www.jacquelinekirstein.com Open in urlscan Pro
2606:4700:3030::ac43:aa99 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.jacquelinekirstein.com/fresh
Effective URL:
http://www.jacquelinekirstein.com/fresh/
Submission Tags: 7067258
Submission: On April 12 via api (April 12th 2021, 2:04:07 pm UTC) from NL

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3030::ac43:aa99, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.jacquelinekirstein.com.

This is the only time www.jacquelinekirstein.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer) Office 365 (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 13	2606:4700:303... 2606:4700:3030::ac43:aa99	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	5.149.255.154 5.149.255.154	59711 (HZ-EU-AS) (HZ-EU-AS)
1 1	103.224.212.220 103.224.212.220	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1	13.248.148.254 13.248.148.254	16509 (AMAZON-02) (AMAZON-02)
2	45.77.192.33 45.77.192.33	20473 (AS-CHOOPA) (AS-CHOOPA)
27	4

13 2606:4700:3030::ac43:aa99 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.jacquelinekirstein.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 5.149.255.154 (Netherlands)

ASN59711 (HZ-EU-AS, BG)

lancheck.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.224.212.220 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-220.above.com

urlvalidation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.148.254 (United States)

ASN16509 (AMAZON-02, US)
PTR: aba1c1ff9d2ec5376.awsglobalaccelerator.com

ww38.urlvalidation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.77.192.33 (Miami, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 45.77.192.33.vultr.com

rules.similardeals.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	jacquelinekirstein.com 1 redirects www.jacquelinekirstein.com	151 KB
12	lancheck.net lancheck.net	3 KB
2	similardeals.net rules.similardeals.net	5 KB
2	urlvalidation.com 1 redirects urlvalidation.com ww38.urlvalidation.com	329 B
27	4

	Domain	Requested by
13	www.jacquelinekirstein.com	1 redirects www.jacquelinekirstein.com
12	lancheck.net	www.jacquelinekirstein.com
2	rules.similardeals.net	www.jacquelinekirstein.com rules.similardeals.net
1	ww38.urlvalidation.com	www.jacquelinekirstein.com
1	urlvalidation.com	1 redirects
27	5

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.jacquelinekirstein.com/fresh/
Frame ID: 2179A81E3112E77E92D113B9167EA0A7
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Microsoft Office | Share, Upload, Extract

Page URL History Show full URLs

https://www.jacquelinekirstein.com/fresh HTTP 301
http://www.jacquelinekirstein.com/fresh/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

27
Requests

0 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

158 kB
Transfer

190 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.jacquelinekirstein.com/fresh HTTP 301
http://www.jacquelinekirstein.com/fresh/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

http://urlvalidation.com/whoami?jsonp=func60148 HTTP 302
http://ww38.urlvalidation.com/whoami?jsonp=func60148

