Report - myworkspacee7a91.myclickfunnels.com/aliensor/

Report Overview

Visited public
2024-07-12 23:23:03
Tags
URL
myworkspacee7a91.myclickfunnels.com/aliensor/
Finishing URL
reaktivet-sieb.com/aktivizaciju
IP / ASN
104.18.39.181
#13335 CLOUDFLARENET
Title
SEΒ internetbankas atkārtota aktivizēšana

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
firestore.googleapis.com	1961	2005-01-25	2017-10-10 16:33:50	2024-07-11 18:14:22	2.1 kB	1.6 kB	142.250.74.10
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-11 18:12:19	2.3 kB	6.2 kB	23.36.77.32
reaktivet-sieb.com	unknown	unknown	No data	No data	7.1 kB	2.3 MB	188.114.97.1
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20 07:02:03	2024-07-11 18:44:16	2.7 kB	65 kB	104.17.3.184
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-07-11 18:16:52	2.6 kB	5.6 kB	142.250.74.131
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-07-12 02:53:42	3.7 kB	85 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-07-11	medium	reaktivet-sieb.com/	Generic/Spear Phishing
2024-07-11	medium	reaktivet-sieb.com/	Generic/Spear Phishing
2024-07-11	medium	reaktivet-sieb.com/	Generic/Spear Phishing
2024-07-11	medium	reaktivet-sieb.com/	Generic/Spear Phishing
2024-07-11	medium	reaktivet-sieb.com/	Generic/Spear Phishing
2024-07-11	medium	reaktivet-sieb.com/	Generic/Spear Phishing
2024-07-11	medium	reaktivet-sieb.com/	Generic/Spear Phishing
2024-07-11	medium	reaktivet-sieb.com/	Generic/Spear Phishing
2024-07-11	medium	reaktivet-sieb.com/	Generic/Spear Phishing
2024-07-11	medium	reaktivet-sieb.com/	Generic/Spear Phishing
2024-07-11	medium	reaktivet-sieb.com/	Generic/Spear Phishing
2024-07-11	medium	reaktivet-sieb.com/	Generic/Spear Phishing
2024-07-11	medium	reaktivet-sieb.com/	Generic/Spear Phishing

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (20)

	URL	From	Size	First Seen	Last Seen
	reaktivet-sieb.com/chunk-HLHYB3YI.js	ImportedModule	157 kB	2024-07-06	2024-08-19
Pretty URL reaktivet-sieb.com/chunk-HLHYB3YI.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-07-06 18:13 Last Seen2024-08-19 17:49 Times Seen2 Hash 5d9ba40db3899cef2de7d117047076b9 3300b9e1b4d3f068fa36e6877a82d48599913f6a 2346808e4f6853ea2277af93db424f37eec295bdef66484bc886bc77f1cf4181 Loading...

	unknown	EventHandler	16 B	2023-04-10	2025-05-12
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:57 Last Seen2025-05-12 03:49 Times Seen56749 Hash 7c3c3ddeb80438dcbb3d081d2d00e152 5a4016732ee72ec77b4f6ab17047bcea6d2ea34d 321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187 Loading...

	unknown	Function	79 B	2023-04-11	2025-05-12
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-05-12 03:52 Times Seen112494 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	reaktivet-sieb.com/	ScriptElement	1.6 kB	2024-07-06	2024-08-19
Pretty URL reaktivet-sieb.com/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-07-06 18:13 Last Seen2024-08-19 17:49 Times Seen2 Hash 8406f75f55ac135b1c97cccd41a7dc01 824eea89005f76828e38a5d18d5012b8139c1b41 57f30152818607c4133fba0ad93c4821fd29a8eb2bf76172f6ae7e08f4d7c2df Loading...

	unknown	Function	37 B	2023-04-11	2025-05-12
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-05-12 03:52 Times Seen263764 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	reaktivet-sieb.com/polyfills-S3BTP7ME.js	ScriptElement	34 kB	2024-05-06	2025-05-10
Pretty URL reaktivet-sieb.com/polyfills-S3BTP7ME.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-06 19:06 Last Seen2025-05-10 17:51 Times Seen14 Hash 7b58c022cb4bbc4f67584096e5688e78 893d641030c187f109c667de1b0a73a03095fa3b bf5a16d2a808a2d9e45b3bfa71b5df6832df1701ed5fcfff301144e3fd3a94b4 Loading...

	reaktivet-sieb.com/main-DMTDAEOC.js	ScriptElement	1.4 MB	2024-08-19	2024-08-19
Pretty URL reaktivet-sieb.com/main-DMTDAEOC.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:06 Last Seen2024-08-19 17:06 Times Seen1 Hash 77586e56164919ebeee821d4bb4803ef 3158782185ff679fc7f43214efd533f4ae12305e 203c9cfeb3d92553ee15a853f0690c285b5b4af0337b8a46f9a82888ac0843a0 Loading...

		Size	First Seen	Last Seen
	#1 Eval - ca920bfb5a0921807fbf5e16891adc2f	28 B	2024-08-19 17:06	2024-08-19 17:06
Pretty Observations First Seen2024-08-19 17:06 Last Seen2024-08-19 17:06 Times Seen1 Hash ca920bfb5a0921807fbf5e16891adc2f 62b3ff772dee938d9100ad7fa21224932497a999 11bbbfb8da2d71754b0537da6753136aeca568bf745c9f3e88c0faa8e6385804 Loading...

	#2 Eval - 8a99078f67177c7b15a80b2d64762473	28 B	2024-08-19 17:06	2024-08-19 17:06
Pretty Observations First Seen2024-08-19 17:06 Last Seen2024-08-19 17:06 Times Seen1 Hash 8a99078f67177c7b15a80b2d64762473 1b854753f6df01c986cf26e946b9bba0d228616c 7286a88e8f81304d9e506a4932de28f8ae4d2c4eac64afe70b650b3f2f680269 Loading...

	#3 Eval - b98e907139cd8701e26d344f14561ce2	28 B	2024-08-19 17:06	2024-08-19 17:06
Pretty Observations First Seen2024-08-19 17:06 Last Seen2024-08-19 17:06 Times Seen1 Hash b98e907139cd8701e26d344f14561ce2 dc3b9937b9289469b39463bc2ad30e543e32a5a2 3c2dc9f1cabd3947938aeecc19014f6526933bb80008d76384fddf9e352b43d4 Loading...

	#4 Eval - cbe68a44eee376fadb3e720d18a522ba	28 B	2024-08-19 17:06	2024-08-19 17:06
Pretty Observations First Seen2024-08-19 17:06 Last Seen2024-08-19 17:06 Times Seen1 Hash cbe68a44eee376fadb3e720d18a522ba 217e5a589e683166faa58be624a79cbe86002e08 71f40d2cca831c82aeaddc03e42758e4287b8d9f23da3df11d8a793ea26423bf Loading...

	#5 Eval - 084ba2387c68c97f0d9e5fd76734c910	28 B	2024-08-19 17:06	2024-08-19 17:06
Pretty Observations First Seen2024-08-19 17:06 Last Seen2024-08-19 17:06 Times Seen1 Hash 084ba2387c68c97f0d9e5fd76734c910 52544553bfa15afc4466201aebb12903623f036e 889eac479918a1a26a0af5c2181f9582022f2b17e2e4540924a7d7c4a4b9796f Loading...

