galdin1.payablaccounts.com Open in urlscan Pro
54.91.49.254  Malicious Activity! Public Scan

Submitted URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Effective URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Submission: On October 03 via manual — Scanned from DE

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 115 HTTP transactions. The main IP is 54.91.49.254, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is galdin1.payablaccounts.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 22nd 2023. Valid for: 10 months.
This is the only time galdin1.payablaccounts.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Phishing Simulation (Internet)

Domain & IP information

IP Address AS Autonomous System
82 54.91.49.254 14618 (AMAZON-AES)
20 52.217.124.25 16509 (AMAZON-02)
2 4 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 52.222.206.76 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 13.32.23.76 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
115 9
Apex Domain
Subdomains
Transfer
82 payablaccounts.com
galdin1.payablaccounts.com
120 KB
20 amazonaws.com
tslp.s3.amazonaws.com — Cisco Umbrella Rank: 687942
329 KB
7 cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
d25q7gseii1o1q.cloudfront.net
138 KB
4 java.com
java.com — Cisco Umbrella Rank: 36300
www.java.com — Cisco Umbrella Rank: 106780
13 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
ajax.googleapis.com — Cisco Umbrella Rank: 720
93 KB
1 gstatic.com
fonts.gstatic.com
48 KB
115 6
Domain Requested by
82 galdin1.payablaccounts.com galdin1.payablaccounts.com
20 tslp.s3.amazonaws.com galdin1.payablaccounts.com
5 d25q7gseii1o1q.cloudfront.net galdin1.payablaccounts.com
2 d2wy8f7a9ursnm.cloudfront.net galdin1.payablaccounts.com
2 www.java.com galdin1.payablaccounts.com
2 java.com 2 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 ajax.googleapis.com galdin1.payablaccounts.com
1 fonts.googleapis.com galdin1.payablaccounts.com
115 9

This site contains links to these domains. Also see Links.

Domain
threatsim.com
www.wombatsecurity.com
Subject Issuer Validity Valid
info-week.us
Amazon RSA 2048 M02
2023-02-22 -
2024-01-05
10 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01
2023-03-21 -
2023-12-19
9 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Frame ID: E07C6D2FB1143C4B670A0F8C1C82C2A3
Requests: 115 HTTP requests in this frame

Screenshot

Page Title

You've Been Phished!

Page URL History Show full URLs

  1. https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155 Page URL
  2. https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /bugsnag.*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

115
Requests

97 %
HTTPS

50 %
IPv6

6
Domains

9
Subdomains

9
IPs

2
Countries

740 kB
Transfer

904 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155 Page URL
  2. https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://java.com/js/deployJava.js HTTP 302
  • https://www.java.com/js/deployJava.js
Request Chain 56
  • https://java.com/js/deployJava.js HTTP 302
  • https://www.java.com/js/deployJava.js

115 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
59d4b8bd39e76f11
galdin1.payablaccounts.com/
4 KB
2 KB
Document
General
Full URL
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
d52381aab51cfc91503f9d6fd9805e90f3f70d61c2698b7b832b635a4d4dc735
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 03 Oct 2023 15:05:54 GMT
etag
W/"d52381aab51cfc91503f9d6fd9805e90"
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-host-info
lw-prod-us-i-030c420c3b83554b0 ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-permitted-cross-domain-policies
none
x-request-id
0dceadae-ff21-4d18-b63f-1062d4a4b5b4
x-runtime
0.013425
x-xss-protection
1; mode=block
alt_pixel_click_d4b8b9e76f.gif
galdin1.payablaccounts.com/
0
0

