galdin1.payablaccounts.com Open in urlscan Pro
54.91.49.254 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Effective URL:
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Submission: On October 03 via manual (October 3rd 2023, 3:06:00 pm UTC) — Scanned from DE

Summary HTTP 115 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 115 HTTP transactions. The main IP is 54.91.49.254, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is galdin1.payablaccounts.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 22nd 2023. Valid for: 10 months.

This is the only time galdin1.payablaccounts.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Phishing Simulation (Internet)

Domain & IP information

	IP Address	AS Autonomous System
82	54.91.49.254 54.91.49.254	14618 (AMAZON-AES) (AMAZON-AES)
20	52.217.124.25 52.217.124.25	16509 (AMAZON-02) (AMAZON-02)
2 4	2a02:26f0:480... 2a02:26f0:480:22::1726:62dd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.222.206.76 52.222.206.76	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
5	13.32.23.76 13.32.23.76	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
115	9

82 54.91.49.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-49-254.compute-1.amazonaws.com

galdin1.payablaccounts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 52.217.124.25 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

tslp.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:22::1726:62dd (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

java.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.java.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.206.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-76.fra56.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.23.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-76.fra56.r.cloudfront.net

d25q7gseii1o1q.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
82	payablaccounts.com galdin1.payablaccounts.com	120 KB
20	amazonaws.com tslp.s3.amazonaws.com — Cisco Umbrella Rank: 687942	329 KB
7	cloudfront.net d2wy8f7a9ursnm.cloudfront.net d25q7gseii1o1q.cloudfront.net	138 KB
4	java.com 2 redirects java.com — Cisco Umbrella Rank: 36300 www.java.com — Cisco Umbrella Rank: 106780	13 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113 ajax.googleapis.com — Cisco Umbrella Rank: 720	93 KB
1	gstatic.com fonts.gstatic.com	48 KB
115	6

	Domain	Requested by
82	galdin1.payablaccounts.com	galdin1.payablaccounts.com
20	tslp.s3.amazonaws.com	galdin1.payablaccounts.com
5	d25q7gseii1o1q.cloudfront.net	galdin1.payablaccounts.com
2	d2wy8f7a9ursnm.cloudfront.net	galdin1.payablaccounts.com
2	www.java.com	galdin1.payablaccounts.com
2	java.com	2 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	ajax.googleapis.com	galdin1.payablaccounts.com
1	fonts.googleapis.com	galdin1.payablaccounts.com
115	9

This site contains links to these domains. Also see Links.

Domain
threatsim.com
www.wombatsecurity.com

Subject Issuer	Validity	Valid
info-week.us Amazon RSA 2048 M02	`2023-02-22` - `2024-01-05`	10 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Frame ID: E07C6D2FB1143C4B670A0F8C1C82C2A3
Requests: 115 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

You've Been Phished!

Page URL History Show full URLs

https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155 Page URL
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7... Page URL

Detected technologies

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

/bugsnag.*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

115
Requests

97 %
HTTPS

50 %
IPv6

6
Domains

9
Subdomains

9
IPs

2
Countries

740 kB
Transfer

904 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://threatsim.com/
Title: ThreatSim

Search URL Search Domain Scan URL

URL: https://www.wombatsecurity.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155 Page URL
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://java.com/js/deployJava.js HTTP 302
https://www.java.com/js/deployJava.js

Request Chain 56

https://java.com/js/deployJava.js HTTP 302
https://www.java.com/js/deployJava.js

115 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 59d4b8bd39e76f11 Show response
galdin1.payablaccounts.com/ 4 KB
2 KB 352ms
108ms Document
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

d52381aab51cfc91503f9d6fd9805e90f3f70d61c2698b7b832b635a4d4dc735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 03 Oct 2023 15:05:54 GMT
etag: W/"d52381aab51cfc91503f9d6fd9805e90"
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-host-info: lw-prod-us-i-030c420c3b83554b0 ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-permitted-cross-domain-policies: none
x-request-id: 0dceadae-ff21-4d18-b63f-1062d4a4b5b4
x-runtime: 0.013425
x-xss-protection: 1; mode=block

GET alt_pixel_click_d4b8b9e76f.gif
galdin1.payablaccounts.com/ 0
0

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 349ms
117ms Script
text/javascript 52.217.124.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 15:05:55 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: NJ16X27DV808M9GY
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: SmGW6htXwlOxTnkt2gP432TWlyEAEgCoKAOgNzmjym6pDEJfry7YPnNSxma4DibDRqRw4QcVrao=

GET
H/1.1 200
OK java.js Show response
tslp.s3.amazonaws.com/detect/ 50 KB
50 KB 348ms
116ms Script
text/javascript 52.217.124.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/java.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 15:05:55 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
Server: AmazonS3
x-amz-request-id: NJ15S0EZ0T7CVNFZ
ETag: "2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 50717
x-amz-id-2: mjvM7znqDUj1pKnKff+swEA2V5xdylXW3rgX5UxXQHyIi3Q4tRTRLt/1ubnXn0YPEpv9bU4WXs0=

