urlscan.io logo urlscan.io
SecurityTrails logo

instructions.itpatches.com Open in urlscan Pro
54.83.101.48  Public Scan

Go To Rescan Add Verdict Report
URL: https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/
Submission: On December 02 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 8 domains to perform 31 HTTP transactions. The main IP is 54.83.101.48, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is instructions.itpatches.com.
TLS certificate: Issued by R3 on November 6th 2021. Valid for: 3 months.
This is the only time instructions.itpatches.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    54.83.101.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-101-48.compute-1.amazonaws.com
instructions.itpatches.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
3    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
13    13.32.29.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-26.fra56.r.cloudfront.net
images.pmeimg.com
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    151.101.192.217 (United States)

ASN54113 (FASTLY, US)
player.vimeo.com
5    151.101.114.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.vimeocdn.com
f.vimeocdn.com
1    151.101.0.217 (United States)

ASN54113 (FASTLY, US)
vimeo.com
2    34.120.202.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.202.120.34.bc.googleusercontent.com
fresnel.vimeocdn.com
Domain Requested by
13 images.pmeimg.com instructions.itpatches.com
3 f.vimeocdn.com player.vimeo.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
instructions.itpatches.com
3 instructions.itpatches.com instructions.itpatches.com
2 fresnel.vimeocdn.com f.vimeocdn.com
2 i.vimeocdn.com player.vimeo.com
1 vimeo.com f.vimeocdn.com
1 player.vimeo.com instructions.itpatches.com
1 stats.g.doubleclick.net www.google-analytics.com
1 code.jquery.com instructions.itpatches.com
1 www.googletagmanager.com instructions.itpatches.com
31 11

This site contains links to these domains. Also see Links.

Domain
in.accenture.com
go.accenture.com
mylearning.accenture.com
Subject Issuer Validity Valid
*.itpatches.com
R3		 2021-11-06 -
2022-02-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
pmeimg.com
Amazon		 2021-08-21 -
2022-09-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.vimeo.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-09-15 -
2022-10-17		 a year crt.sh
*.vimeocdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-18 -
2022-06-19		 a year crt.sh
fresnel.vimeocdn.com
GTS CA 1D4		 2021-10-19 -
2022-01-17		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/
Frame ID: 5B438A208B3B92017609666186972D96
Requests: 22 HTTP requests in this frame

Frame: https://player.vimeo.com/video/218520729?title=0&byline=0&portrait=0&autoplay=0&autopause=0
Frame ID: 619F23D898B595CEDF9ED3C51B164AF9
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Phishing

Page Statistics

31
Requests

100 %
HTTPS

40 %
IPv6

8
Domains

11
Subdomains

10
IPs

4
Countries

1768 kB
Transfer

2757 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/ 		113 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.83.101.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-101-48.compute-1.amazonaws.com
Software
Apache /
Resource Hash
91cfe57992509d3832cbc58e037d21af41b48af97290a8be16269ca183aa6928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
http://landing.phishme.com
Cache-Control
no-store
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Dec 2021 05:07:37 GMT
ETag
W/"91cfe57992509d3832cbc58e037d21af-gzip"
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
Status
200 OK
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Download-Options
noopen noopen
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
13d98218-2f3f-4dac-81c0-f143bc9b7149
X-Runtime
0.054773
X-XSS-Protection
1; mode=block
Content-Length
14445
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-126808791-4
Requested by
Host: instructions.itpatches.com
URL: https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c5ae5a8bda6c78c09031c95a788e2fb625d95a7ae47c47fa0080ab370d9ac462
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://instructions.itpatches.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:07:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36140
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Dec 2021 05:07:37 GMT
jquery-latest.min.js
instructions.itpatches.com/javascripts/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://instructions.itpatches.com/javascripts/jquery-latest.min.js
Requested by
Host: instructions.itpatches.com
URL: https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.83.101.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-101-48.compute-1.amazonaws.com
Software
Apache /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 05:07:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 08:56:19 GMT
Server
Apache
ETag
"15851-5d0e4194ab2c0-gzip"
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
http://landing.phishme.com
Cache-Control
max-age=0
Accept-Ranges
bytes
Content-Length
30677
Expires
Thu, 02 Dec 2021 05:07:37 GMT
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: instructions.itpatches.com
URL: https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://instructions.itpatches.com/
Origin
https://instructions.itpatches.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:07:37 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 23:02:39 GMT
server
nginx
etag
W/"5eb09f0f-15d84"
vary
Accept-Encoding
x-hw
1638421657.dop209.ml1.t,1638421657.cds201.ml1.hn,1638421657.cds001.ml1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126808791-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://instructions.itpatches.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5554
date
Thu, 02 Dec 2021 03:35:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 02 Dec 2021 05:35:03 GMT
jquery.periodicalupdater.js
images.pmeimg.com/javascripts/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://images.pmeimg.com/javascripts/jquery.periodicalupdater.js
Requested by
Host: instructions.itpatches.com
URL: https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-26.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://instructions.itpatches.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
jquery.periodicalupdater.js
instructions.itpatches.com/javascripts/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://instructions.itpatches.com/javascripts/jquery.periodicalupdater.js
Requested by
Host: instructions.itpatches.com
URL: https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.83.101.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-101-48.compute-1.amazonaws.com
Software
Apache /
Resource Hash
850ebab175e20015432217d462b446fd904cc7e90ae8c0339212053481163969