plugin_detect.js
tslp.s3.amazonaws.com/detect/
49 KB
49 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 15:05:55 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 17:56:07 GMT
Server
AmazonS3
x-amz-request-id
NJ16X27DV808M9GY
ETag
"00a513f07603df01e3b99be00f370754"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
50085
x-amz-id-2
SmGW6htXwlOxTnkt2gP432TWlyEAEgCoKAOgNzmjym6pDEJfry7YPnNSxma4DibDRqRw4QcVrao=
java.js
tslp.s3.amazonaws.com/detect/
50 KB
50 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/java.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 15:05:55 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:38:28 GMT
Server
AmazonS3
x-amz-request-id
NJ15S0EZ0T7CVNFZ
ETag
"2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
50717
x-amz-id-2
mjvM7znqDUj1pKnKff+swEA2V5xdylXW3rgX5UxXQHyIi3Q4tRTRLt/1ubnXn0YPEpv9bU4WXs0=
deployJava.js
www.java.com/js/
Redirect Chain
  • https://java.com/js/deployJava.js
  • https://www.java.com/js/deployJava.js
18 KB
6 KB
Script
General
Full URL
https://www.java.com/js/deployJava.js
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Server
2a02:26f0:480:22::1726:62dd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:54 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
akamai-grn
, , , 0.1dd53e17.1696345554.3eddab5
x-oracle-dms-rid
0
content-disposition
attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing
cdn-cache; desc=HIT, edge; dur=15, origin; dur=0, ak_p; desc="1696345554902_389993757_65919669_1446_14193_10_0_182";dur=1
content-length
5512
x-xss-protection
1
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
etag
"D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19"
vary
Accept-Encoding
x-oracle-dms-ecid
0a49ef57-f9e4-4f54-808c-080f670ae5ff-0052a517
content-type
application/javascript
cache-control
public, max-age=86400
expires
Wed, 04 Oct 2023 15:05:54 GMT