27 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.jacquelinekirstein.com/fresh/ Redirect Chain https://www.jacquelinekirstein.com/fresh http://www.jacquelinekirstein.com/fresh/	6 KB 3 KB	281ms 259ms	Document text/html	2606:4700:3030::ac43:aa99 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.jacquelinekirstein.com/fresh/ Protocol HTTP/1.1 Server 2606:4700:3030::ac43:aa99 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a36df4f899c392d281bc99d6d2b9052d978e64b3353b97e73f4e602584a0d7a3` Request headers Host www.jacquelinekirstein.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Cookie __cfduid=d2f19ff4e31d8882cfc60dcf40348b8aa1618236226 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive CF-Cache-Status DYNAMIC cf-request-id 0967fe55610000323cebba5000000001 Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v6tJj3u7S4xYg8IzFENsdnt%2BmMprizUJ%2FHggZxpVA3Wg4IS0tJL1gkFGFWmAblUzj50Li27bZ7lQFRezTHbH5m60dZazEgAQBiBZzMfkCCnrR3DxAO5gX6Lf%2Ft%2BBDU7JzkrSxG9lZg%3D%3D"}],"max_age":604800} NEL {"max_age":604800,"report_to":"cf-nel"} Server cloudflare CF-RAY 63ed00023cbe323c-FRA Content-Encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Redirect headers date Mon, 12 Apr 2021 14:03:46 GMT content-type text/html; charset=iso-8859-1 set-cookie __cfduid=d2f19ff4e31d8882cfc60dcf40348b8aa1618236226; expires=Wed, 12-May-21 14:03:46 GMT; path=/; domain=.jacquelinekirstein.com; HttpOnly; SameSite=Lax location http://www.jacquelinekirstein.com/fresh/ cf-cache-status DYNAMIC cf-request-id 0967fe540200003233ff82f000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rW6CvoZYm6ntldtUVlrl64NUELlu4hBHHautpFoMrAaGOEYTQRdJJ%2B5CBDFjcmSoHUz040uIarmhzyyhZUYML7OScg2GnpuVsRBOjaEuWURFFZg3Rc6%2FBVqgI%2BopHd%2FVoppElAwTbQ%3D%3D"}]} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 63ed00000bda3233-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	whoami www.jacquelinekirstein.com/fresh/files/	0 0	269ms 261ms	Script text/html	2606:4700:3030::ac43:aa99 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.jacquelinekirstein.com/fresh/files/whoami Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/ Protocol HTTP/1.1 Server 2606:4700:3030::ac43:aa99 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://www.jacquelinekirstein.com/fresh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Report-To {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kbsZI0ybuILXddWIrFsx6Gda%2FF8uMxLoSpGdmoXlEZdnX19R2IPKzt%2FZf%2F44XrY8o71KfEVSHNwHoAoDE2SfxEu9ysNP%2BQik7z%2Fh7fMAKXLlUwn3DiYcW3mv7TfHqnjGk3XdEiCNlA%3D%3D"}]} Content-Type text/html; charset=iso-8859-1 Connection keep-alive CF-RAY 63ed0003e802d72d-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0967fe56720000d72d58086000000001
GET H/1.1	200 OK	offff.png www.jacquelinekirstein.com/fresh/files/	11 KB 11 KB	28ms 19ms	Image image/png	2606:4700:3030::ac43:aa99 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://www.jacquelinekirstein.com/fresh/files/offff.png Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/ Protocol HTTP/1.1 Server 2606:4700:3030::ac43:aa99 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fcacbe9443312a9ae8d582068921b00a14781c675024452286f2a14b0373b12d` Request headers Referer http://www.jacquelinekirstein.com/fresh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT CF-Cache-Status HIT NEL {"max_age":604800,"report_to":"cf-nel"} Age 1797 Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 10944 cf-request-id 0967fe567200000742fdaae000000001 Last-Modified Fri, 04 Nov 2016 08:12:32 GMT Server cloudflare Vary Accept-Encoding Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=auS2w0ec%2FVIk3hoy2w%2BNTf1TUkJjkq6drKLxZvWf1PYJpTTgmKJPy8XaEr1W3RclYFzxRY8uovepirXf%2FS8j5plOhuRmGYRcTmfiMPPAp8lCac5bqHQABb%2BSkaSfBvPxeBN6ui8DSQ%3D%3D"}],"max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 63ed0003e8c00742-FRA