GET
H2

200

deployJava.js Show response
www.java.com/js/
Redirect Chain

https://java.com/js/deployJava.js
https://www.java.com/js/deployJava.js

18 KB
6 KB

70ms
36ms

Script
application/javascript

2a02:26f0:480:22::1726:62dd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.java.com/js/deployJava.js

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Server

2a02:26f0:480:22::1726:62dd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
akamai-grn: , , , 0.1dd53e17.1696345554.3eddab5
x-oracle-dms-rid: 0
content-disposition: attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing: cdn-cache; desc=HIT, edge; dur=15, origin; dur=0, ak_p; desc="1696345554902_389993757_65919669_1446_14193_10_0_182";dur=1
content-length: 5512
x-xss-protection: 1
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
etag: "D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19"
vary: Accept-Encoding
x-oracle-dms-ecid: 0a49ef57-f9e4-4f54-808c-080f670ae5ff-0052a517
content-type: application/javascript
cache-control: public, max-age=86400
expires: Wed, 04 Oct 2023 15:05:54 GMT

Redirect headers

date: Tue, 03 Oct 2023 15:05:54 GMT
x-content-type-options: nosniff
server: AkamaiGHost
akamai-grn: 0.1dd53e17.1696345554.3edda11
location: https://www.java.com/js/deployJava.js
cache-control: max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1696345554757_389993757_65919505_32_90034_6_11_182";dur=1
content-length: 0
x-xss-protection: 1
expires: Wed, 04 Oct 2023 15:05:54 GMT

GET
H/1.1 200
OK flash.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 347ms
115ms Script
text/javascript 52.217.124.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/flash.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 15:05:55 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
Server: AmazonS3
x-amz-request-id: NJ13CWX9K147HN2Q
ETag: "f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 6680
x-amz-id-2: gGcrgzZYgmIXNkKFy0gpG1ahaiiEi0Og25Cp5/Zc4YebzaxIN4Y2wtoRYf7IVs4FALrIqaFDSZ0=

GET
H/1.1 200
OK pdf.js Show response
tslp.s3.amazonaws.com/detect/ 22 KB
23 KB 349ms
118ms Script
text/javascript 52.217.124.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/pdf.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 15:05:55 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
Server: AmazonS3
x-amz-request-id: NJ16HS38KYVBT4BB
ETag: "0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 22855
x-amz-id-2: bBLs78FyW0sPdyHqQGoWTXalK0fIZMIckcIR5iP69xINAVRrmSJrrU1Gh1sDDdwIkEOUY/LfIp4=

GET
H/1.1 200
OK quicktime.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 348ms
117ms Script
text/javascript 52.217.124.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 15:05:55 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
Server: AmazonS3
x-amz-request-id: NJ10NA5HDMX12CJZ
ETag: "ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 6999
x-amz-id-2: F/0sxkzkIkGzVFXI9ODjPelidGgaOpg3MXIGbA25Qq2UF4V2kNSWbeQBDjH5+apfVdJO3OSkLek=

GET
H/1.1 200
OK realplayer.js Show response
tslp.s3.amazonaws.com/detect/ 10 KB
10 KB 349ms
118ms Script
text/javascript 52.217.124.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 15:05:55 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
Server: AmazonS3
x-amz-request-id: NJ17K4GDRBGSWDKB
ETag: "3d7be656672c16a34806c13388410325"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 9775
x-amz-id-2: r3IBZkb7iCtAomKmi5bYl1BAYtOJ6NVfSHswTxRd1QO5MqWIvm9e/+lFbCXceJVfotdvNWPo6dI=

GET
H/1.1 200
OK silverlight.js Show response
tslp.s3.amazonaws.com/detect/ 4 KB
5 KB 103ms
102ms Script
text/javascript 52.217.124.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 15:05:56 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
Server: AmazonS3
x-amz-request-id: KYV1J93Y55E1EPS6
ETag: "e6dd596d2bc204ea573b868b92028c26"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 4234
x-amz-id-2: JNQdOHTwuiXwG35JGbnXTdxOwzQ925IY1xqBM8FxMBhucCrSa7NDa2MngSYyWfDm2e66UPDIbQE=

GET
H/1.1 200
OK wmp.js Show response
tslp.s3.amazonaws.com/detect/ 6 KB
6 KB 108ms
108ms Script
text/javascript 52.217.124.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/wmp.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 15:05:56 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
Server: AmazonS3
x-amz-request-id: KYV40SE93KN6Z567
ETag: "ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 5941
x-amz-id-2: 7Usd9dKHRBSKLVgqNpmR/I8HK+aHBN4tETdMFzdSqn42n0mD4jKgoo1kWTFkKU9oJ75zSw1cElQ=

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 48ms
9ms Script
application/javascript 52.222.206.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-76.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
Date: Mon, 02 Oct 2023 22:33:10 GMT
X-Amz-Cf-Pop: FRA56-P3
Age: 59566
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2962
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
ETag: "6103bb5e4ec6141e19e1100caafc780c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
X-Amz-Cf-Id: 7pxng9YwEmUb7KNkkTmOiTii4ThwamQKXppyJB8F5MB2NAxg2aCTSw==