Redirect headers

date
Tue, 03 Oct 2023 15:05:54 GMT
x-content-type-options
nosniff
server
AkamaiGHost
akamai-grn
0.1dd53e17.1696345554.3edda11
location
https://www.java.com/js/deployJava.js
cache-control
max-age=86400
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1696345554757_389993757_65919505_32_90034_6_11_182";dur=1
content-length
0
x-xss-protection
1
expires
Wed, 04 Oct 2023 15:05:54 GMT
flash.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/flash.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 15:05:55 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 03:54:01 GMT
Server
AmazonS3
x-amz-request-id
NJ13CWX9K147HN2Q
ETag
"f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
6680
x-amz-id-2
gGcrgzZYgmIXNkKFy0gpG1ahaiiEi0Og25Cp5/Zc4YebzaxIN4Y2wtoRYf7IVs4FALrIqaFDSZ0=
pdf.js
tslp.s3.amazonaws.com/detect/
22 KB
23 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/pdf.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 15:05:55 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:39:34 GMT
Server
AmazonS3
x-amz-request-id
NJ16HS38KYVBT4BB
ETag
"0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
22855
x-amz-id-2
bBLs78FyW0sPdyHqQGoWTXalK0fIZMIckcIR5iP69xINAVRrmSJrrU1Gh1sDDdwIkEOUY/LfIp4=
quicktime.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 15:05:55 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:41:05 GMT
Server
AmazonS3
x-amz-request-id
NJ10NA5HDMX12CJZ
ETag
"ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
6999
x-amz-id-2
F/0sxkzkIkGzVFXI9ODjPelidGgaOpg3MXIGbA25Qq2UF4V2kNSWbeQBDjH5+apfVdJO3OSkLek=
realplayer.js
tslp.s3.amazonaws.com/detect/
10 KB
10 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 15:05:55 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:45:02 GMT
Server
AmazonS3
x-amz-request-id
NJ17K4GDRBGSWDKB
ETag
"3d7be656672c16a34806c13388410325"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
9775
x-amz-id-2
r3IBZkb7iCtAomKmi5bYl1BAYtOJ6NVfSHswTxRd1QO5MqWIvm9e/+lFbCXceJVfotdvNWPo6dI=
silverlight.js
tslp.s3.amazonaws.com/detect/
4 KB
5 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 15:05:56 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 18:00:03 GMT
Server
AmazonS3
x-amz-request-id
KYV1J93Y55E1EPS6
ETag
"e6dd596d2bc204ea573b868b92028c26"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
4234
x-amz-id-2
JNQdOHTwuiXwG35JGbnXTdxOwzQ925IY1xqBM8FxMBhucCrSa7NDa2MngSYyWfDm2e66UPDIbQE=
wmp.js
tslp.s3.amazonaws.com/detect/
6 KB
6 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/wmp.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 15:05:56 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 15:07:14 GMT
Server
AmazonS3
x-amz-request-id
KYV40SE93KN6Z567
ETag
"ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
5941
x-amz-id-2
7Usd9dKHRBSKLVgqNpmR/I8HK+aHBN4tETdMFzdSqn42n0mD4jKgoo1kWTFkKU9oJ75zSw1cElQ=
bugsnag-2.min.js
d2wy8f7a9ursnm.cloudfront.net/
6 KB
3 KB
Script
General
Full URL
https://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-76.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
Date
Mon, 02 Oct 2023 22:33:10 GMT
X-Amz-Cf-Pop
FRA56-P3
Age
59566
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2962
Last-Modified
Wed, 10 Aug 2016 00:30:49 GMT
Server
AmazonS3
ETag
"6103bb5e4ec6141e19e1100caafc780c"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Accept-Ranges
bytes
X-Amz-Cf-Id
7pxng9YwEmUb7KNkkTmOiTii4ThwamQKXppyJB8F5MB2NAxg2aCTSw==
jquery.min.js
galdin1.payablaccounts.com/assets/ajax/libs/jquery/1.9.1/
90 KB
32 KB
Script
General
Full URL
https://galdin1.payablaccounts.com/assets/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:54 GMT
content-encoding
gzip
last-modified
Wed, 26 Jul 2023 14:01:45 GMT
server
ThreatSim-Web-Server
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
expires
Thu, 31 Dec 2037 23:55:55 GMT
all.js
galdin1.payablaccounts.com/assets/
28 KB
7 KB
Script
General
Full URL
https://galdin1.payablaccounts.com/assets/all.js?g=d4b8b9e76f
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:54 GMT
content-encoding
gzip
last-modified
Wed, 26 Jul 2023 14:01:45 GMT
server
ThreatSim-Web-Server
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
content-length
7191
expires
Thu, 31 Dec 2037 23:55:55 GMT
browser_post
galdin1.payablaccounts.com/secure/
0
487 B
XHR
General
Full URL
https://galdin1.payablaccounts.com/secure/browser_post
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/assets/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
6b08f4a8-43b9-4b4b-8a7b-261ab6c1400e
x-runtime
0.025266
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding, Accept
x-frame-options
SAMEORIGIN
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
b14cbcad-5148-4ab2-aa39-e023bf4d76b4
x-runtime
0.002162
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
949b84a0-790e-4a16-950a-3b438d41f126
x-runtime
0.002171
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
