVxBt"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
858f4b58ef0466a5-AMS
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 May 2024 09:48:02 GMT
fontawesome.min.js
queenmobile.work/css/assets/js/ 		1 MB
371 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/js/fontawesome.min.js
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 13:21:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
113639
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ntg%2BfBcv%2BqkNuJ3OohZaAfL%2FrBc7fY1dCgwiq4DuhTtRT3xjTmDahA73%2BnT13pgpM2wQdUqY4RPA5tKszD87IaHjlC2TmmN0RIR6rC%2Feehrxt3G6g2D0zCF%2F0n5xDnUAsIec2kxnxbJjuzV61gQ%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
858f4b58ef0566a5-AMS
alt-svc
h3=":443"; ma=86400
expires
Sat, 18 May 2024 09:48:02 GMT
main.js
queenmobile.work/css/assets/js/ 		797 B
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/js/main.js
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
198531279d3336f75ca9f47b6095a4d2e3ae2447d7c07b6262cd35ba166e73db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/css/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 13:21:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
113639
cf-polished
origSize=1956
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3Y26ZpHpdzUIW711i0RXFnHoU4dBta7Av7u7NXg%2BWZmZ%2BeilqdI6%2FnUMxIkCCvPwhvxP75jJjltv0IMS%2Bc1VWw%2FyLf7Zn4p3r6Xe8hA1Ib5e6Tb%2FQ%2FvQ%2Fz3R%2B9kcM%2BqjBhjs6Z%2B1tZ1bxN5RIDq"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=7776000
x-turbo-charged-by
LiteSpeed
cf-ray
858f4b58ef0866a5-AMS
expires
Sat, 18 May 2024 09:48:02 GMT
Lato-Regular.woff2
queenmobile.work/css/assets/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/fonts/Lato-Regular.woff2
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/assets/css/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76df5b67646f4f0f999d4e1c482ab2007b948f3b9acc2c8a207bfdb214103855

Request headers

Referer
https://queenmobile.work/css/assets/css/fonts.css
Origin
https://queenmobile.work
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 13:21:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110669
alt-svc
h3=":443"; ma=86400
content-length
29188
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KT8qfGzLztnpKpXqJbnlIo6ikvpo6BqHA8hqeV7HBuVrZ%2FAKUQAAc7BxJvYUMqV9begmVsFdVjL2Wdw82QMgQaA2yZbeqmL0wC33yIclOctFPxWj%2F0OuLTpTMtAxRAMiYjIDEZjon8e6%2BANp7OQR"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
858f4b591f7466a5-AMS
expires
Sun, 25 Feb 2024 09:48:02 GMT
Lato-Black.woff2
queenmobile.work/css/assets/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/fonts/Lato-Black.woff2
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/assets/css/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c16911984dce7909e91263930a1f34352a03476a6c58894a482f33aad91cd379

Request headers

Referer
https://queenmobile.work/css/assets/css/fonts.css
Origin
https://queenmobile.work
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 13:21:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
165791
alt-svc
h3=":443"; ma=86400
content-length
28284
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yeP6bjjxn2SBzxlCjY3wnFI3PpvG02%2FlZ8MAsNejBLD5fEyVPo%2FnTh3iZ1ejq605vLplMyJ%2BzKOER7a5o0UUT11shnXBOeSqnB3ZdKberbKrtOoyC2V7SxROWgCRz1Im6TjNdyIL1hxGJ%2B6av26x"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
858f4b591f7866a5-AMS
expires
Sun, 25 Feb 2024 09:48:02 GMT
Lato-Light.woff2
queenmobile.work/css/assets/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/fonts/Lato-Light.woff2
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/assets/css/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4c2248c2087eb5f44a46a67b8b4ce961d0fde9053dbfda30cf6af08a6c70e6

Request headers

Referer
https://queenmobile.work/css/assets/css/fonts.css
Origin
https://queenmobile.work
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 13:21:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
267308
alt-svc
h3=":443"; ma=86400
content-length
24880
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQQu2eOiKkxazg1sfdXQxlqEnOcls52aCH45QrAACmlZSvTXkpRwuaP2xXqY7B4S7A9c7ihqctZahUj9yOYnwcVsQ0lC0lwb6m23tLwMEm3df8j%2F8z28Msnbz2bY%2BeKdMPDv89hjrhainfW2k9UL"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
858f4b591f7a66a5-AMS
expires
Sun, 25 Feb 2024 09:48:02 GMT
Lato-Bold.woff2
queenmobile.work/css/assets/fonts/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://queenmobile.work/css/assets/fonts/Lato-Bold.woff2
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/css/assets/css/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e47c34e4bb6a2fe7f50c02b0656e10666ded963f874015cb10ee1be923ea4448

Request headers

Referer
https://queenmobile.work/css/assets/css/fonts.css
Origin
https://queenmobile.work
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 13:21:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
268543
alt-svc
h3=":443"; ma=86400
content-length
28676
last-modified
Fri, 22 Jul 2022 07:33:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euBh%2Ftz3dHXqWOQutSLUh6BiEc%2BoMZOJo4IBThnJDtG85w2eOMZ7g5l%2FuC6M4boW3AdaKtIYWk5ynvWGAm3AO5lxPg6by4MXhOAjanAKZwZE9LE5m6n1yd4%2F3cbaYMI0UkMl7rgDL1I8CcyKwHZK"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
858f4b591f7e66a5-AMS
expires
Sun, 25 Feb 2024 09:48:02 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 		70 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: queenmobile.work
URL: https://queenmobile.work/cdn-cgi/apps/head/gGnhaFgUmAF6JgrLhG4_QBFxwNY.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://queenmobile.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 13:21:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1112637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4216
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9W27JfbBk2sIucuVGsfg0OnZNAqqcMfrRXi1vN15XzA6T57ieFWsq3fwU3nBIofi8GrCUcT2I9VUEWBmu%2F9VHHAan5AcDPiTk9HE8Jy2Dp02vLuXKesStKBzQiSR8TpQU0jAwGECZCrKrRJDhESI%2FMmT"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
858f4b5a4be330ed-FRA
expires
Mon, 10 Feb 2025 13:21:46 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CloudflareApps function| $ function| jQuery function| Popper object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome boolean| isShift string| seperator string| dash function| cc_date function| date_of_birth string| dispatch

2 Cookies

Domain/Path Name / Value
snip.ly/ Name: sessionid
Value: 9tofsbhwz6dlwftb3tljpzcxgx64yg3j
queenmobile.work/ Name: PHPSESSID
Value: 2c9cd5ccde3a13ac421e8e88da35c90a