	#6 Eval - 25b71ef699f12598d2ad957036c4d385	28 B	2024-08-19 17:06	2024-08-19 17:06
Pretty Observations First Seen2024-08-19 17:06 Last Seen2024-08-19 17:06 Times Seen1 Hash 25b71ef699f12598d2ad957036c4d385 95af3d2d43ae487e524f71d66f47300e7ea837bc 43802fe4a6718c9f399554938a5d328e72e140b20f008fc0cc9cddc544ac5364 Loading...

	#7 Eval - 2732ac7fdf46aec802c010c4b6881cba	60 B	2024-07-11 14:44	2024-08-19 17:16
Pretty Observations First Seen2024-07-11 14:44 Last Seen2024-08-19 17:16 Times Seen622 Hash 2732ac7fdf46aec802c010c4b6881cba a1b410f575073881bfca753289ab101ae357748c d236a5f79d97c5bf87be65e79ef68295385c551bbac5c69a6362c850289eeb73 Loading...

	#8 Eval - 5ee978ef2d3e638f93afeeade0694275	28 B	2024-08-19 17:06	2024-08-19 17:06
Pretty Observations First Seen2024-08-19 17:06 Last Seen2024-08-19 17:06 Times Seen1 Hash 5ee978ef2d3e638f93afeeade0694275 07d510f944a23428fadd57d2cae214dc99aa4a7f f8cd52dbc7073aa69a602c2d0393d2a15ec8f398693856b7fcbb82de0d54a2d4 Loading...

	#9 Eval - 044a3a90dc0509fb7f9a268d4bd19d8d	28 B	2024-08-19 17:06	2024-08-19 17:06
Pretty Observations First Seen2024-08-19 17:06 Last Seen2024-08-19 17:06 Times Seen1 Hash 044a3a90dc0509fb7f9a268d4bd19d8d 0a5a0e03daf2230bd48bf5ecb9432f041b49532d 541ea93b139fb6feb5ea367588417dbd068d1c4880bce16e79f710f4c22bad0c Loading...

	#10 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07 01:03	2025-05-12 03:25
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-05-12 03:25 Times Seen369146 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#11 Eval - c40589b7ea6026ab4b8e87515693496b	28 B	2024-08-19 17:06	2024-08-19 17:06
Pretty Observations First Seen2024-08-19 17:06 Last Seen2024-08-19 17:06 Times Seen1 Hash c40589b7ea6026ab4b8e87515693496b cd66302c3366962c8c8b9a338c53dc879882760f c820a859b3b689304be21fede57a944f83dcd8e20c7e900945de68956a459270 Loading...

	#12 Eval - 0cfece492dddd390c1b3dce8c4a7a1f9	28 B	2024-08-19 17:06	2024-08-19 17:06
Pretty Observations First Seen2024-08-19 17:06 Last Seen2024-08-19 17:06 Times Seen1 Hash 0cfece492dddd390c1b3dce8c4a7a1f9 9bd8120bba1728dd7e8b79f1d9956539011eba16 6b9dbc27b403b0bd97b1c044d4be5b74c1de40aaae9bc1060c71d9073dd9b007 Loading...

	#13 Eval - 459ef94264895cc13b90b505d244883f	28 B	2024-08-19 17:06	2024-08-19 17:06
Pretty Observations First Seen2024-08-19 17:06 Last Seen2024-08-19 17:06 Times Seen1 Hash 459ef94264895cc13b90b505d244883f ec701719f34676a61d226329abcd4e4d22092c2f 306d61fa56489c74b9fe64b63079abafa98f0b09e684ea3d752de514e2fa251e Loading...

HTTP Transactions (42)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
ee5b6dc3e7ab972df60b36582e3eaaf4
2a5185acc539fcddac9c33895ec74faf552b62dd
be84262bbb3f3aabae368745bc3e85b816e372b16bc37327a1887d3a19992df6

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "BE84262BBB3F3AABAE368745BC3E85B816E372B16BC37327A1887D3A19992DF6"
Last-Modified: Wed, 10 Jul 2024 13:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19156
Expires: Sat, 13 Jul 2024 04:41:52 GMT
Date: Fri, 12 Jul 2024 23:22:36 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
99ca9ac48d9c7dc638699b14599a47cc
3e19f65886cf5ced393284e0fe31bf830288078d
c52eade9addaf5b96532275714d3fa8c91a4e5f7b1287a3d17e8c2e9492f059a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C52EADE9ADDAF5B96532275714D3FA8C91A4E5F7B1287A3D17E8C2E9492F059A"
Last-Modified: Fri, 12 Jul 2024 03:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2176
Expires: Fri, 12 Jul 2024 23:58:52 GMT
Date: Fri, 12 Jul 2024 23:22:36 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
4a4d81b1c193182fe2b1122877e94203
fd1f4427cb5867a8f63ae15825279827bbf768e6
4cd1772d378248e886ee96f55d956ff0856ba3f2eae9f15a10136e68f450ca70

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4CD1772D378248E886EE96F55D956FF0856BA3F2EAE9F15A10136E68F450CA70"
Last-Modified: Fri, 12 Jul 2024 11:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2320
Expires: Sat, 13 Jul 2024 00:01:16 GMT
Date: Fri, 12 Jul 2024 23:22:36 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
22ed1a54c5ec2cea89d074f91aa80a7a
992ac767733a3719e57c17ecd13f60faf590e0e1
85faedcb4c0cb0c34f3cd9424cd34550b97195ccf2307aa2a108cf8643415086

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "85FAEDCB4C0CB0C34F3CD9424CD34550B97195CCF2307AA2A108CF8643415086"
Last-Modified: Fri, 12 Jul 2024 04:18:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2342
Expires: Sat, 13 Jul 2024 00:01:38 GMT
Date: Fri, 12 Jul 2024 23:22:36 GMT
Connection: keep-alive

reaktivet-sieb.com/

188.114.97.1

200 OK

5.6 kB

URL User Request GET HTTP/3
reaktivet-sieb.com/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectreaktivet-sieb.com
Fingerprint8D:C7:DC:48:AD:25:91:7F:FC:D8:D3:36:1E:7D:64:41:87:1D:1B:5D
ValidityFri, 05 Jul 2024 22:58:41 GMT - Thu, 03 Oct 2024 22:58:40 GMT

File type
HTML document, ASCII text, with very long lines (13912), with no line terminators
Size
5.6 kB (5603 bytes)
Hash
e495980506c87e1324d3b865999ca9ac
8c11b91057471d534877f7d61cd7fff49b242e1c
15a57b2a1d0758db420f5b22d301de147ed3032b48909991ae4a06f29bb77378