GET H/1.1	200 OK	wrdd.png www.jacquelinekirstein.com/fresh/files/	6 KB 7 KB	49ms 41ms	Image image/png	2606:4700:3030::ac43:aa99 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://www.jacquelinekirstein.com/fresh/files/wrdd.png Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/ Protocol HTTP/1.1 Server 2606:4700:3030::ac43:aa99 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4068f2441ef1e7b31cf1b2f3136f35587b019b03e7e654c7dd0f830296eee8c7` Request headers Referer http://www.jacquelinekirstein.com/fresh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 1797 Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 6520 cf-request-id 0967fe567300004a735aaaf000000001 Last-Modified Fri, 04 Nov 2016 08:12:34 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C%2FDLcl0NQ0HL6dNUHa2UkwmQNgrxL%2F5RD6dKmWEYfue%2BVoGcxe3JckNwjKIfIUcuRu%2F02tvK7S6SAPNRzaxZY0bTxT71I7oAtlwJFowq3RSefe%2B65TmmsbWo5DuXSbiWbS1NK8XZCA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 63ed0003ef5e4a73-FRA
GET H/1.1	200 OK	e.jpg www.jacquelinekirstein.com/fresh/files/	3 KB 3 KB	15ms 15ms	Image image/jpeg	2606:4700:3030::ac43:aa99 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://www.jacquelinekirstein.com/fresh/files/e.jpg Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/ Protocol HTTP/1.1 Server 2606:4700:3030::ac43:aa99 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `35a932a9200775e7c0c87f89c1a6abd42c2c2d15731f6be0fc9a6574fe8d0b46` Request headers Referer http://www.jacquelinekirstein.com/fresh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT CF-Cache-Status HIT NEL {"max_age":604800,"report_to":"cf-nel"} Age 1797 Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 2793 cf-request-id 0967fe56800000323cee2bb000000001 Last-Modified Fri, 04 Nov 2016 08:12:52 GMT Server cloudflare Vary Accept-Encoding Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YY9eJxJK1sBwAB5nm3aKWgR7o7keZOjPvdrPvXYC6OY0GKyr3yMnuqhMQOjatI2PJhgqShCg6uJUuKuhzUOchAVZI8%2FFg6lOWZtMRLjufvqgFHkyhm3IMhYVclLt0KRoGROaWD2glQ%3D%3D"}],"max_age":604800} Content-Type image/jpeg Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 63ed00040fc8323c-FRA
GET H/1.1	200 OK	p.jpg www.jacquelinekirstein.com/fresh/files/	4 KB 4 KB	15ms 14ms	Image image/jpeg	2606:4700:3030::ac43:aa99 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://www.jacquelinekirstein.com/fresh/files/p.jpg Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/ Protocol HTTP/1.1 Server 2606:4700:3030::ac43:aa99 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bef4a86a0b251bdd22f59e356f0a5732985dd02e964a3a4a7dc6fafb91e4b8f3` Request headers Referer http://www.jacquelinekirstein.com/fresh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT CF-Cache-Status HIT NEL {"max_age":604800,"report_to":"cf-nel"} Age 1797 Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 3597 cf-request-id 0967fe568800000742d7a79000000001 Last-Modified Fri, 04 Nov 2016 08:12:56 GMT Server cloudflare Vary Accept-Encoding Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VyRjshLGmZ%2FQ736zR%2BgHY4TZWWPl8%2FyMKZymSqLSMZU5ERIdIn99o52%2F%2FqfdKcKgQO9QBNGNGegYw7cze1hetsfcyqPYLBlHHWMd%2Bg4SLPBEjaK%2BV2OQ0HtZKr16UhlTQmiO%2Fn7ljg%3D%3D"}],"max_age":604800} Content-Type image/jpeg Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 63ed000409090742-FRA
GET H/1.1	200 OK	email-validation.js Show response www.jacquelinekirstein.com/fresh/files/	97 B 916 B	21ms 18ms	Script application/javascript	2606:4700:3030::ac43:aa99 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.jacquelinekirstein.com/fresh/files/email-validation.js Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/ Protocol HTTP/1.1 Server 2606:4700:3030::ac43:aa99 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `50c7ff69872c51c23a5a9a56e8d3605822f954bc91905a0c4e1e6679bf160cb4` Request headers Referer http://www.jacquelinekirstein.com/fresh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"max_age":604800,"report_to":"cf-nel"} Age 1797 Transfer-Encoding chunked Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0967fe566c0000323cf0a8c000000001 Last-Modified Fri, 04 Nov 2016 08:14:02 GMT Server cloudflare Vary Accept-Encoding Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0WJZHBQ%2BGjwAcdpHGV%2BtJrg3cnYO6vU6AeEg%2BSh6SSzMYPXwQqfF1AERw%2Boxkjuxe4tcQR%2BNESWKQNpHco2Vmo%2B35xpWmtjO%2FDFGux4sPsZgcTgmoc04llph4k%2FBx%2Fp2cTe8He5nbA%3D%3D"}],"max_age":604800} Content-Type application/javascript Cache-Control max-age=14400 CF-RAY 63ed0003ef96323c-FRA