4ad484af-2e2f-4913-adf2-d2bfe87a2b32
x-runtime
0.002373
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
06f72773-2fad-437a-b165-513192bbeaa0
x-runtime
0.001467
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
465 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20browser_version%20%3D%20117&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
d4dd77a3-ef42-40a4-8dc7-8e9d83120f0d
x-runtime
0.003651
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
465 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
6729e8b8-6aa5-4ac8-901f-2c4cefb58215
x-runtime
0.002812
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
e7d3d6fa-8432-4ebe-9cd4-de5d2de5b3ef
x-runtime
0.001846
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
467 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
b06d5389-c5b6-447d-b364-4338686419cd
x-runtime
0.002584
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
465 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
cbcc5525-3402-4c50-afa6-903af98998a7
x-runtime
0.001934
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
a678a251-b9fe-4af6-9e58-4c81206f47fd
x-runtime
0.001906
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
4eb91a53-6ead-4757-a0a5-dea5590bf71d
x-runtime
0.001668
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
2981d186-c2a1-4e73-8245-76cec0e3edf6
x-runtime
0.002310
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
467 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
4a829774-ccb3-4d46-98a2-ffb3063f5f5f
x-runtime
0.001892
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
465 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
f991be67-e1c2-4ac5-9541-b51db2dcece5
x-runtime
0.001720
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
465 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
84a451fa-07fc-4fbd-8ed4-5b8205609833
x-runtime
0.001637
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
7315cb6b-091a-495b-a96c-e7ac49dd5386
x-runtime
0.001703
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=java_version_pl%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
8e24f1f9-6d24-4bae-ae3a-8e5af44fd561
x-runtime
0.005367
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
467 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
54f6de42-dc73-4797-9da5-b1934842088b
x-runtime
0.001135
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=java_version_jres%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
d08d8803-0482-487e-9bdd-7030ebc67312
x-runtime
0.002116
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=java_version%20%3D%20undefined&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
ef6fb935-510e-441e-8183-9fea5fa0ecac
x-runtime
0.007663
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=Loading%20flash%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
03a72130-e5bf-4a03-9d48-596bc45a0d4a
x-runtime
0.002495
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
465 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=flash%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
41c6026a-7e20-4359-838d-4acb8db43690
x-runtime
0.001157
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=Loading%20pdf%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
da9eb5b7-45b1-4d3c-b814-f96c9fa89c43
x-runtime
0.003995
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
580058e5-4aa1-4e56-ac2b-4cc59cad4ba9
x-runtime
0.001297
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=pdf%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
a45314af-cd89-48d9-a2c3-b5293bcbafbf
x-runtime
0.001409
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
465 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=Loading%20quicktime%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
3dbcc03c-2f85-4fdd-a089-97fa417ee869
x-runtime
0.001414
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
465 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=quicktime%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
1389ecfd-0c17-46e4-9e35-b6be3e33ce92
x-runtime
0.001831
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
465 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=Loading%20RealPlayer%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
7495a0ce-42a6-4180-8af2-da27b2da1a5c
x-runtime
0.001403
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=realplayer%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
132a8d32-a074-48a9-b32d-7f466119028f
x-runtime
0.001775
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=Loading%20Silverlight%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
ab3b93f4-5c9c-47ce-97e7-2c9fca46ada9
x-runtime
0.001074
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=silverlight%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
e16d6a81-b509-4d0c-b265-b676d8623d5e
x-runtime
0.001520
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