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET / HTTP/1.1
Host: reaktivet-sieb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 12 Jul 2024 23:22:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Content-Options: nosniff
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 9aLaxAOyGnuiVmou7c/iepjlBmaJ4XOxZ24nIGd1mYEdlgA4cO93QFVsch3WR8RB3HMmIXt/LRr75RH+xtfEC0jzPCoBSmk3hNlG29Slg4vTh5+i7HOKlgP2yXXCPxaAaDe7qmOCXysdj4iYdGor7A==$zN1B8Pk+EnYWGPzHit8k5Q==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ODqHP0t9MNza8JyynDknzJrw1PtvM%2F6jtZnpc1ww8u08u53Ci5LhYmkQGTXNPSInQ%2Bc%2BswXkkYzOWR9oAX69dGXiT1FehiFEe9Yh7QmBBpM7ubvc0HJWw0JRp%2Bk%2FzNI%2BhoRbQi0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8a24c6c45fd0b50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

reaktivet-sieb.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8a24c6c45fd0b50f

188.114.97.1

37 kB

URL
reaktivet-sieb.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8a24c6c45fd0b50f
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectreaktivet-sieb.com
Fingerprint8D:C7:DC:48:AD:25:91:7F:FC:D8:D3:36:1E:7D:64:41:87:1D:1B:5D
ValidityFri, 05 Jul 2024 22:58:41 GMT - Thu, 03 Oct 2024 22:58:40 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
37 kB (36613 bytes)
Hash
94a2fa9dd299674fcbad69239339f234
1d559369905a717f22d07ae3a12e5284db3f793a
c2ad24183c67632a5d7617634edb6ab5ad436873bcff7c966ee467720c5d6712

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8a24c6c45fd0b50f HTTP/1.1
Host: reaktivet-sieb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://reaktivet-sieb.com/?__cf_chl_rt_tk=dvhMglf1plfbicv4EvesHbKngkn9e82mik6i43r1d7g-1720826558-0.0.1.1-2025
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 12 Jul 2024 23:22:38 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GNsqLGlIDsay6hP3F%2FyFkCvjPCREGeIdvEmvwy%2BDAKL3M6n8mY%2B2ZvkzN1qbuTxm72ENYnjokMKsybAyuin6woLk%2BK1%2BMLGiem6pN9%2BKpJxURMaJygi9iE9mUIMCNXrSzj9yy6Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8a24c6c52b6d568f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

reaktivet-sieb.com/favicon.ico

188.114.97.1

5.7 kB

URL
reaktivet-sieb.com/favicon.ico
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectreaktivet-sieb.com
Fingerprint8D:C7:DC:48:AD:25:91:7F:FC:D8:D3:36:1E:7D:64:41:87:1D:1B:5D
ValidityFri, 05 Jul 2024 22:58:41 GMT - Thu, 03 Oct 2024 22:58:40 GMT

File type
HTML document, ASCII text, with very long lines (14068), with no line terminators
Size
5.7 kB (5709 bytes)
Hash
16d8f15849edff5958a00f91a2ded517
a1a144e8955cbb73d5bf1f6cffd79876929cb718
a0d9bcfb677474af8138a64f436734a1318a2bd1ec6c12583ca67e3b0e6f657f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: reaktivet-sieb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://reaktivet-sieb.com/?__cf_chl_rt_tk=dvhMglf1plfbicv4EvesHbKngkn9e82mik6i43r1d7g-1720826558-0.0.1.1-2025
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 12 Jul 2024 23:22:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Content-Options: nosniff
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 07L7zy3PpO/GmsuU8fgT/QmvmmtTrulsJeqQCBU0AuEkxnl+o8JITJlXvIZjc1TN+8ylpY3QF3IX+JWZDX5KlQvX6cxacv1QOIffm4w6OmsUjJcGy4M8pzHP6BqvUBT2e8hNuli3YKMIBoZA/FhzBQ==$Q7VklvY/TNUxG7Af1X3B6Q==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j3p3NHkQbwo7DmbDMLCJroH3vshW4t6uTj0IMJa1HzcK4N4M%2FGZRkWFHKt2fQ2Xr2N5t6eanNs65XnvJlDG8meSDnOPtVOCxkPyFc0G1808mGf1gDdbN%2BhM4db6uVBZ1EnmF70M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8a24c6c55b86568f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

reaktivet-sieb.com/favicon.ico

188.114.97.1

5.6 kB

URL
reaktivet-sieb.com/favicon.ico
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectreaktivet-sieb.com
Fingerprint8D:C7:DC:48:AD:25:91:7F:FC:D8:D3:36:1E:7D:64:41:87:1D:1B:5D
ValidityFri, 05 Jul 2024 22:58:41 GMT - Thu, 03 Oct 2024 22:58:40 GMT

File type
HTML document, ASCII text, with very long lines (13983), with no line terminators
Size
5.6 kB (5643 bytes)
Hash
eb2763921cef2c6d15da6dc0e6119e70
a99bef5b8970621fedd9e09e55b45e6f8f89e048
6ccf30fb9e2c54843df9764160895aa784c79d7e4eedbece2463aabe5934fad9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: reaktivet-sieb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://reaktivet-sieb.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 12 Jul 2024 23:22:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Content-Options: nosniff
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 3P/mjMaWq1jgKxT+MVvp4pLtrp2E1NR/A2qmCjzfHVZcj/smWt79ceN9PZXcF9mUfeHxwzZagER6VsMg1Ti4NiJ2bzFU5G+WeLWfisLAL86KXBMzJitdkP/bY481ekcMQFBborHaRf1iPPGdpFRZFw==$h3RJixUn/XmoltTodaxGew==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IbNJ9whInvEUj6X%2FNfjk4qfPdSjvsBNNUbONhp16gSWTeFQetK%2BROsC1Uj8yRnEm2iNiiVB8mRfjKiPPJQ592JKgDQDsSQFfxZYrt8f5YdUYeU2RJGhAaeiz9C%2FquVVF1ZmIr5s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8a24c6c5bd305695-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

reaktivet-sieb.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1498545685:1720822175:Hr8NedkAhYHbABo1jVrWgPEHaRDtHQ1Gbes6G99gbs4/8a24c6c45fd0b50f/25c0d714b672edf

188.114.97.1

12 kB

URL
reaktivet-sieb.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1498545685:1720822175:Hr8NedkAhYHbABo1jVrWgPEHaRDtHQ1Gbes6G99gbs4/8a24c6c45fd0b50f/25c0d714b672edf
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectreaktivet-sieb.com
Fingerprint8D:C7:DC:48:AD:25:91:7F:FC:D8:D3:36:1E:7D:64:41:87:1D:1B:5D
ValidityFri, 05 Jul 2024 22:58:41 GMT - Thu, 03 Oct 2024 22:58:40 GMT

File type
ASCII text, with very long lines (16056), with no line terminators
Size
12 kB (12141 bytes)
Hash
00cd424b3a1184f0e8958e659845a889
fb988d587ee4af9d136004b9912694aa08a0108b
24600683d4da47304f88883e79ecda8abdc8e259f52f38504fb2e26110b46c9c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1498545685:1720822175:Hr8NedkAhYHbABo1jVrWgPEHaRDtHQ1Gbes6G99gbs4/8a24c6c45fd0b50f/25c0d714b672edf HTTP/1.1
Host: reaktivet-sieb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://reaktivet-sieb.com/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 25c0d714b672edf
Content-Length: 1709
Origin: http://reaktivet-sieb.com
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 12 Jul 2024 23:22:38 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: kg8DaKEoH/Ll4Rb+0TBUR05vuYGAHUdu5L7JulMiYALO+PlG9lsdVTrN2jC67/3H9I3YPcjc7Q==$EDgq3KQ/Zn/Q1oLR
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mAGkVpdxlK5vOShLgHINHiMaEDmyW9WzLGrSVcBtrEByhQur0WomiHwpb0Zs%2FYEpaq9WQyWD%2FZUSLZRBlVI6plpTJGPfQFJBxR5zPPgP4GcBL47idKdTPtJJJU%2Fg1dZizjB%2FNz4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8a24c6c688775688-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/0kts8/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/