GET H/1.1	200 OK	oflog.png www.jacquelinekirstein.com/fresh/files/	63 KB 64 KB	12ms 11ms	Image image/png	2606:4700:3030::ac43:aa99 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://www.jacquelinekirstein.com/fresh/files/oflog.png Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/ Protocol HTTP/1.1 Server 2606:4700:3030::ac43:aa99 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d8747ec2f7f2781e5544af558f8a56bd18bbe9f50579d7efba243d109d66f31c` Request headers Referer http://www.jacquelinekirstein.com/fresh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT CF-Cache-Status HIT NEL {"max_age":604800,"report_to":"cf-nel"} Age 1796 Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 65015 cf-request-id 0967fe5688000005c41b0e9000000001 Last-Modified Fri, 04 Nov 2016 08:13:02 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bL1Fwep2%2BZGkvCBKDYJ8k%2FivISvTtaPGj%2FHDrJLwPrRStjWfQOwAZdjg6sMACvxCfbeaRWlboG88BDV%2F6%2FpJXPlVAuhPysO%2Fcr6RITxomLJEhdkGs3HTwRWfZubRikapI5MEebALYQ%3D%3D"}],"max_age":604800,"group":"cf-nel"} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 63ed00040acc05c4-FRA
GET H/1.1	200 OK	5cfd9308c50e4f8ae9.js Show response www.jacquelinekirstein.com/fresh/files/	55 KB 19 KB	28ms 21ms	Script application/javascript	2606:4700:3030::ac43:aa99 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.jacquelinekirstein.com/fresh/files/5cfd9308c50e4f8ae9.js Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/ Protocol HTTP/1.1 Server 2606:4700:3030::ac43:aa99 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `66931e0018716a290916fc0dd8c0b27f61bc9ebf7af61fd1c9ccd85f8334b72b` Request headers Referer http://www.jacquelinekirstein.com/fresh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"max_age":604800,"report_to":"cf-nel"} Age 1797 Transfer-Encoding chunked Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0967fe5671000005c4b4953000000001 Last-Modified Fri, 04 Nov 2016 08:13:38 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NTC8D7HiTLCsWb8B4ZZ3Pw%2FG%2FoqUQDFeKnqsDD5K2kjDd%2BsDz4XeEqWo1tFViqhk9sRK5%2BJfk%2BM%2BnmyTa%2BhLIJ0H%2Fmsl1sMAQS6OyvtHNMq%2FRlYm9nLiNCMgot%2FLkQGXieqYg%2Bl3NQ%3D%3D"}],"max_age":604800,"group":"cf-nel"} Content-Type application/javascript Cache-Control max-age=14400 CF-RAY 63ed0003ea8505c4-FRA
GET H/1.1	200 OK	lnkr5.js Show response www.jacquelinekirstein.com/fresh/files/	6 KB 3 KB	27ms 20ms	Script application/javascript	2606:4700:3030::ac43:aa99 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.jacquelinekirstein.com/fresh/files/lnkr5.js Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/ Protocol HTTP/1.1 Server 2606:4700:3030::ac43:aa99 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `03513176f7a21c4e8972d213100197b61a69b6ede43d41c7b5aa8bc4e8a41dd5` Request headers Referer http://www.jacquelinekirstein.com/fresh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"max_age":604800,"report_to":"cf-nel"} Age 1797 Transfer-Encoding chunked Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0967fe5671000005e422075000000001 Last-Modified Fri, 04 Nov 2016 08:13:22 GMT Server cloudflare Vary Accept-Encoding Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gGgs3Y9Juhun7ROUOT9iVUvmkrRjWplcTkHI5nkWoDWQPUkdMnMLjPY6Vu%2BbP8l%2B3FsiNSXCl55CKwa%2BYmWOq8wMyMbQs1vSEigvOqAT25INzqTUjLUi4ZuUY%2F%2BMf9ctVmowoY%2FZTQ%3D%3D"}],"max_age":604800} Content-Type application/javascript Cache-Control max-age=14400 CF-RAY 63ed0003ecbc05e4-FRA