465 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
0bb37340-4851-4439-a6ce-ddc717ae9d97
x-runtime
0.001225
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=wmp%20%3D%20unknown&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
44c441dd-ea36-4f81-b549-7d2263e28348
x-runtime
0.002026
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=redirecting%20to%20%2Fload_training%3Fguid%3Dcdd4b8b3a9e76f53%26correlation_id%3D85965072-2128-44e7-82c2-7af1d9577100&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
8de324f7-6c04-49d7-bf0e-912705813c33
x-runtime
0.001785
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=d4b8b9e76f&msg=browser_post_successful&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
7030584e-3633-4ba7-ad3b-69ec019682c1
x-runtime
0.001098
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
Primary Request load_training
galdin1.payablaccounts.com/
15 KB
5 KB
Document
General
Full URL
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/assets/all.js?g=d4b8b9e76f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
59c44a4523f0f18b8ffc57200a62fd8dd28626172af385314b29fcfb5f9efd87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://galdin1.payablaccounts.com/59d4b8bd39e76f11?l=155
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 03 Oct 2023 15:05:56 GMT
etag
W/"59c44a4523f0f18b8ffc57200a62fd8d"
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-host-info
lw-prod-us-i-02496d026cef5be1a ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-permitted-cross-domain-policies
none
x-request-id
2ee19d8f-21e9-4c90-bf67-78a2b2554099
x-runtime
0.015445
x-xss-protection
1; mode=block
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,600,700
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7fa32996d892278ee6e151e9fad2d97c2ec9418dadceff7a12eafc5893db2792
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 03 Oct 2023 15:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:05:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 03 Oct 2023 15:05:56 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/
91 KB
92 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 12:30:37 GMT
x-content-type-options
nosniff
age
9319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93636
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Oct 2024 12:30:37 GMT
bugsnag-2.min.js
d2wy8f7a9ursnm.cloudfront.net/
6 KB
3 KB
Script
General
Full URL
https://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-76.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
Date
Mon, 02 Oct 2023 22:33:10 GMT
X-Amz-Cf-Pop
FRA56-P3
Age
59568
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2962
Last-Modified
Wed, 10 Aug 2016 00:30:49 GMT
Server
AmazonS3
ETag
"6103bb5e4ec6141e19e1100caafc780c"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Accept-Ranges
bytes
X-Amz-Cf-Id
CM321oImbNSUJbKpynBMRP0_b7YSLLsXBmyXcksbDAJxK4QvYKyMSg==
jquery.min.js
galdin1.payablaccounts.com/assets/ajax/libs/jquery/1.11.0/
94 KB
33 KB
Script
General
Full URL
https://galdin1.payablaccounts.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:56 GMT
content-encoding
gzip
last-modified
Wed, 26 Jul 2023 14:01:45 GMT
server
ThreatSim-Web-Server
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
expires
Thu, 31 Dec 2037 23:55:55 GMT
plugin_detect.js
tslp.s3.amazonaws.com/detect/
49 KB
49 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 17:56:07 GMT
Server
AmazonS3
x-amz-request-id
MW4NWAH848NASDG6
ETag
"00a513f07603df01e3b99be00f370754"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
50085
x-amz-id-2
OkitLLdaN40Q+2/FeAF/+I6jmR4Um+BysAUApmUr3Xxca3bWL/YbIQGkyNC9jQprQY7DRYkpMRE=
java.js
tslp.s3.amazonaws.com/detect/
50 KB
50 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/java.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:38:28 GMT
Server
AmazonS3
x-amz-request-id
MW4NP7EG0DYCNKBH
ETag
"2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
50717
x-amz-id-2
7R3r2Pk8+A3K8EIUJwDxCp686qXJ6ejqOwrv0PDEJ2Nq9zxn8pz52ilB5fUy48nAz4eDJNLTRCw=
deployJava.js
www.java.com/js/
Redirect Chain
  • https://java.com/js/deployJava.js
  • https://www.java.com/js/deployJava.js
18 KB
6 KB
Script
General
Full URL
https://www.java.com/js/deployJava.js
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Server
2a02:26f0:480:22::1726:62dd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
akamai-grn
, , , 0.1dd53e17.1696345556.3ede2cf
x-oracle-dms-rid
0
content-disposition
attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1696345556351_389993757_65921743_292_18327_9_0_219";dur=1
content-length
5512
x-xss-protection
1
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
etag
"D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19"
vary
Accept-Encoding
x-oracle-dms-ecid
0a49ef57-f9e4-4f54-808c-080f670ae5ff-0052a517
content-type
application/javascript
cache-control
public, max-age=86400
expires
Wed, 04 Oct 2023 15:05:56 GMT