GET
H2 200 jquery.min.js Show response
galdin1.payablaccounts.com/assets/ajax/libs/jquery/1.9.1/ 90 KB
32 KB 183ms
182ms Script
application/javascript 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://galdin1.payablaccounts.com/assets/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-49-254.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:54 GMT
content-encoding: gzip
last-modified: Wed, 26 Jul 2023 14:01:45 GMT
server: ThreatSim-Web-Server
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.js Show response
galdin1.payablaccounts.com/assets/ 28 KB
7 KB 93ms
92ms Script
application/javascript 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://galdin1.payablaccounts.com/assets/all.js?g=d4b8b9e76f
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-49-254.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:54 GMT
content-encoding: gzip
last-modified: Wed, 26 Jul 2023 14:01:45 GMT
server: ThreatSim-Web-Server
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 7191
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 browser_post Show response
galdin1.payablaccounts.com/secure/ 0
487 B 118ms
118ms XHR
image/gif 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://galdin1.payablaccounts.com/secure/browser_post

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/assets/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 6b08f4a8-43b9-4b4b-8a7b-261ab6c1400e
x-runtime: 0.025266
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding, Accept
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 103ms
97ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: b14cbcad-5148-4ab2-aa39-e023bf4d76b4
x-runtime: 0.002162
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 102ms
94ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 949b84a0-790e-4a16-950a-3b438d41f126
x-runtime: 0.002171
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 104ms
96ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 4ad484af-2e2f-4913-adf2-d2bfe87a2b32
x-runtime: 0.002373
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 103ms
96ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 06f72773-2fad-437a-b165-513192bbeaa0
x-runtime: 0.001467
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
465 B 105ms
98ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20browser_version%20%3D%20117&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: d4dd77a3-ef42-40a4-8dc7-8e9d83120f0d
x-runtime: 0.003651
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
465 B 106ms
99ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 6729e8b8-6aa5-4ac8-901f-2c4cefb58215
x-runtime: 0.002812
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 106ms
99ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: e7d3d6fa-8432-4ebe-9cd4-de5d2de5b3ef
x-runtime: 0.001846
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
467 B 185ms
178ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: b06d5389-c5b6-447d-b364-4338686419cd
x-runtime: 0.002584
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
465 B 186ms
179ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: cbcc5525-3402-4c50-afa6-903af98998a7
x-runtime: 0.001934
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 183ms
177ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: a678a251-b9fe-4af6-9e58-4c81206f47fd
x-runtime: 0.001906
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 190ms
183ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 4eb91a53-6ead-4757-a0a5-dea5590bf71d
x-runtime: 0.001668
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 186ms
180ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 2981d186-c2a1-4e73-8245-76cec0e3edf6
x-runtime: 0.002310
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
467 B 187ms
180ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 4a829774-ccb3-4d46-98a2-ffb3063f5f5f
x-runtime: 0.001892
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
465 B 186ms
179ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: f991be67-e1c2-4ac5-9541-b51db2dcece5
x-runtime: 0.001720
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
465 B 191ms
184ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 84a451fa-07fc-4fbd-8ed4-5b8205609833
x-runtime: 0.001637
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 192ms
186ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 7315cb6b-091a-495b-a96c-e7ac49dd5386
x-runtime: 0.001703
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 200ms
194ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=java_version_pl%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 8e24f1f9-6d24-4bae-ae3a-8e5af44fd561
x-runtime: 0.005367
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
467 B 190ms
184ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 54f6de42-dc73-4797-9da5-b1934842088b
x-runtime: 0.001135
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 184ms
178ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=java_version_jres%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: d08d8803-0482-487e-9bdd-7030ebc67312
x-runtime: 0.002116
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 198ms
193ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=java_version%20%3D%20undefined&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: ef6fb935-510e-441e-8183-9fea5fa0ecac
x-runtime: 0.007663
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 183ms
177ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=Loading%20flash%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 03a72130-e5bf-4a03-9d48-596bc45a0d4a
x-runtime: 0.002495
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
465 B 192ms
187ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=flash%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 41c6026a-7e20-4359-838d-4acb8db43690
x-runtime: 0.001157
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 191ms
186ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=Loading%20pdf%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: da9eb5b7-45b1-4d3c-b814-f96c9fa89c43
x-runtime: 0.003995
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 191ms
186ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 580058e5-4aa1-4e56-ac2b-4cc59cad4ba9
x-runtime: 0.001297
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 198ms
193ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=pdf%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: a45314af-cd89-48d9-a2c3-b5293bcbafbf
x-runtime: 0.001409
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
465 B 200ms
195ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=Loading%20quicktime%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 3dbcc03c-2f85-4fdd-a089-97fa417ee869
x-runtime: 0.001414
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
465 B 199ms
195ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=quicktime%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 1389ecfd-0c17-46e4-9e35-b6be3e33ce92
x-runtime: 0.001831
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
465 B 198ms
194ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=Loading%20RealPlayer%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 7495a0ce-42a6-4180-8af2-da27b2da1a5c
x-runtime: 0.001403
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 187ms
183ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=realplayer%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 132a8d32-a074-48a9-b32d-7f466119028f
x-runtime: 0.001775
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 196ms
192ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=Loading%20Silverlight%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: ab3b93f4-5c9c-47ce-97e7-2c9fca46ada9
x-runtime: 0.001074
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 188ms
184ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=silverlight%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: e16d6a81-b509-4d0c-b265-b676d8623d5e
x-runtime: 0.001520
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
465 B 200ms
196ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 0bb37340-4851-4439-a6ce-ddc717ae9d97
x-runtime: 0.001225
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 190ms
186ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=wmp%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 44c441dd-ea36-4f81-b549-7d2263e28348
x-runtime: 0.002026
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 184ms
180ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=redirecting%20to%20%2Fload_training%3Fguid%3Dcdd4b8b3a9e76f53%26correlation_id%3D85965072-2128-44e7-82c2-7af1d9577100&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 8de324f7-6c04-49d7-bf0e-912705813c33
x-runtime: 0.001785
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 93ms
93ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=browser_post_successful&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 7030584e-3633-4ba7-ad3b-69ec019682c1
x-runtime: 0.001098
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 Primary Request load_training Show response
galdin1.payablaccounts.com/ 15 KB
5 KB 110ms
109ms Document
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/assets/all.js?g=d4b8b9e76f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