GET H/1.1	200 OK	bac.jpg www.jacquelinekirstein.com/fresh/files/	32 KB 33 KB	12ms 12ms	Image image/jpeg	2606:4700:3030::ac43:aa99 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://www.jacquelinekirstein.com/fresh/files/bac.jpg Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/ Protocol HTTP/1.1 Server 2606:4700:3030::ac43:aa99 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3f2e29d6e4c9b6817cc4e3ffe11cfe3a65119002ec63cfffd84ae3b124727e93` Request headers Referer http://www.jacquelinekirstein.com/fresh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT CF-Cache-Status HIT NEL {"max_age":604800,"report_to":"cf-nel"} Age 1797 Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 33222 cf-request-id 0967fe5689000005e454801000000001 Last-Modified Fri, 04 Nov 2016 08:12:26 GMT Server cloudflare Vary Accept-Encoding Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Fpf5JvxgUtHqmpP9umtu2KW%2BgWxkbYe266jk27Cgv2HtAKI4CKaBvfK6O2MqNPUTLQ3ck7uJxJjiRWuWZ5qGx3Y0RNpnK%2FVny83K%2F0Mas16WH3ISKus2LdzaKL8EoywySrf2fMYqaw%3D%3D"}],"max_age":604800} Content-Type image/jpeg Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 63ed00040cfa05e4-FRA
GET H/1.1	404 Not Found	mm.jpg www.jacquelinekirstein.com/fresh/	315 B 315 B	248ms 247ms	Image text/html	2606:4700:3030::ac43:aa99 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://www.jacquelinekirstein.com/fresh/mm.jpg Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/ Protocol HTTP/1.1 Server 2606:4700:3030::ac43:aa99 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Referer http://www.jacquelinekirstein.com/fresh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT Content-Encoding gzip CF-Cache-Status EXPIRED NEL {"max_age":604800,"report_to":"cf-nel"} Server cloudflare Vary Accept-Encoding Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DywSfj73WSg2CP2Zmd3%2BzqAeGqBt0ZGS7KIfN%2F7uxY4BXz%2F1B0oL1dDElXNzbWdeCbz7nhfUg4fik17sawwVll%2FsHwphVMTD%2B9WNBKfA0EZItu1SyTIqp76by9LSlUpLymFeLCAavg%3D%3D"}],"max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 63ed00041808323c-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0967fe56900000323c6c3b7000000001
GET H/1.1	200 OK	/ lancheck.net/metric/	43 B 229 B	95ms 44ms	Image image/gif	5.149.255.154 HZ-EU-AS
General Check archive.org Show headers Download Go to Show image Full URL http://lancheck.net/metric/?mid=&wid=49499&sid=&tid=1487&rid=LAUNCHED&t=1618236227249 Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/ Protocol HTTP/1.1 Server 5.149.255.154 , Netherlands, ASN59711 (HZ-EU-AS, BG), Reverse DNS Software nginx / Resource Hash `cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda` Request headers Referer http://www.jacquelinekirstein.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	whoami Show response ww38.urlvalidation.com/ Redirect Chain http://urlvalidation.com/whoami?jsonp=func60148 http://ww38.urlvalidation.com/whoami?jsonp=func60148	0 0	694ms 526ms	Script text/html	13.248.148.254 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://ww38.urlvalidation.com/whoami?jsonp=func60148 Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/ Protocol HTTP/1.1 Server 13.248.148.254 , United States, ASN16509 (AMAZON-02, US), Reverse DNS aba1c1ff9d2ec5376.awsglobalaccelerator.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://www.jacquelinekirstein.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Redirect headers Location http://ww38.urlvalidation.com/whoami?jsonp=func60148 Date Mon, 12 Apr 2021 14:03:47 GMT Server Apache/2.4.25 (Debian) Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	get Show response lancheck.net/optout/	144 B 356 B	538ms 491ms	Script application/javascript	5.149.255.154 HZ-EU-AS
General Check archive.org Show headers Download Go to Full URL http://lancheck.net/optout/get?jsonp=__twb_cb_243301979&key=5cfd9308c50e4f8ae9&t=1618236227257 Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/files/5cfd9308c50e4f8ae9.js Protocol HTTP/1.1 Server 5.149.255.154 , Netherlands, ASN59711 (HZ-EU-AS, BG), Reverse DNS Software nginx / Resource Hash `66c97fa442aa2f6ebafdb0d50c1517cdd089b0ea68f167d0bc76181397bd19c6` Request headers Referer http://www.jacquelinekirstein.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type application/octet-stream, application/javascript
GET H/1.1	200 OK	/ lancheck.net/metric/	43 B 229 B	90ms 44ms	Image image/gif	5.149.255.154 HZ-EU-AS