Redirect headers

date
Tue, 03 Oct 2023 15:05:56 GMT
x-content-type-options
nosniff
server
AkamaiGHost
akamai-grn
0.1dd53e17.1696345556.3ede293
location
https://www.java.com/js/deployJava.js
cache-control
max-age=86400
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1696345556313_389993757_65921683_23_17604_9_0_219";dur=1
content-length
0
x-xss-protection
1
expires
Wed, 04 Oct 2023 15:05:56 GMT
flash.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/flash.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 03:54:01 GMT
Server
AmazonS3
x-amz-request-id
MW4VYG96RNTMK47Q
ETag
"f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
6680
x-amz-id-2
9HHS/4p2+xt4N6tBWwllPU7ELppEK1ipSbQkZ4/A1vVYo+hK5Dn9zt8PvqduDI7pJqHx/rFOxWU=
pdf.js
tslp.s3.amazonaws.com/detect/
22 KB
23 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/pdf.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:39:34 GMT
Server
AmazonS3
x-amz-request-id
MW4X0GAK7METWS4J
ETag
"0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
22855
x-amz-id-2
soVvdXOxrYaeJ1Qgz3Ut62nCGt5WPli/DXpECBmarCVAtQjamsN4XcScVQr0bnSrtM2U9tOoH3c=
quicktime.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:41:05 GMT
Server
AmazonS3
x-amz-request-id
MW4R6RS5X702FVK3
ETag
"ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
6999
x-amz-id-2
0g8MrKgDdGo4w0Dxfz26cAiai37Jwdw8sqFLYx7qb9XKgAlkVllMtcQMvleAbR6lQWNI6ycNDjc=
realplayer.js
tslp.s3.amazonaws.com/detect/
10 KB
10 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:45:02 GMT
Server
AmazonS3
x-amz-request-id
MW4K6P6MKJS6VWW6
ETag
"3d7be656672c16a34806c13388410325"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
9775
x-amz-id-2
cjqN8doJa0YO9FOicNA926qY0yVf19v+iPH8HY3AYVYbDRmwKRsufECT/h5Qv5Qa/O7SrDb4IJg=
silverlight.js
tslp.s3.amazonaws.com/detect/
4 KB
5 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 18:00:03 GMT
Server
AmazonS3
x-amz-request-id
MW4WYN6NF11HM001
ETag
"e6dd596d2bc204ea573b868b92028c26"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
4234
x-amz-id-2
tG96CsfJiRyVoYg//jJ5CIaU40yfwlQOqGKqtI8mjRbeVmYjiNML8uEmf7xdEOvNkkUsqthDjQU=
wmp.js
tslp.s3.amazonaws.com/detect/
6 KB
6 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/wmp.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 15:07:14 GMT
Server
AmazonS3
x-amz-request-id
MW4KM4ZENYHNK90F
ETag
"ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
5941
x-amz-id-2
rr+SeZUlvmL8xTZtlJxuMB4mwT+WxUlFTNq14KQWFuyq8ZPqTrGvUG3oD0Ht+JS39ysKAkQGHpY=
dude.png
d25q7gseii1o1q.cloudfront.net/training/three_key_tips/
95 KB
96 KB
Image
General
Full URL
https://d25q7gseii1o1q.cloudfront.net/training/three_key_tips/dude.png
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-76.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
670e2b3746bace2849346735f48d39f2beb334590d2effdd51146adc04b036ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 09:11:03 GMT
Via
1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
Last-Modified
Fri, 30 May 2014 22:06:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C2
Age
21294
ETag
"bb6b4648d9323b897531f4c4de68d5f8"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
97463
X-Amz-Cf-Id
rxeSmaBfa7JwJb-hodl4u4NgoEr-8pg4RHXDyagafh7h88_qAp_uBA==
security.png
d25q7gseii1o1q.cloudfront.net/training/three_key_tips/
8 KB
9 KB
Image
General
Full URL
https://d25q7gseii1o1q.cloudfront.net/training/three_key_tips/security.png
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-76.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30dd9f54b34a72d85345adcfa029db1447e2a72a15e9d3e05d9fe4426ac4c1da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 06:16:52 GMT
Via
1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
Last-Modified
Fri, 30 May 2014 22:07:52 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C2
Age
32668
ETag
"fcaec9fd5786787b90bb0012daf1ed40"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8560
X-Amz-Cf-Id
UEX8tofRLMJpPNum_qZwoh5WhtMrGI4oeO2zKjmrf-C0NDHeLk8Paw==
search.png
d25q7gseii1o1q.cloudfront.net/training/three_key_tips/
4 KB
4 KB
Image
General
Full URL
https://d25q7gseii1o1q.cloudfront.net/training/three_key_tips/search.png
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-76.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3665ad6f66b48b096ee543a405fe25fe2bc5d1b59e04f8899a5c398aa783ca5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 07:46:08 GMT