59c44a4523f0f18b8ffc57200a62fd8dd28626172af385314b29fcfb5f9efd87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 03 Oct 2023 15:05:56 GMT
etag: W/"59c44a4523f0f18b8ffc57200a62fd8d"
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-host-info: lw-prod-us-i-02496d026cef5be1a ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-permitted-cross-domain-policies: none
x-request-id: 2ee19d8f-21e9-4c90-bf67-78a2b2554099
x-runtime: 0.015445
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 42ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,600,700

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7fa32996d892278ee6e151e9fad2d97c2ec9418dadceff7a12eafc5893db2792

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:05:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Oct 2023 15:05:56 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
92 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 12:30:37 GMT
x-content-type-options: nosniff
age: 9319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93636
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2024 12:30:37 GMT

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 10ms
8ms Script
application/javascript 52.222.206.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-76.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
Date: Mon, 02 Oct 2023 22:33:10 GMT
X-Amz-Cf-Pop: FRA56-P3
Age: 59568
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2962
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
ETag: "6103bb5e4ec6141e19e1100caafc780c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
X-Amz-Cf-Id: CM321oImbNSUJbKpynBMRP0_b7YSLLsXBmyXcksbDAJxK4QvYKyMSg==

GET
H2 200 jquery.min.js Show response
galdin1.payablaccounts.com/assets/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 100ms
98ms Script
application/javascript 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://galdin1.payablaccounts.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-49-254.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
last-modified: Wed, 26 Jul 2023 14:01:45 GMT
server: ThreatSim-Web-Server
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 105ms
104ms Script
text/javascript 52.217.124.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: MW4NWAH848NASDG6
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: OkitLLdaN40Q+2/FeAF/+I6jmR4Um+BysAUApmUr3Xxca3bWL/YbIQGkyNC9jQprQY7DRYkpMRE=

GET
H/1.1 200
OK java.js Show response
tslp.s3.amazonaws.com/detect/ 50 KB
50 KB 105ms
103ms Script
text/javascript 52.217.124.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/java.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
Server: AmazonS3
x-amz-request-id: MW4NP7EG0DYCNKBH
ETag: "2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 50717
x-amz-id-2: 7R3r2Pk8+A3K8EIUJwDxCp686qXJ6ejqOwrv0PDEJ2Nq9zxn8pz52ilB5fUy48nAz4eDJNLTRCw=

GET
H2

200

deployJava.js Show response
www.java.com/js/
Redirect Chain

https://java.com/js/deployJava.js
https://www.java.com/js/deployJava.js

18 KB
6 KB

40ms
39ms

Script
application/javascript

2a02:26f0:480:22::1726:62dd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.java.com/js/deployJava.js

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Server

2a02:26f0:480:22::1726:62dd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
akamai-grn: , , , 0.1dd53e17.1696345556.3ede2cf
x-oracle-dms-rid: 0
content-disposition: attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1696345556351_389993757_65921743_292_18327_9_0_219";dur=1
content-length: 5512
x-xss-protection: 1
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
etag: "D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19"
vary: Accept-Encoding
x-oracle-dms-ecid: 0a49ef57-f9e4-4f54-808c-080f670ae5ff-0052a517
content-type: application/javascript
cache-control: public, max-age=86400
expires: Wed, 04 Oct 2023 15:05:56 GMT

Redirect headers

date: Tue, 03 Oct 2023 15:05:56 GMT
x-content-type-options: nosniff
server: AkamaiGHost
akamai-grn: 0.1dd53e17.1696345556.3ede293
location: https://www.java.com/js/deployJava.js
cache-control: max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1696345556313_389993757_65921683_23_17604_9_0_219";dur=1
content-length: 0
x-xss-protection: 1
expires: Wed, 04 Oct 2023 15:05:56 GMT