General Check archive.org Show headers Download Go to Show image Full URL http://lancheck.net/metric/?mid=&wid=49499&sid=&tid=1487&rid=LOADED&custom1=www.jacquelinekirstein.com&t=1618236227256 Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/ Protocol HTTP/1.1 Server 5.149.255.154 , Netherlands, ASN59711 (HZ-EU-AS, BG), Reverse DNS Software nginx / Resource Hash `cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda` Request headers Referer http://www.jacquelinekirstein.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	/ lancheck.net/metric/	43 B 229 B	90ms 44ms	Image image/gif	5.149.255.154 HZ-EU-AS
General Check archive.org Show headers Download Go to Show image Full URL http://lancheck.net/metric/?mid=&wid=49499&sid=&tid=1487&rid=BEFORE_OPTOUT_REQ&t=1618236227256 Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/ Protocol HTTP/1.1 Server 5.149.255.154 , Netherlands, ASN59711 (HZ-EU-AS, BG), Reverse DNS Software nginx / Resource Hash `cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda` Request headers Referer http://www.jacquelinekirstein.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	/ lancheck.net/metric/	43 B 229 B	90ms 44ms	Image image/gif	5.149.255.154 HZ-EU-AS
General Check archive.org Show headers Download Go to Show image Full URL http://lancheck.net/metric/?mid=&wid=49499&sid=&tid=1487&rid=FINISHED&custom1=www.jacquelinekirstein.com&t=1618236227258 Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/ Protocol HTTP/1.1 Server 5.149.255.154 , Netherlands, ASN59711 (HZ-EU-AS, BG), Reverse DNS Software nginx / Resource Hash `cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda` Request headers Referer http://www.jacquelinekirstein.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	userid Show response lancheck.net/optout/set/	0 284 B	32ms 31ms	Script application/javascript	5.149.255.154 HZ-EU-AS
General Check archive.org Show headers Download Go to Full URL http://lancheck.net/optout/set/userid?jsonp=__twb_cb_961449513&key=5cfd9308c50e4f8ae9&cv=87&t=1618236227797 Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/files/5cfd9308c50e4f8ae9.js Protocol HTTP/1.1 Server 5.149.255.154 , Netherlands, ASN59711 (HZ-EU-AS, BG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://www.jacquelinekirstein.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT Server nginx Connection keep-alive Content-Length 0 Content-Type application/octet-stream, application/javascript
GET H/1.1	200 OK	strtm Show response lancheck.net/optout/set/	0 295 B	32ms 32ms	Script application/javascript	5.149.255.154 HZ-EU-AS
General Check archive.org Show headers Download Go to Full URL http://lancheck.net/optout/set/strtm?jsonp=__twb_cb_898652052&key=5cfd9308c50e4f8ae9&cv=1618236227&t=1618236227797 Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/files/5cfd9308c50e4f8ae9.js Protocol HTTP/1.1 Server 5.149.255.154 , Netherlands, ASN59711 (HZ-EU-AS, BG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://www.jacquelinekirstein.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT Server nginx Connection keep-alive Content-Length 0 Content-Type application/octet-stream, application/javascript
GET H/1.1	404 Not Found	lnkr5.min.js lancheck.net/addons/	0 0	254ms 253ms	Script text/html	5.149.255.154 HZ-EU-AS
General Check archive.org Show headers Download Go to Full URL http://lancheck.net/addons/lnkr5.min.js Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/files/5cfd9308c50e4f8ae9.js Protocol HTTP/1.1 Server 5.149.255.154 , Netherlands, ASN59711 (HZ-EU-AS, BG), Reverse DNS Software / Resource Hash Request headers Referer http://www.jacquelinekirstein.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	200 OK	www.jacquelinekirstein.com Show response rules.similardeals.net/v1.0/whitelist/1108/49499x1487x/	4 KB 5 KB	285ms 247ms	Script application/javascript	45.77.192.33 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL http://rules.similardeals.net/v1.0/whitelist/1108/49499x1487x/www.jacquelinekirstein.com?partnerName=S3.Google%20Translator%20extension&partnerLink=http%3A%2F%2Fthisadsfor.us%2Foptout%3Ft%3D1487%26u%3D49499%26block%3D02d38 Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/files/5cfd9308c50e4f8ae9.js Protocol HTTP/1.1 Server 45.77.192.33 Miami, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 45.77.192.33.vultr.com Software nginx/1.14.0 (Ubuntu) / Express Resource Hash `fd3a9efc656d8212f0011c21c56ce8054981a59444e597e5843d86485e2a6cc7` Request headers Referer http://www.jacquelinekirstein.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:48 GMT Server nginx/1.14.0 (Ubuntu) X-Powered-By Express ETag W/"1160-tXQdKsYAxhqgALpLpvnUDbzizgU" Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-store, no-cache Connection keep-alive Content-Length 4448