Via
1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
Last-Modified
Fri, 30 May 2014 22:07:52 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C2
Age
26389
ETag
"2c7bc083aaa2e61bf7befdf12bbcf70c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3661
X-Amz-Cf-Id
OjLuFt9s8qQNkKfGxHCMullsygnHcUOWJpMoRvdeVdYAn2PMKVBtCQ==
user-group.png
d25q7gseii1o1q.cloudfront.net/training/three_key_tips/
12 KB
12 KB
Image
General
Full URL
https://d25q7gseii1o1q.cloudfront.net/training/three_key_tips/user-group.png
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-76.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c9853cb4a66acc2d9404ccbe10d598c26ddc66cb4bafdcb59d32cbac92f7bca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 09:11:03 GMT
Via
1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
Last-Modified
Fri, 30 May 2014 22:07:52 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C2
Age
21294
ETag
"26e2a6551d162038ff39bf06633ff724"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12047
X-Amz-Cf-Id
10jqBNeLzKvsa-W8vbMEwWsCRyF8wYfkRoPg037qqfHwPrr27ISVrw==
language.18071.js
tslp.s3.amazonaws.com/languages/
8 KB
8 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/languages/language.18071.js
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
73f360f08e8c2a1719c098491e17d53cdaa98d246585bfd0285a2afad75c51a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id
U_kpSjDDW4npfowvZPZnd2_aKVkUaKPA
Last-Modified
Fri, 26 Aug 2022 14:07:38 GMT
Server
AmazonS3
x-amz-request-id
MW4V87P6FAWAGVRW
ETag
"8b9a9d305bd69c962b600c08f3c69edf"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
8207
x-amz-id-2
6gCTsmeCXjuRgKY13hBG+OQ1nar4h8eKpGvzn6f+rl+r8mF0wA99dluCLnaQFBFG0wKodZhiQD8=
training.js
tslp.s3.amazonaws.com/assets/js/
352 B
811 B
Script
General
Full URL
https://tslp.s3.amazonaws.com/assets/js/training.js
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id
6KvPBARKn9Wl5VW3Hl_LtK2bIq68QrGH
Last-Modified
Fri, 26 Aug 2022 14:07:38 GMT
Server
AmazonS3
x-amz-request-id
MW4YND44EHN4F1YT
ETag
"029ab28ca3c245dc425e3f3f6599d480"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
352
x-amz-id-2
27JXQk2yYMWMp4KBwuiYICp8vT0Uf02IQvYSwgSj980f0fYDvOE1lFVjGmTpsHEdSsr9YBmcP8o=
all.js
galdin1.payablaccounts.com/assets/
28 KB
7 KB
Script
General
Full URL
https://galdin1.payablaccounts.com/assets/all.js?guid=d4b8b9e76f&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:56 GMT
content-encoding
gzip
last-modified
Wed, 26 Jul 2023 14:01:45 GMT
server
ThreatSim-Web-Server
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
content-length
7191
expires
Thu, 31 Dec 2037 23:55:55 GMT
bg.png
d25q7gseii1o1q.cloudfront.net/training/three_key_tips/
10 KB
10 KB
Image
General
Full URL
https://d25q7gseii1o1q.cloudfront.net/training/three_key_tips/bg.png
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-76.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef3a8413a1b80d3af4bfabdfe3b37c748345af23590c18ef4719b18d9a1a1f39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 07:08:31 GMT
Via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
Last-Modified
Fri, 30 May 2014 22:05:42 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C2
Age
30888
ETag
"fc8cac7fd4d7fdb1d37804580f8f66bf"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10120
X-Amz-Cf-Id
wdqx17olUkFy5PJNk913PKRivGEd9NucBFH4o02cKcAjupvMNFYxig==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://galdin1.payablaccounts.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 18:17:53 GMT
x-content-type-options
nosniff
age
420483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Sep 2024 18:17:53 GMT
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
e78c5656-6806-46cd-9c58-d65eb9eb8e1b
x-runtime
0.001991
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
8313b2c7-f844-4c76-a4e9-7db917a6d334
x-runtime
0.001670
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
cd19d3d2-42b4-4273-9cfe-bc521e887fd5
x-runtime
0.001312
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
lang_en-US.json
tslp.s3.amazonaws.com/languages/oh_snap_youve_been_phished/
2 KB
2 KB
XHR
General
Full URL
https://tslp.s3.amazonaws.com/languages/oh_snap_youve_been_phished/lang_en-US.json
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0d1eb3873024c4c6d8a9a6896ed2af6de80773aa5a0e38e535b459973a05a64e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://galdin1.payablaccounts.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 15:05:58 GMT