GET
H/1.1 200
OK flash.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 102ms
100ms Script
text/javascript 52.217.124.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/flash.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
Server: AmazonS3
x-amz-request-id: MW4VYG96RNTMK47Q
ETag: "f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 6680
x-amz-id-2: 9HHS/4p2+xt4N6tBWwllPU7ELppEK1ipSbQkZ4/A1vVYo+hK5Dn9zt8PvqduDI7pJqHx/rFOxWU=

GET
H/1.1 200
OK pdf.js Show response
tslp.s3.amazonaws.com/detect/ 22 KB
23 KB 105ms
104ms Script
text/javascript 52.217.124.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/pdf.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
Server: AmazonS3
x-amz-request-id: MW4X0GAK7METWS4J
ETag: "0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 22855
x-amz-id-2: soVvdXOxrYaeJ1Qgz3Ut62nCGt5WPli/DXpECBmarCVAtQjamsN4XcScVQr0bnSrtM2U9tOoH3c=

GET
H/1.1 200
OK quicktime.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 105ms
104ms Script
text/javascript 52.217.124.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
Server: AmazonS3
x-amz-request-id: MW4R6RS5X702FVK3
ETag: "ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 6999
x-amz-id-2: 0g8MrKgDdGo4w0Dxfz26cAiai37Jwdw8sqFLYx7qb9XKgAlkVllMtcQMvleAbR6lQWNI6ycNDjc=

GET
H/1.1 200
OK realplayer.js Show response
tslp.s3.amazonaws.com/detect/ 10 KB
10 KB 103ms
102ms Script
text/javascript 52.217.124.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
Server: AmazonS3
x-amz-request-id: MW4K6P6MKJS6VWW6
ETag: "3d7be656672c16a34806c13388410325"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 9775
x-amz-id-2: cjqN8doJa0YO9FOicNA926qY0yVf19v+iPH8HY3AYVYbDRmwKRsufECT/h5Qv5Qa/O7SrDb4IJg=

GET
H/1.1 200
OK silverlight.js Show response
tslp.s3.amazonaws.com/detect/ 4 KB
5 KB 204ms
103ms Script
text/javascript 52.217.124.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
Server: AmazonS3
x-amz-request-id: MW4WYN6NF11HM001
ETag: "e6dd596d2bc204ea573b868b92028c26"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 4234
x-amz-id-2: tG96CsfJiRyVoYg//jJ5CIaU40yfwlQOqGKqtI8mjRbeVmYjiNML8uEmf7xdEOvNkkUsqthDjQU=

GET
H/1.1 200
OK wmp.js Show response
tslp.s3.amazonaws.com/detect/ 6 KB
6 KB 207ms
101ms Script
text/javascript 52.217.124.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/wmp.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
Server: AmazonS3
x-amz-request-id: MW4KM4ZENYHNK90F
ETag: "ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 5941
x-amz-id-2: rr+SeZUlvmL8xTZtlJxuMB4mwT+WxUlFTNq14KQWFuyq8ZPqTrGvUG3oD0Ht+JS39ysKAkQGHpY=

GET
H/1.1 200
OK dude.png
d25q7gseii1o1q.cloudfront.net/training/three_key_tips/ 95 KB
96 KB 55ms
7ms Image
image/png 13.32.23.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d25q7gseii1o1q.cloudfront.net/training/three_key_tips/dude.png
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-76.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 670e2b3746bace2849346735f48d39f2beb334590d2effdd51146adc04b036ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 09:11:03 GMT
Via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
Last-Modified: Fri, 30 May 2014 22:06:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
Age: 21294
ETag: "bb6b4648d9323b897531f4c4de68d5f8"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 97463
X-Amz-Cf-Id: rxeSmaBfa7JwJb-hodl4u4NgoEr-8pg4RHXDyagafh7h88_qAp_uBA==

GET
H/1.1 200
OK security.png
d25q7gseii1o1q.cloudfront.net/training/three_key_tips/ 8 KB
9 KB 55ms
8ms Image
image/png 13.32.23.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d25q7gseii1o1q.cloudfront.net/training/three_key_tips/security.png
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-76.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30dd9f54b34a72d85345adcfa029db1447e2a72a15e9d3e05d9fe4426ac4c1da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 06:16:52 GMT
Via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
Last-Modified: Fri, 30 May 2014 22:07:52 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
Age: 32668
ETag: "fcaec9fd5786787b90bb0012daf1ed40"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8560
X-Amz-Cf-Id: UEX8tofRLMJpPNum_qZwoh5WhtMrGI4oeO2zKjmrf-C0NDHeLk8Paw==

GET
H/1.1 200
OK search.png
d25q7gseii1o1q.cloudfront.net/training/three_key_tips/ 4 KB
4 KB 55ms
8ms Image
image/png 13.32.23.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d25q7gseii1o1q.cloudfront.net/training/three_key_tips/search.png
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-76.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3665ad6f66b48b096ee543a405fe25fe2bc5d1b59e04f8899a5c398aa783ca5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 07:46:08 GMT
Via: 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
Last-Modified: Fri, 30 May 2014 22:07:52 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
Age: 26389
ETag: "2c7bc083aaa2e61bf7befdf12bbcf70c"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3661
X-Amz-Cf-Id: OjLuFt9s8qQNkKfGxHCMullsygnHcUOWJpMoRvdeVdYAn2PMKVBtCQ==