GET H/1.1	200 OK	/ lancheck.net/metric/	43 B 229 B	32ms 32ms	Image image/gif	5.149.255.154 HZ-EU-AS
General Check archive.org Show headers Download Go to Show image Full URL http://lancheck.net/metric/?mid=&wid=49499&sid=&tid=1487&rid=OPTOUT_RESPONSE_OK&t=1618236227797 Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/ Protocol HTTP/1.1 Server 5.149.255.154 , Netherlands, ASN59711 (HZ-EU-AS, BG), Reverse DNS Software nginx / Resource Hash `cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda` Request headers Referer http://www.jacquelinekirstein.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	/ lancheck.net/metric/	43 B 229 B	32ms 31ms	Image image/gif	5.149.255.154 HZ-EU-AS
General Check archive.org Show headers Download Go to Show image Full URL http://lancheck.net/metric/?mid=cd1d2&wid=49499&sid=&tid=1487&rid=MNTZ_INJECT&t=1618236227798 Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/ Protocol HTTP/1.1 Server 5.149.255.154 , Netherlands, ASN59711 (HZ-EU-AS, BG), Reverse DNS Software nginx / Resource Hash `cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda` Request headers Referer http://www.jacquelinekirstein.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	/ lancheck.net/metric/	43 B 229 B	59ms 41ms	Image image/gif	5.149.255.154 HZ-EU-AS
General Check archive.org Show headers Download Go to Show image Full URL http://lancheck.net/metric/?mid=02d38&wid=49499&sid=&tid=1487&rid=MNTZ_INJECT&t=1618236227798 Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/ Protocol HTTP/1.1 Server 5.149.255.154 , Netherlands, ASN59711 (HZ-EU-AS, BG), Reverse DNS Software nginx / Resource Hash `cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda` Request headers Referer http://www.jacquelinekirstein.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:47 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
POST H/1.1	200 OK	gstats Show response rules.similardeals.net/f/	0 287 B	247ms 229ms	XHR application/javascript	45.77.192.33 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL http://rules.similardeals.net/f/gstats Requested by Host: rules.similardeals.net URL: http://rules.similardeals.net/v1.0/whitelist/1108/49499x1487x/www.jacquelinekirstein.com?partnerName=S3.Google%20Translator%20extension&partnerLink=http%3A%2F%2Fthisadsfor.us%2Foptout%3Ft%3D1487%26u%3D49499%26block%3D02d38 Protocol HTTP/1.1 Server 45.77.192.33 Miami, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 45.77.192.33.vultr.com Software nginx/1.14.0 (Ubuntu) / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://www.jacquelinekirstein.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers Date Mon, 12 Apr 2021 14:03:48 GMT Server nginx/1.14.0 (Ubuntu) X-Powered-By Express Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control no-store, no-cache Connection keep-alive
GET H/1.1	200 OK	/ lancheck.net/metric/	43 B 229 B	30ms 30ms	Image image/gif	5.149.255.154 HZ-EU-AS
General Check archive.org Show headers Download Go to Show image Full URL http://lancheck.net/metric/?mid=02d38&wid=49499&sid=&tid=1487&rid=MNTZ_LOADED&t=1618236228086 Requested by Host: www.jacquelinekirstein.com URL: http://www.jacquelinekirstein.com/fresh/ Protocol HTTP/1.1 Server 5.149.255.154 , Netherlands, ASN59711 (HZ-EU-AS, BG), Reverse DNS Software nginx / Resource Hash `cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda` Request headers Referer http://www.jacquelinekirstein.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 12 Apr 2021 14:03:48 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer) Office 365 (Online)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.jacquelinekirstein.com/	1970-01-19 18:13:48	Name: __cfduid Value: d2f19ff4e31d8882cfc60dcf40348b8aa1618236226