x-amz-version-id
DdBVW8dNC8jpuLHfK53lUYQecBi3ExL0
Last-Modified
Wed, 26 Jul 2023 17:07:33 GMT
Server
AmazonS3
x-amz-request-id
TN6W07HAPBB9YS5D
ETag
"d20af1845489bdc59ec1ab95c0c607ae"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Content-Type
application/json
Accept-Ranges
bytes
Content-Length
1749
x-amz-id-2
zUA73y5ieJryEFYpmLTBls79NIzcsC2nI7c8OD11lgjTSwhFR3BGp4vf9OGVHNCVyT/VQdEyaYo=
log
galdin1.payablaccounts.com/
0
475 B
Image
General
Full URL
https://galdin1.payablaccounts.com/log?id=d4b8b9e76f&campaign_guid=17b94a6dc6&msg=logo_object%20exists
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
4024b321-8a8e-4231-a94c-441928baa7cf
x-runtime
0.002041
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
log
galdin1.payablaccounts.com/
0
476 B
Image
General
Full URL
https://galdin1.payablaccounts.com/log?id=d4b8b9e76f&campaign_guid=17b94a6dc6&msg=window.account_logo%20is%20set%20to%20https%3A%2F%2Ftslp.s3.amazonaws.com%2Fprod%2F304923e3-9cd3-4%2FMjM3NDYtZ29.jpg
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
81995653-790b-40e1-87b7-4e6e2c5ac219
x-runtime
0.001529
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
MjM3NDYtZ29.jpg
tslp.s3.amazonaws.com/prod/304923e3-9cd3-4/
3 KB
4 KB
Image
General
Full URL
https://tslp.s3.amazonaws.com/prod/304923e3-9cd3-4/MjM3NDYtZ29.jpg
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.124.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cfa67cfccb850832d87662e2dc5156f37fcac39375b3a760a2adaf76a049360a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Tue, 03 Oct 2023 15:05:57 GMT
x-amz-version-id
Iq1Qc6fJxV7h_Shh1uejVg0L2biVMXgs
Last-Modified
Wed, 24 May 2023 23:42:05 GMT
Server
AmazonS3
x-amz-request-id
MW4RY54QZJJBWEAQ
ETag
"dff48cd5e357c084e8ffbce898b2f7b3"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3563
x-amz-id-2
1ecdGfyvI8xuwa3t86Wx3geLZcJe0SKwq4f4y6liF3MwTWdpxYuCxrUVQF70S0C94boswye0M4M=
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
8d12c96e-2f89-45f6-95b4-11b89a2b1c8c
x-runtime
0.001940
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
465 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
d5cccea2-7304-4b8b-92cb-e0ede3033d53
x-runtime
0.002195
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
f7042cc2-3408-4e18-8aa7-5b7577de1646
x-runtime
0.002251
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
ab121d8c-2370-4f75-a496-f77fea1503ca
x-runtime
0.001121
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20browser_version%20%3D%20117&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
67d4a4b9-271e-4da0-8f25-6f91eefc3737
x-runtime
0.002631
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
fa85f151-1817-455c-acf6-b6d51a870db7
x-runtime
0.002378
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
a93088b6-bdde-45c0-a731-74ef0213471a
x-runtime
0.001928
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-04194f02c10088e67, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
465 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
963f174b-1a52-4412-904b-fdaac1a5268a
x-runtime
0.001716
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-0e4cee80cd5fe0c5c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
467 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
2bd446dd-7d36-4a5f-b996-60ddb7ea383e
x-runtime
0.001816
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
9271000c-983b-4c6b-9bb8-366e47173fd4
x-runtime
0.001525
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-02496d026cef5be1a, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.49.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-49-254.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
07f7c466-10af-4276-8105-291312a48cfc
x-runtime
0.002457
referrer-policy
strict-origin-when-cross-origin
server
ThreatSim-Web-Server
x-host-info
lw-prod-us-i-030c420c3b83554b0, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
trace
galdin1.payablaccounts.com/
0
466 B
Image
General
Full URL
https://galdin1.payablaccounts.com/trace?id=cdd4b8b3a9e76f53&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Requested by
Host: galdin1.payablaccounts.com
URL: https://galdin1.payablaccounts.com/load_training?guid=cdd4b8b3a9e76f53&correlation_id=85965072-2128-44e7-82c2-7af1d9577100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server