GET
H/1.1 200
OK user-group.png
d25q7gseii1o1q.cloudfront.net/training/three_key_tips/ 12 KB
12 KB 59ms
12ms Image
image/png 13.32.23.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d25q7gseii1o1q.cloudfront.net/training/three_key_tips/user-group.png
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-76.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c9853cb4a66acc2d9404ccbe10d598c26ddc66cb4bafdcb59d32cbac92f7bca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 09:11:03 GMT
Via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
Last-Modified: Fri, 30 May 2014 22:07:52 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
Age: 21294
ETag: "26e2a6551d162038ff39bf06633ff724"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12047
X-Amz-Cf-Id: 10jqBNeLzKvsa-W8vbMEwWsCRyF8wYfkRoPg037qqfHwPrr27ISVrw==

GET
H/1.1 200
OK language.18071.js Show response
tslp.s3.amazonaws.com/languages/ 8 KB
8 KB 107ms
106ms Script
application/javascript 52.217.124.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/languages/language.18071.js
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 73f360f08e8c2a1719c098491e17d53cdaa98d246585bfd0285a2afad75c51a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id: U_kpSjDDW4npfowvZPZnd2_aKVkUaKPA
Last-Modified: Fri, 26 Aug 2022 14:07:38 GMT
Server: AmazonS3
x-amz-request-id: MW4V87P6FAWAGVRW
ETag: "8b9a9d305bd69c962b600c08f3c69edf"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 8207
x-amz-id-2: 6gCTsmeCXjuRgKY13hBG+OQ1nar4h8eKpGvzn6f+rl+r8mF0wA99dluCLnaQFBFG0wKodZhiQD8=

GET
H/1.1 200
OK training.js Show response
tslp.s3.amazonaws.com/assets/js/ 352 B
811 B 106ms
105ms Script
application/javascript 52.217.124.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/assets/js/training.js
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id: 6KvPBARKn9Wl5VW3Hl_LtK2bIq68QrGH
Last-Modified: Fri, 26 Aug 2022 14:07:38 GMT
Server: AmazonS3
x-amz-request-id: MW4YND44EHN4F1YT
ETag: "029ab28ca3c245dc425e3f3f6599d480"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 352
x-amz-id-2: 27JXQk2yYMWMp4KBwuiYICp8vT0Uf02IQvYSwgSj980f0fYDvOE1lFVjGmTpsHEdSsr9YBmcP8o=

GET
H2 200 all.js Show response
galdin1.payablaccounts.com/assets/ 28 KB
7 KB 96ms
94ms Script
application/javascript 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://galdin1.payablaccounts.com/assets/all.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-49-254.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
last-modified: Wed, 26 Jul 2023 14:01:45 GMT
server: ThreatSim-Web-Server
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 7191
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bg.png
d25q7gseii1o1q.cloudfront.net/training/three_key_tips/ 10 KB
10 KB 58ms
12ms Image
image/png 13.32.23.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d25q7gseii1o1q.cloudfront.net/training/three_key_tips/bg.png
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-76.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef3a8413a1b80d3af4bfabdfe3b37c748345af23590c18ef4719b18d9a1a1f39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 07:08:31 GMT
Via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
Last-Modified: Fri, 30 May 2014 22:05:42 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
Age: 30888
ETag: "fc8cac7fd4d7fdb1d37804580f8f66bf"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10120
X-Amz-Cf-Id: wdqx17olUkFy5PJNk913PKRivGEd9NucBFH4o02cKcAjupvMNFYxig==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 39ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://galdin1.payablaccounts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 18:17:53 GMT
x-content-type-options: nosniff
age: 420483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Sep 2024 18:17:53 GMT

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 298ms
297ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: e78c5656-6806-46cd-9c58-d65eb9eb8e1b
x-runtime: 0.001991
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 297ms
297ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 8313b2c7-f844-4c76-a4e9-7db917a6d334
x-runtime: 0.001670
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 296ms
296ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: cd19d3d2-42b4-4273-9cfe-bc521e887fd5
x-runtime: 0.001312
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H/1.1 200
OK lang_en-US.json Show response
tslp.s3.amazonaws.com/languages/oh_snap_youve_been_phished/ 2 KB
2 KB 495ms
106ms XHR
application/json 52.217.124.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/languages/oh_snap_youve_been_phished/lang_en-US.json
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0d1eb3873024c4c6d8a9a6896ed2af6de80773aa5a0e38e535b459973a05a64e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://galdin1.payablaccounts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 15:05:58 GMT
x-amz-version-id: DdBVW8dNC8jpuLHfK53lUYQecBi3ExL0
Last-Modified: Wed, 26 Jul 2023 17:07:33 GMT
Server: AmazonS3
x-amz-request-id: TN6W07HAPBB9YS5D
ETag: "d20af1845489bdc59ec1ab95c0c607ae"
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: application/json
Accept-Ranges: bytes
Content-Length: 1749
x-amz-id-2: zUA73y5ieJryEFYpmLTBls79NIzcsC2nI7c8OD11lgjTSwhFR3BGp4vf9OGVHNCVyT/VQdEyaYo=