104.17.3.184

15 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/0kts8/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (41971)
Size
15 kB (15374 bytes)
Hash
c12ce0abf3272656ede1db6fd90b9f54
89f8deb145bcfda0b758d69e4e84f88533f33cfe
fd2ac7451b870a7e3ad73589f7a464f5c9a625b29f26803db341c52e33bf087a

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/0kts8/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 12 Jul 2024 23:22:38 GMT
content-type: text/html; charset=UTF-8
document-policy: js-profiling
origin-agent-cluster: ?1
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
cross-origin-opener-policy: same-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 8a24c6c78c9d568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8a24c6c78c9d568f&lang=auto

104.17.3.184

44 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8a24c6c78c9d568f&lang=auto
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
44 kB (44076 bytes)
Hash
b733ab8ac9a90e65633a60d76f01750e
39619a4dbea90bc94f02e53f27d9b9c25214bad0
dd36ad7e0526bfdc4f7b06642824f02ac98cf4c17a9ac81e67b782736bbfd604

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8a24c6c78c9d568f&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/0kts8/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 12 Jul 2024 23:22:38 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 8a24c6c85cf6568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
50e4489707989517510128817aedd2ea
36a54d7b34a9ac621715b569e5a870f62671c574
3e28ea2cede92dae0f7bfcd98eaf9bd016ab8ecc4ea81b7e8f7b90ba4e20aa40

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3E28EA2CEDE92DAE0F7BFCD98EAF9BD016AB8ECC4EA81B7E8F7B90BA4E20AA40"
Last-Modified: Wed, 10 Jul 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3663
Expires: Sat, 13 Jul 2024 00:23:41 GMT
Date: Fri, 12 Jul 2024 23:22:38 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
50e4489707989517510128817aedd2ea
36a54d7b34a9ac621715b569e5a870f62671c574
3e28ea2cede92dae0f7bfcd98eaf9bd016ab8ecc4ea81b7e8f7b90ba4e20aa40

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3E28EA2CEDE92DAE0F7BFCD98EAF9BD016AB8ECC4EA81B7E8F7B90BA4E20AA40"
Last-Modified: Wed, 10 Jul 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3663
Expires: Sat, 13 Jul 2024 00:23:41 GMT
Date: Fri, 12 Jul 2024 23:22:38 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
50e4489707989517510128817aedd2ea
36a54d7b34a9ac621715b569e5a870f62671c574
3e28ea2cede92dae0f7bfcd98eaf9bd016ab8ecc4ea81b7e8f7b90ba4e20aa40

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3E28EA2CEDE92DAE0F7BFCD98EAF9BD016AB8ECC4EA81B7E8F7B90BA4E20AA40"
Last-Modified: Wed, 10 Jul 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3663
Expires: Sat, 13 Jul 2024 00:23:41 GMT
Date: Fri, 12 Jul 2024 23:22:38 GMT
Connection: keep-alive

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8a24c6c78c9d568f/1720826559037/Hx_SveJXJiCGGg2

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8a24c6c78c9d568f/1720826559037/Hx_SveJXJiCGGg2
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 93 x 100, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
250d308f6a157cb9edb93bd051fd9cdd
fad40d4fa645ecc3e099d13300baa216a80be3dd
6d2391cd0697fabd13dd8df91f75cc0554f22417c6e884db1a53ad75b73a97b2

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/8a24c6c78c9d568f/1720826559037/Hx_SveJXJiCGGg2 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/0kts8/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 12 Jul 2024 23:22:42 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8a24c6dc7e4f568f-OSL
alt-svc: h3=":443"; ma=86400

reaktivet-sieb.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1498545685:1720822175:Hr8NedkAhYHbABo1jVrWgPEHaRDtHQ1Gbes6G99gbs4/8a24c6c45fd0b50f/25c0d714b672edf

188.114.97.1

3.1 kB

URL
reaktivet-sieb.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1498545685:1720822175:Hr8NedkAhYHbABo1jVrWgPEHaRDtHQ1Gbes6G99gbs4/8a24c6c45fd0b50f/25c0d714b672edf
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectreaktivet-sieb.com
Fingerprint8D:C7:DC:48:AD:25:91:7F:FC:D8:D3:36:1E:7D:64:41:87:1D:1B:5D
ValidityFri, 05 Jul 2024 22:58:41 GMT - Thu, 03 Oct 2024 22:58:40 GMT

File type
ASCII text, with very long lines (3996), with no line terminators
Size
3.1 kB (3051 bytes)
Hash
42746dd512fa9736bf7f9d27c0703516
277211ed555393cca592bf064b77dce8381203e1
37559e2509a78cdaf44d5636e472d829965e87ab0fcf40bd23b3e8e068e024f7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1498545685:1720822175:Hr8NedkAhYHbABo1jVrWgPEHaRDtHQ1Gbes6G99gbs4/8a24c6c45fd0b50f/25c0d714b672edf HTTP/1.1
Host: reaktivet-sieb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://reaktivet-sieb.com/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 25c0d714b672edf
Content-Length: 3172
Origin: http://reaktivet-sieb.com
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 12 Jul 2024 23:22:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: pSvAo/v2VmH9ZyGDDreTYsrOyDlCJiLm6l+7oWHXg48X2G1LslnyRTATnWTqm855CGB8CYFFYA/+vjOt18cHsy6QLJDMYl23YZ32SlWsHcZcZKdBC4ujlioCm99fpAjQMIDV6I+BcRo=$8TqMdfLs/SBA6bKd
cf-chl-out-s: CjuKoglUfKIbzC2k0/zLvfIKrHfseifrnblgUL/S0Y5p5y8W3vOFe5DnLM2UPzX9xVP+Pn6txdaz9s9hnEb+tuNwSrr1pBM8GH44By/Z4kmgUvRyTYIRHCUJf6N/c7ahDPgBB8hnDVBKIZZW4E/n8baX5h965BAluzJZGAJhmKlO9M3YCG4GQ3c=$4mDiNOkqURL2BAbJ
set-cookie: cf_chl_rc_ni=;Expires=Thu, 11 Jul 2024 23:22:42 GMT;SameSite=Strict
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2VlyU9xUGEobHbMq7TzJ0yYD3or13uFRgG4P%2FxlNmZmiLmSahMKy8%2BcJU2703jE7IGARCVfaPJc%2FXvHF9xye%2BTxjrVz5kLPISlNZgbkfCF7IgoLByZDBPuPAZGZi351bnk2zcuo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8a24c6dee89f5688-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1944308896:1720822380:6SBu6U_Fbjql73C8XndcRkSFnkCs7kCkcG6-SYdzg8k/8a24c6c78c9d568f/ae2655055683851