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

lancheck.net
rules.similardeals.net
urlvalidation.com
ww38.urlvalidation.com
www.jacquelinekirstein.com
103.224.212.220
13.248.148.254
2606:4700:3030::ac43:aa99
45.77.192.33
5.149.255.154
03513176f7a21c4e8972d213100197b61a69b6ede43d41c7b5aa8bc4e8a41dd5
35a932a9200775e7c0c87f89c1a6abd42c2c2d15731f6be0fc9a6574fe8d0b46
3f2e29d6e4c9b6817cc4e3ffe11cfe3a65119002ec63cfffd84ae3b124727e93
4068f2441ef1e7b31cf1b2f3136f35587b019b03e7e654c7dd0f830296eee8c7
50c7ff69872c51c23a5a9a56e8d3605822f954bc91905a0c4e1e6679bf160cb4
66931e0018716a290916fc0dd8c0b27f61bc9ebf7af61fd1c9ccd85f8334b72b
66c97fa442aa2f6ebafdb0d50c1517cdd089b0ea68f167d0bc76181397bd19c6
a36df4f899c392d281bc99d6d2b9052d978e64b3353b97e73f4e602584a0d7a3
bef4a86a0b251bdd22f59e356f0a5732985dd02e964a3a4a7dc6fafb91e4b8f3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d8747ec2f7f2781e5544af558f8a56bd18bbe9f50579d7efba243d109d66f31c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fcacbe9443312a9ae8d582068921b00a14781c675024452286f2a14b0373b12d
fd3a9efc656d8212f0011c21c56ce8054981a59444e597e5843d86485e2a6cc7

www.jacquelinekirstein.com Open in urlscan Pro 2606:4700:3030::ac43:aa99 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

0 %HTTPS

20 %IPv6

4 Domains

5 Subdomains

4 IPs

3 Countries

158 kBTransfer

190 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

www.jacquelinekirstein.com Open in urlscan Pro
2606:4700:3030::ac43:aa99 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

0 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

158 kB
Transfer

190 kB
Size

1
Cookies

27 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!