GET
H2 200 log
galdin1.payablaccounts.com/ 0
475 B 289ms
281ms Image
image/gif 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/log?id=d4b8b9e76f&campaign_guid=17b94a6dc6&msg=logo_object%20exists

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 4024b321-8a8e-4231-a94c-441928baa7cf
x-runtime: 0.002041
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 log
galdin1.payablaccounts.com/ 0
476 B 289ms
280ms Image
image/gif 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/log?id=d4b8b9e76f&campaign_guid=17b94a6dc6&msg=window.account_logo%20is%20set%20to%20https%3A%2F%2Ftslp.s3.amazonaws.com%2Fprod%2F304923e3-9cd3-4%2FMjM3NDYtZ29.jpg

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 81995653-790b-40e1-87b7-4e6e2c5ac219
x-runtime: 0.001529
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H/1.1 200
OK MjM3NDYtZ29.jpg
tslp.s3.amazonaws.com/prod/304923e3-9cd3-4/ 3 KB
4 KB 292ms
285ms Image
image/png 52.217.124.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tslp.s3.amazonaws.com/prod/304923e3-9cd3-4/MjM3NDYtZ29.jpg
Requested by: Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cfa67cfccb850832d87662e2dc5156f37fcac39375b3a760a2adaf76a049360a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id: Iq1Qc6fJxV7h_Shh1uejVg0L2biVMXgs
Last-Modified: Wed, 24 May 2023 23:42:05 GMT
Server: AmazonS3
x-amz-request-id: MW4RY54QZJJBWEAQ
ETag: "dff48cd5e357c084e8ffbce898b2f7b3"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3563
x-amz-id-2: 1ecdGfyvI8xuwa3t86Wx3geLZcJe0SKwq4f4y6liF3MwTWdpxYuCxrUVQF70S0C94boswye0M4M=

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 290ms
281ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 8d12c96e-2f89-45f6-95b4-11b89a2b1c8c
x-runtime: 0.001940
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
465 B 291ms
282ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: d5cccea2-7304-4b8b-92cb-e0ede3033d53
x-runtime: 0.002195
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 290ms
281ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: f7042cc2-3408-4e18-8aa7-5b7577de1646
x-runtime: 0.002251
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 291ms
283ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: ab121d8c-2370-4f75-a496-f77fea1503ca
x-runtime: 0.001121
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 290ms
282ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20browser_version%20%3D%20117&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 67d4a4b9-271e-4da0-8f25-6f91eefc3737
x-runtime: 0.002631
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 379ms
371ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: fa85f151-1817-455c-acf6-b6d51a870db7
x-runtime: 0.002378
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 378ms
371ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: a93088b6-bdde-45c0-a731-74ef0213471a
x-runtime: 0.001928
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
465 B 377ms
370ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 963f174b-1a52-4412-904b-fdaac1a5268a
x-runtime: 0.001716
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
467 B 378ms
371ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 2bd446dd-7d36-4a5f-b996-60ddb7ea383e
x-runtime: 0.001816
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 379ms
372ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 9271000c-983b-4c6b-9bb8-366e47173fd4
x-runtime: 0.001525
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 379ms
372ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 07f7c466-10af-4276-8105-291312a48cfc
x-runtime: 0.002457
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 382ms
375ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: a0e2fc48-7eb5-408f-8f0f-3e47cc2494db
x-runtime: 0.002066
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
465 B 380ms
373ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 2cfd3ff3-f6b5-4f49-859e-86643ca9015e
x-runtime: 0.002955
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
465 B 379ms
373ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: a3afbdc5-8405-4332-bb02-cc13ea1aec45
x-runtime: 0.001473
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
464 B 380ms
374ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 281a90a9-7c11-45b0-ac2b-e979d52215fd
x-runtime: 0.002100
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 382ms
376ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: ebb7b98f-a57c-4259-a4fd-f0773c0009a4
x-runtime: 0.001516
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 385ms
380ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=java_version_pl%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 26b94bfe-1d4d-4047-9538-68133abce22d
x-runtime: 0.006576
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 382ms
377ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: dff058e3-8bf8-4e06-996b-6d4085d40e6e
x-runtime: 0.001667
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 381ms
376ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=java_version_jres%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 582ab878-2ae6-4e68-b050-0c9cd6bf3cec
x-runtime: 0.000990
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
465 B 383ms
378ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=java_version%20%3D%20undefined&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: ead7e890-fb32-43b4-823d-c819fee4e69b
x-runtime: 0.005206
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 387ms
382ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=Loading%20flash%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 3588c40e-5108-4af0-8d28-d38d21b1454c
x-runtime: 0.001163
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 383ms
379ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=flash%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: d946ebc5-9cb7-4af3-8ba5-ef91c6c2a8a1
x-runtime: 0.002211
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 379ms
374ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=Loading%20pdf%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: b97f04a0-9e28-4d38-afd5-b53a060d09f3
x-runtime: 0.001891
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
465 B 381ms
377ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: bee8a681-07b6-47a1-a145-a30093abe65a
x-runtime: 0.001926
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 384ms
380ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=pdf%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 8802c7c6-3bf1-4039-a652-aedaa3a61430
x-runtime: 0.002906
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
465 B 387ms
382ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=Loading%20quicktime%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: ecc57bfc-eae6-4331-9aa9-5e152139acfb
x-runtime: 0.001360
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
465 B 385ms
381ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=quicktime%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: dd4cf289-d140-4876-b2d0-edf13b9b8fa8
x-runtime: 0.004589
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 382ms
378ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=Loading%20RealPlayer%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 8e52fc19-c61a-4144-b634-c77680bc1566
x-runtime: 0.003021
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 383ms
379ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=realplayer%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 34531e71-a3a1-4b76-82ba-3d9f674b06ce
x-runtime: 0.001658
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 383ms
379ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=Loading%20Silverlight%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 66dd60e0-bbfd-435e-a1eb-a81486a9b998
x-runtime: 0.002429
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
465 B 385ms
381ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=silverlight%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 536fe9da-8ed1-44dd-9bd9-beabb08b973e
x-runtime: 0.004228
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 381ms
377ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 6a562fbd-3c9e-496d-9492-fb5fbb92b1ce
x-runtime: 0.001364
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 384ms
381ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=wmp%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: a575ee6c-a373-44e6-a068-b7aab62edc6e
x-runtime: 0.001409
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
466 B 383ms
380ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=training_page_no_browser_post&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 3172c673-8271-49ae-816b-7b77cd7c005c
x-runtime: 0.001528
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
galdin1.payablaccounts.com/ 0
465 B 385ms
382ms Image
text/html 54.91.49.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=redirect_url%20is%20undefined&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Requested by

Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-49-254.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 66fd0934-5caa-44b2-8a56-67612049e1ba
x-runtime: 0.002701
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com:49153/alt_pixel_click_d4b8b9e76f.gif?correlation_id=85965072-2128-44e7-82c2-7af1d9577100

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Phishing Simulation (Internet)

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
galdin1.payablaccounts.com/	1969-12-31 23:59:59	Name: EXFILGUID Value: d4b8b9e76f
galdin1.payablaccounts.com/	1969-12-31 23:59:59	Name: link_clicked_d4b8b9e76f Value: 1
java.com/	1970-01-20 15:12:25	Name: akaalb_OCE_Failover Value: 1696345614~op=JCOM_OCE:oceProdappJcomProdOrigin\|~rv=85~m=oceProdappJcomProdOrigin:0\|~os=2708f36cb43ca861e42dc0215e4669c5~id=16875a569e8e93a507d6f04b698db574
www.java.com/	1970-01-20 15:12:25	Name: akaalb_OCE_Failover Value: 1696345614~op=JCOM_OCE:oceProdappJcomProdOrigin\|~rv=67~m=oceProdappJcomProdOrigin:0\|~os=2708f36cb43ca861e42dc0215e4669c5~id=6515183e6d5863669a89944e05bab455

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
d25q7gseii1o1q.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
galdin1.payablaccounts.com
java.com
tslp.s3.amazonaws.com
www.java.com
galdin1.payablaccounts.com
13.32.23.76
2a00:1450:4001:809::2003
2a00:1450:4001:810::200a
2a00:1450:4001:812::200a
2a02:26f0:480:22::1726:62dd
52.217.124.25
52.222.206.76
54.91.49.254
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381
0d1eb3873024c4c6d8a9a6896ed2af6de80773aa5a0e38e535b459973a05a64e
30dd9f54b34a72d85345adcfa029db1447e2a72a15e9d3e05d9fe4426ac4c1da
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
3665ad6f66b48b096ee543a405fe25fe2bc5d1b59e04f8899a5c398aa783ca5a
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
59c44a4523f0f18b8ffc57200a62fd8dd28626172af385314b29fcfb5f9efd87
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
670e2b3746bace2849346735f48d39f2beb334590d2effdd51146adc04b036ad
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19
6c9853cb4a66acc2d9404ccbe10d598c26ddc66cb4bafdcb59d32cbac92f7bca
73f360f08e8c2a1719c098491e17d53cdaa98d246585bfd0285a2afad75c51a7
7fa32996d892278ee6e151e9fad2d97c2ec9418dadceff7a12eafc5893db2792
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238
8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de
cfa67cfccb850832d87662e2dc5156f37fcac39375b3a760a2adaf76a049360a
d52381aab51cfc91503f9d6fd9805e90f3f70d61c2698b7b832b635a4d4dc735
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef3a8413a1b80d3af4bfabdfe3b37c748345af23590c18ef4719b18d9a1a1f39

galdin1.payablaccounts.com Open in urlscan Pro 54.91.49.254 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

115 Requests

97 %HTTPS

50 %IPv6

6 Domains

9 Subdomains

9 IPs

2 Countries

740 kBTransfer

904 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

galdin1.payablaccounts.com Open in urlscan Pro
54.91.49.254 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

97 %
HTTPS

50 %
IPv6

6
Domains

9
Subdomains

9
IPs

2
Countries

740 kB
Transfer

904 kB
Size

4
Cookies

115 HTTP transactions
0 data transactions