104.17.3.184

2.9 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1944308896:1720822380:6SBu6U_Fbjql73C8XndcRkSFnkCs7kCkcG6-SYdzg8k/8a24c6c78c9d568f/ae2655055683851
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3564), with no line terminators
Size
2.9 kB (2870 bytes)
Hash
e544963c0842f4d5c0b53a9a42f69544
d3ecf10570bec0d93bc98f177391d445c9594455
70b85079f7b14bdcecd9805d064e5014576a3c4f149c9e5367b930cb39f169e7

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1944308896:1720822380:6SBu6U_Fbjql73C8XndcRkSFnkCs7kCkcG6-SYdzg8k/8a24c6c78c9d568f/ae2655055683851 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/0kts8/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Content-type: application/x-www-form-urlencoded
CF-Challenge: ae2655055683851
Content-Length: 27451
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 12 Jul 2024 23:22:42 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: M1osWDHtdaWEMii8jvVR3YDkm9Kq2jYBI0xWuYlckHUiDGnMmA2vfZlCU4djm8b8II4Qy/V++fac1QyxDQ4miiQRi5fIbLqGNUpcdOhGg0gExtl3h3YcXyI9+DeSzUfYp8JM29BocvwKyuA=$VYZKBMG673ra/JpF
cf-chl-out-s: YDTICDm40SQDXPrC/6rStLNYOcWMuZgriucJClh2yPNJpJjL9eblAEFUeXeHTvz9TAv9g41EKfByBQ+UJ3uNwgd2ElUNa+YZrIbeClbBS7XtHSyZOzTJDvHkoPKVUYnF6DAk9+GCXXVW+ti93yho0PjExmO48Wxqft0YReG4x6FQ7K4iHMh+HARnpUhANBUyvL35P/1eHswbv2AyMnRtgnQ1Ovn/OaPOPKIT+n3augb2WFc/wNezwZjiJ/070SpO9L8hAt0AmEJCfzPwfYa2GUqdfUuFjYk034ZUULqnZLRNu2A4n81aOUjBo8tNMLfnobKMlifUXfan+KE8LXxJm2JhpRp+PmuE3QFr$OzTlEN6T5e3XMWL5
server: cloudflare
cf-ray: 8a24c6de4f56568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
883ef9a8f0d13bfe664b82abb40652c8
fc03a8559ce612881f374f06baf1e667de92d0bf
af733c8c253b361e359f378ea60be02b72e683ac7e0d2d20752f266247d878f5

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 12 Jul 2024 23:22:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
883ef9a8f0d13bfe664b82abb40652c8
fc03a8559ce612881f374f06baf1e667de92d0bf
af733c8c253b361e359f378ea60be02b72e683ac7e0d2d20752f266247d878f5

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 12 Jul 2024 23:22:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://reaktivet-sieb.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintEE:FE:75:C9:E5:09:76:EB:38:E8:5F:5F:31:DF:88:D1:BF:9A:93:09
ValidityMon, 24 Jun 2024 07:40:48 GMT - Mon, 16 Sep 2024 07:40:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://reaktivet-sieb.com/
Origin: https://reaktivet-sieb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Jul 2024 12:40:58 GMT
expires: Fri, 11 Jul 2025 12:40:58 GMT
cache-control: public, max-age=31536000
age: 124904
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2

216.58.207.227

200 OK

7.1 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://reaktivet-sieb.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintEE:FE:75:C9:E5:09:76:EB:38:E8:5F:5F:31:DF:88:D1:BF:9A:93:09
ValidityMon, 24 Jun 2024 07:40:48 GMT - Mon, 16 Sep 2024 07:40:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7112, version 1.0
Size
7.1 kB (7112 bytes)
Hash
28668857bef1b85c5748a482cf9b74af
7cfbc415c45b2274a5997255fbec0fb53bbe327d
daf51ab540602b2d0b87646621637bac38889bb34effb8a432ae739aca78b5c0

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://reaktivet-sieb.com/
Origin: https://reaktivet-sieb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7112
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 Jul 2024 17:48:36 GMT
expires: Thu, 10 Jul 2025 17:48:36 GMT
cache-control: public, max-age=31536000
age: 192846
last-modified: Wed, 11 May 2022 19:24:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
883ef9a8f0d13bfe664b82abb40652c8
fc03a8559ce612881f374f06baf1e667de92d0bf
af733c8c253b361e359f378ea60be02b72e683ac7e0d2d20752f266247d878f5

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 12 Jul 2024 23:22:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
883ef9a8f0d13bfe664b82abb40652c8
fc03a8559ce612881f374f06baf1e667de92d0bf
af733c8c253b361e359f378ea60be02b72e683ac7e0d2d20752f266247d878f5

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 12 Jul 2024 23:22:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

216.58.207.227

200 OK

12 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://reaktivet-sieb.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintEE:FE:75:C9:E5:09:76:EB:38:E8:5F:5F:31:DF:88:D1:BF:9A:93:09
ValidityMon, 24 Jun 2024 07:40:48 GMT - Mon, 16 Sep 2024 07:40:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11800, version 1.0
Size
12 kB (11800 bytes)
Hash
e36fccd06262bef92e7a9841e2202225
b907dd02819497b3942220e0aa160c167195506b
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://reaktivet-sieb.com/
Origin: https://reaktivet-sieb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 12 Jul 2024 21:23:08 GMT
expires: Sat, 12 Jul 2025 21:23:08 GMT
cache-control: public, max-age=31536000
age: 7174
last-modified: Wed, 11 May 2022 19:25:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
883ef9a8f0d13bfe664b82abb40652c8
fc03a8559ce612881f374f06baf1e667de92d0bf
af733c8c253b361e359f378ea60be02b72e683ac7e0d2d20752f266247d878f5

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 12 Jul 2024 23:22:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

216.58.207.227

200 OK

12 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://reaktivet-sieb.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintEE:FE:75:C9:E5:09:76:EB:38:E8:5F:5F:31:DF:88:D1:BF:9A:93:09
ValidityMon, 24 Jun 2024 07:40:48 GMT - Mon, 16 Sep 2024 07:40:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11872, version 1.0
Size
12 kB (11872 bytes)
Hash
87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://reaktivet-sieb.com/
Origin: https://reaktivet-sieb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Jul 2024 11:17:23 GMT
expires: Fri, 11 Jul 2025 11:17:23 GMT
cache-control: public, max-age=31536000
age: 129919
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

216.58.207.227

200 OK

9.8 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://reaktivet-sieb.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintEE:FE:75:C9:E5:09:76:EB:38:E8:5F:5F:31:DF:88:D1:BF:9A:93:09
ValidityMon, 24 Jun 2024 07:40:48 GMT - Mon, 16 Sep 2024 07:40:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9840, version 1.0
Size
9.8 kB (9840 bytes)
Hash
7b08b9e11fc6b8a8a1398b357e874144
4b5fb5790fae1c96655aaa7a426b697f5ab986d0
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://reaktivet-sieb.com/
Origin: https://reaktivet-sieb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 Jul 2024 09:16:13 GMT
expires: Thu, 10 Jul 2025 09:16:13 GMT
cache-control: public, max-age=31536000
age: 223589
last-modified: Wed, 11 May 2022 19:24:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2

216.58.207.227

200 OK

7.0 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://reaktivet-sieb.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintEE:FE:75:C9:E5:09:76:EB:38:E8:5F:5F:31:DF:88:D1:BF:9A:93:09
ValidityMon, 24 Jun 2024 07:40:48 GMT - Mon, 16 Sep 2024 07:40:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7016, version 1.0
Size
7.0 kB (7016 bytes)
Hash
53f395eb854a40e978706b1082570e42
70fba5c0c3e1f5c5786e615d35a21c54b1c0a39c
713780d8b30bda5583052ea847cdcb4f2956c2ac5ff38a7e538ba8f14ad1043e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://reaktivet-sieb.com/
Origin: https://reaktivet-sieb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7016
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 Jul 2024 12:09:42 GMT
expires: Thu, 10 Jul 2025 12:09:42 GMT
cache-control: public, max-age=31536000
age: 213180
last-modified: Wed, 11 May 2022 19:25:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://reaktivet-sieb.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintEE:FE:75:C9:E5:09:76:EB:38:E8:5F:5F:31:DF:88:D1:BF:9A:93:09
ValidityMon, 24 Jun 2024 07:40:48 GMT - Mon, 16 Sep 2024 07:40:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://reaktivet-sieb.com/
Origin: https://reaktivet-sieb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 Jul 2024 15:53:27 GMT
expires: Thu, 10 Jul 2025 15:53:27 GMT
cache-control: public, max-age=31536000
age: 199755
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
883ef9a8f0d13bfe664b82abb40652c8
fc03a8559ce612881f374f06baf1e667de92d0bf
af733c8c253b361e359f378ea60be02b72e683ac7e0d2d20752f266247d878f5

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 12 Jul 2024 23:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

reaktivet-sieb.com/assets/loading.gif

188.114.96.1

200 OK

177 kB

URL GET HTTP/3
reaktivet-sieb.com/assets/loading.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://reaktivet-sieb.com/
Certificate
IssuerGoogle Trust Services
Subjectreaktivet-sieb.com
Fingerprint8D:C7:DC:48:AD:25:91:7F:FC:D8:D3:36:1E:7D:64:41:87:1D:1B:5D
ValidityFri, 05 Jul 2024 22:58:41 GMT - Thu, 03 Oct 2024 22:58:40 GMT

File type
GIF image data, version 89a, 205 x 205
Size
177 kB (177084 bytes)
Hash
2a21206a48013ccfc2c4e0671aff4a75
acfd35a304ad8db0cb91b1037c0eb18fe965138a
2622a2c9ff17c03f1a1e4b0c7ce1c8be3c5e432cdd99c429ddca71fde6377948

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /assets/loading.gif HTTP/1.1
Host: reaktivet-sieb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://reaktivet-sieb.com/aktivizaciju
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=iBIruazxlUibntpvekRzR8RSKl8A7Nojh2u124K3LH4-1720826558-1.0.1.1-b7ASKPqfUM6oeo7nwK0GNKRxPCro1T6.9YhuLqe5RIyBbPP2GKRyJbpiZfZfd9CAA8Q4huicU2IWiWxzpV14Gw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 12 Jul 2024 23:22:43 GMT
content-type: image/gif
content-length: 177084
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "19bdf9d6bdbc5c182816b9ac0f088f4b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8f8d0jj9XD9V9gbiCwpcLPddJ5VLtPL3J%2FcIBLXoDyb%2Bgc7yyasyMbuQtkL6GFCp1DBqqUb%2Bo8e64MSBX1Zbr8o%2FpSK8X232SKCzCkB78RP8gATHjEomI%2BCWQjRo9E8AgfKufso%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8a24c6e4fe6eb518-OSL
alt-svc: h3=":443"; ma=86400

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
772ed8914bee078491cfc6ca336d334b
20ec3484faf23fab6000dd8be9cf47370d0c4073
b9ee8be47d15d75e3b0a5d7ac43de3c33fb7000b2c78c5ea2ea2418667c89d9c

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 12 Jul 2024 23:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

reaktivet-sieb.com/chunk-HLHYB3YI.js

188.114.96.1

200 OK

51 kB

URL GET HTTP/3
reaktivet-sieb.com/chunk-HLHYB3YI.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://reaktivet-sieb.com/
Certificate
IssuerGoogle Trust Services
Subjectreaktivet-sieb.com
Fingerprint8D:C7:DC:48:AD:25:91:7F:FC:D8:D3:36:1E:7D:64:41:87:1D:1B:5D
ValidityFri, 05 Jul 2024 22:58:41 GMT - Thu, 03 Oct 2024 22:58:40 GMT

File type
ASCII text, with very long lines (30875)
Size
51 kB (51079 bytes)
Hash
5c6d1b78ee81bc43efc9fc4fc9f54155
ce5c8a3ab461ef5f469b3ab55e53d8522652bf22
03ec8134df037d6c99465e9885ecb4c6a4a032dc63991bd870a765103d52c0c0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /chunk-HLHYB3YI.js HTTP/1.1
Host: reaktivet-sieb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://reaktivet-sieb.com/main-DMTDAEOC.js
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=iBIruazxlUibntpvekRzR8RSKl8A7Nojh2u124K3LH4-1720826558-1.0.1.1-b7ASKPqfUM6oeo7nwK0GNKRxPCro1T6.9YhuLqe5RIyBbPP2GKRyJbpiZfZfd9CAA8Q4huicU2IWiWxzpV14Gw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 12 Jul 2024 23:22:43 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"436143a2d5ed38d169a0187de050c42a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=86Q1eOZiyQAe16B%2FaYShux%2Fd92G%2BY6QrzCFjm%2BKPM597%2B%2BYo5MGvHhV%2BUpl9g3SyBFLeH4%2BTm%2BbO%2FzQYV2fasNywD%2FmqyT6q2g0QP0jVBHnj8BD6R2gbL5iiGb0gEselCsI5Vn637oc7f1rezYTpaH8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 8a24c6e40dddb518-OSL
alt-svc: h3=":443"; ma=86400

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
772ed8914bee078491cfc6ca336d334b
20ec3484faf23fab6000dd8be9cf47370d0c4073
b9ee8be47d15d75e3b0a5d7ac43de3c33fb7000b2c78c5ea2ea2418667c89d9c

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 12 Jul 2024 23:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fseb-lg%2Fdatabases%2F(default)&gsessionid=TodH6Vms1hidc9B9NgRHKLqQzqiMJbGEBCDMvE7oSns&SID=pkO1ngz1GFqFRWXmjVboyQ&RID=45920&AID=5&zx=xtyr7t1kzs9o&t=1

142.250.74.10

200 OK

30 B

URL POST HTTP/3
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fseb-lg%2Fdatabases%2F(default)&gsessionid=TodH6Vms1hidc9B9NgRHKLqQzqiMJbGEBCDMvE7oSns&SID=pkO1ngz1GFqFRWXmjVboyQ&RID=45920&AID=5&zx=xtyr7t1kzs9o&t=1
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://reaktivet-sieb.com/
Certificate
IssuerGoogle Trust Services
Subjectedgecert.googleapis.com
Fingerprint23:A8:D7:7B:FA:C2:07:64:7C:BF:83:1A:24:C8:0A:A4:57:C1:11:8C
ValidityMon, 24 Jun 2024 07:57:48 GMT - Mon, 16 Sep 2024 07:57:47 GMT

File type
ASCII text
Size
30 B (30 bytes)
Hash
e7b7fa0fe1208843cd1c69ae04bb6067
2e524c03db3f3360daf37fb172b7c50081d387e7
59e985a6b4503260116c50d3342d7b5bd34879a05f2a77521710b9caffd1f23d

HTTP Headers

POST /google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fseb-lg%2Fdatabases%2F(default)&gsessionid=TodH6Vms1hidc9B9NgRHKLqQzqiMJbGEBCDMvE7oSns&SID=pkO1ngz1GFqFRWXmjVboyQ&RID=45920&AID=5&zx=xtyr7t1kzs9o&t=1 HTTP/1.1
Host: firestore.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://reaktivet-sieb.com/
content-type: application/x-www-form-urlencoded
Content-Length: 123
Origin: https://reaktivet-sieb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/plain; charset=utf-8
content-encoding: gzip
date: Fri, 12 Jul 2024 23:22:44 GMT
server: ESF
cache-control: private
content-length: 30
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://reaktivet-sieb.com
vary: origin
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

reaktivet-sieb.com/styles-U6OZXCCO.css

188.114.96.1

200 OK

462 kB

URL GET HTTP/3
reaktivet-sieb.com/styles-U6OZXCCO.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://reaktivet-sieb.com/
Certificate
IssuerGoogle Trust Services
Subjectreaktivet-sieb.com
Fingerprint8D:C7:DC:48:AD:25:91:7F:FC:D8:D3:36:1E:7D:64:41:87:1D:1B:5D
ValidityFri, 05 Jul 2024 22:58:41 GMT - Thu, 03 Oct 2024 22:58:40 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
462 kB (462010 bytes)
Hash
60fd47071a712ce5e0695bfffd91e677
95aeb30884ef6c85a78cb111fb2ede3ccf076dc3
7ebaa1915ab5c53ab5525daaedd3a286da9a2a76f9c8b55310eed5bf74382948

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /styles-U6OZXCCO.css HTTP/1.1
Host: reaktivet-sieb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://reaktivet-sieb.com/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=iBIruazxlUibntpvekRzR8RSKl8A7Nojh2u124K3LH4-1720826558-1.0.1.1-b7ASKPqfUM6oeo7nwK0GNKRxPCro1T6.9YhuLqe5RIyBbPP2GKRyJbpiZfZfd9CAA8Q4huicU2IWiWxzpV14Gw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 12 Jul 2024 23:22:42 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"d115a4a478144d7ebd8905c8cc7e6745"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X9auIIl2dAwu3QKok4WdlksIM8%2FG37ce7TVFSnVmiAeqiJpYE0coQIvnTAoFd7mzguMWidkA4Z9VKgtJye9qlmH0khGgWcYeIeRR%2Bf%2B80X6W2EPiUofoLgHFQPlYQ%2BKHHKjkGsU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 8a24c6e17c23b518-OSL
alt-svc: h3=":443"; ma=86400

reaktivet-sieb.com/main-DMTDAEOC.js

188.114.96.1

200 OK

1.4 MB

URL GET HTTP/3
reaktivet-sieb.com/main-DMTDAEOC.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://reaktivet-sieb.com/
Certificate
IssuerGoogle Trust Services
Subjectreaktivet-sieb.com
Fingerprint8D:C7:DC:48:AD:25:91:7F:FC:D8:D3:36:1E:7D:64:41:87:1D:1B:5D
ValidityFri, 05 Jul 2024 22:58:41 GMT - Thu, 03 Oct 2024 22:58:40 GMT

File type

Size
1.4 MB (1373979 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /main-DMTDAEOC.js HTTP/1.1
Host: reaktivet-sieb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://reaktivet-sieb.com/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=iBIruazxlUibntpvekRzR8RSKl8A7Nojh2u124K3LH4-1720826558-1.0.1.1-b7ASKPqfUM6oeo7nwK0GNKRxPCro1T6.9YhuLqe5RIyBbPP2GKRyJbpiZfZfd9CAA8Q4huicU2IWiWxzpV14Gw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 12 Jul 2024 23:22:42 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"325c9f567842bb42d3751b4772df21b5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pMzRu7H5Y10Kf0Hr3WLltB%2B5mdbZmbu6POVHGlGktkDjXc90RrsZJGsZBzv0thIPCfZy30jKnd7ENzQSV6P7RnnZoCSWz12rP0QBwP9gGkUjEOaLqwjIbitVkf2pHSYTZhpQuls%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 8a24c6e17c22b518-OSL
alt-svc: h3=":443"; ma=86400

reaktivet-sieb.com/media/logio-YZHDHQ7N.svg

188.114.96.1

200 OK

1.1 kB

URL GET HTTP/3
reaktivet-sieb.com/media/logio-YZHDHQ7N.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://reaktivet-sieb.com/
Certificate
IssuerGoogle Trust Services
Subjectreaktivet-sieb.com
Fingerprint8D:C7:DC:48:AD:25:91:7F:FC:D8:D3:36:1E:7D:64:41:87:1D:1B:5D
ValidityFri, 05 Jul 2024 22:58:41 GMT - Thu, 03 Oct 2024 22:58:40 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1074 bytes)
Hash
81861e755f01925bc39ad514547b1735
1be6d2447ca450d95d38eb08ee283878bcfc185d
d05ce9badaef486035e0e04af4fa06fcdbe633996b7dbd0b1cf54618bf7a460d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /media/logio-YZHDHQ7N.svg HTTP/1.1
Host: reaktivet-sieb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://reaktivet-sieb.com/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=iBIruazxlUibntpvekRzR8RSKl8A7Nojh2u124K3LH4-1720826558-1.0.1.1-b7ASKPqfUM6oeo7nwK0GNKRxPCro1T6.9YhuLqe5RIyBbPP2GKRyJbpiZfZfd9CAA8Q4huicU2IWiWxzpV14Gw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 12 Jul 2024 23:22:42 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"f9f0865a1822a507d73987a377a4d702"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tcKZgb6jjxxeOcqHwDPsAHaYYS5H3zsLd0UOt5G%2Fmg7hOVm%2F82OfQTH3uhsLqgbKlHZQ0Ymsh%2BcnBlUKq4KoRvppHYx%2BWyiY3OBVBKqqbDpeSQ5KHfVS4dtVKYMuMFun6CwLtHg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 8a24c6e18c2ab518-OSL
alt-svc: h3=":443"; ma=86400

reaktivet-sieb.com/src/assets/facicon.ico

188.114.96.1

200 OK

94 kB

URL GET HTTP/3
reaktivet-sieb.com/src/assets/facicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://reaktivet-sieb.com/
Certificate
IssuerGoogle Trust Services
Subjectreaktivet-sieb.com
Fingerprint8D:C7:DC:48:AD:25:91:7F:FC:D8:D3:36:1E:7D:64:41:87:1D:1B:5D
ValidityFri, 05 Jul 2024 22:58:41 GMT - Thu, 03 Oct 2024 22:58:40 GMT

File type

Size
94 kB (94105 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /src/assets/facicon.ico HTTP/1.1
Host: reaktivet-sieb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://reaktivet-sieb.com/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=iBIruazxlUibntpvekRzR8RSKl8A7Nojh2u124K3LH4-1720826558-1.0.1.1-b7ASKPqfUM6oeo7nwK0GNKRxPCro1T6.9YhuLqe5RIyBbPP2GKRyJbpiZfZfd9CAA8Q4huicU2IWiWxzpV14Gw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 12 Jul 2024 23:22:43 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B6vqqlpVKJfGIOqtWoyCMgYc8BH4W3EdDpA7%2BJ2xY1sMPeCsuTvBIL%2BF9CNI1sUl0e3GEDvgUQJlQ2J86TuZGk9xnOYF9DN0H1DE%2Fd0l3i8pGj2W0e6%2FcBmPZwjxkkaFVxbubJw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Fri, 12 Jul 2024 23:22:43 GMT
server: cloudflare
cf-ray: 8a24c6e59ecdb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

reaktivet-sieb.com/polyfills-S3BTP7ME.js

188.114.96.1

200 OK

34 kB

URL GET HTTP/3
reaktivet-sieb.com/polyfills-S3BTP7ME.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://reaktivet-sieb.com/
Certificate
IssuerGoogle Trust Services
Subjectreaktivet-sieb.com
Fingerprint8D:C7:DC:48:AD:25:91:7F:FC:D8:D3:36:1E:7D:64:41:87:1D:1B:5D
ValidityFri, 05 Jul 2024 22:58:41 GMT - Thu, 03 Oct 2024 22:58:40 GMT

File type
JavaScript source, ASCII text, with very long lines (28789)
Size
34 kB (34037 bytes)
Hash
7b58c022cb4bbc4f67584096e5688e78
893d641030c187f109c667de1b0a73a03095fa3b
bf5a16d2a808a2d9e45b3bfa71b5df6832df1701ed5fcfff301144e3fd3a94b4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /polyfills-S3BTP7ME.js HTTP/1.1
Host: reaktivet-sieb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://reaktivet-sieb.com/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=iBIruazxlUibntpvekRzR8RSKl8A7Nojh2u124K3LH4-1720826558-1.0.1.1-b7ASKPqfUM6oeo7nwK0GNKRxPCro1T6.9YhuLqe5RIyBbPP2GKRyJbpiZfZfd9CAA8Q4huicU2IWiWxzpV14Gw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 12 Jul 2024 23:22:42 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"66116de0a2d7afce51199d0b3b755ced"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2F42qzNg4fN56jWhmJWjkvN%2B9GvSucMuRhBPAu60rGhHO6MG%2FHuZ2z4uRtKUlbASP7cDi9auOTmmOOIQq12f5Ffu6unNy%2F2T5ovhPPn70WqMwBCc%2FrAS6QS6Tq9zKAKAkhfvwoA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 8a24c6e17c20b518-OSL
alt-svc: h3=":443"; ma=86400

firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=TodH6Vms1hidc9B9NgRHKLqQzqiMJbGEBCDMvE7oSns&VER=8&database=projects%2Fseb-lg%2Fdatabases%2F(default)&RID=rpc&SID=pkO1ngz1GFqFRWXmjVboyQ&AID=0&CI=0&TYPE=xmlhttp&zx=nzpuszoyg7d&t=1

0.0.0.0

0 B

URL GET
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=TodH6Vms1hidc9B9NgRHKLqQzqiMJbGEBCDMvE7oSns&VER=8&database=projects%2Fseb-lg%2Fdatabases%2F(default)&RID=rpc&SID=pkO1ngz1GFqFRWXmjVboyQ&AID=0&CI=0&TYPE=xmlhttp&zx=nzpuszoyg7d&t=1
IP
0.0.0.0:0
ASN
#0

Requested by
https://reaktivet-sieb.com/
Certificate
IssuerGoogle Trust Services
Subjectedgecert.googleapis.com
Fingerprint23:A8:D7:7B:FA:C2:07:64:7C:BF:83:1A:24:C8:0A:A4:57:C1:11:8C
ValidityMon, 24 Jun 2024 07:57:48 GMT - Mon, 16 Sep 2024 07:57:47 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /google.firestore.v1.Firestore/Listen/channel?gsessionid=TodH6Vms1hidc9B9NgRHKLqQzqiMJbGEBCDMvE7oSns&VER=8&database=projects%2Fseb-lg%2Fdatabases%2F(default)&RID=rpc&SID=pkO1ngz1GFqFRWXmjVboyQ&AID=0&CI=0&TYPE=xmlhttp&zx=nzpuszoyg7d&t=1 HTTP/1.1
Host: firestore.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://reaktivet-sieb.com/
Origin: https://reaktivet-sieb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-debug-tracking-id: 602066696229220243;o=0
vary: Referer, origin
cache-control: private, max-age=0
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
content-encoding: gzip
date: Fri, 12 Jul 2024 23:22:44 GMT
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://reaktivet-sieb.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fseb-lg%2Fdatabases%2F(default)&RID=45919&CVER=22&X-HTTP-Session-Id=gsessionid&zx=z4t3viys6sj2&t=1

142.250.74.10

200 OK

54 B

URL POST HTTP/2
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fseb-lg%2Fdatabases%2F(default)&RID=45919&CVER=22&X-HTTP-Session-Id=gsessionid&zx=z4t3viys6sj2&t=1
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://reaktivet-sieb.com/
Certificate
IssuerGoogle Trust Services
Subjectedgecert.googleapis.com
Fingerprint23:A8:D7:7B:FA:C2:07:64:7C:BF:83:1A:24:C8:0A:A4:57:C1:11:8C
ValidityMon, 24 Jun 2024 07:57:48 GMT - Mon, 16 Sep 2024 07:57:47 GMT

File type
ASCII text, with no line terminators
Size
54 B (54 bytes)
Hash
16f321baa1c864a5c22d9140b575a905
3d263a6d5574660f8257bcae68385da703e4fe87
d7b7a4f631ed4aa6c9084337ff785891537e50c977bc131cf970d23a21290417

HTTP Headers

POST /google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fseb-lg%2Fdatabases%2F(default)&RID=45919&CVER=22&X-HTTP-Session-Id=gsessionid&zx=z4t3viys6sj2&t=1 HTTP/1.1
Host: firestore.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://reaktivet-sieb.com/
content-type: application/x-www-form-urlencoded
Content-Length: 441
Origin: https://reaktivet-sieb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-client-wire-protocol: h2
x-http-session-id: TodH6Vms1hidc9B9NgRHKLqQzqiMJbGEBCDMvE7oSns
content-type: text/plain; charset=utf-8
content-encoding: gzip
date: Fri, 12 Jul 2024 23:22:43 GMT
server: ESF
cache-control: private
content-length: 71
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://reaktivet-sieb.com
vary: origin
access-control-allow-credentials: true
access-control-expose-headers: x-client-wire-protocol,x-http-session-id
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (42)