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 05:07:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Nov 2021 08:56:19 GMT
Server
Apache
ETag
"1a02-5d0e4194ab2c0-gzip"
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
http://landing.phishme.com
Cache-Control
max-age=0
Accept-Ranges
bytes
Content-Length
2221
Expires
Thu, 02 Dec 2021 05:07:37 GMT
ed_dec-ab646543.png
images.pmeimg.com/public/user_assets/6f7247b5-130b-4a5e-85ae-5803c3fc128f/ 		275 KB
275 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.pmeimg.com/public/user_assets/6f7247b5-130b-4a5e-85ae-5803c3fc128f/ed_dec-ab646543.png
Requested by
Host: instructions.itpatches.com
URL: https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-26.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
358a2cef510b8f0518ab423ac0888e99272b0160c6e57736a0f7bdae061fa6f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://instructions.itpatches.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:07:37 GMT
via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
last-modified
Mon, 29 Nov 2021 18:44:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"109411d1ed36d960045f32f9b89f48c0"
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
281401
x-amz-cf-id
YUuhvaiuMUgjyVB4vQr0fsH2YXrZAiF0CTtNf1Cr2mhY4eyYzs2s3g==
report-phising-c355efa9.png
images.pmeimg.com/public/user_assets/30a4241c-3e7e-48f6-a7b8-04edcc63bb3b/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.pmeimg.com/public/user_assets/30a4241c-3e7e-48f6-a7b8-04edcc63bb3b/report-phising-c355efa9.png
Requested by
Host: instructions.itpatches.com
URL: https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-26.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e1fb14c94ae5a81173b8c528ad70302179c135d8a7562eb26fffb8d85875891

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://instructions.itpatches.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:07:37 GMT
via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
last-modified
Wed, 19 Dec 2018 21:26:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"1f3e9e19e0c9fa088c54ff678fd5d0fb"
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
6410
x-amz-cf-id
c2B1ilBRID3LbTna5Xn4GLPo5yP5TcKssXgGtmUsshhIccKQTy7g8g==
phishing-93a0dd82.jpg
images.pmeimg.com/public/user_assets/2086e0bb-0a93-4824-bba1-1a7be2d1b1c2/ 		265 KB
266 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.pmeimg.com/public/user_assets/2086e0bb-0a93-4824-bba1-1a7be2d1b1c2/phishing-93a0dd82.jpg
Requested by
Host: instructions.itpatches.com
URL: https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-26.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c0944f3bf0744243f5452c452e75e78e49cc7602868f7359cac04162b86c4ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://instructions.itpatches.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:07:37 GMT
via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
last-modified
Wed, 01 Sep 2021 20:25:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"0ee26fd91c2b6e3cd4f65c94cb15a9bc"
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
271609
x-amz-cf-id
GAugwsa05eURmV_euuy7Z3jPZQdBrnN18UGxfLTGGoKF0yu1C9W12g==
phishingresultsimage_resized-71eae046.jpg
images.pmeimg.com/public/user_assets/7ecc0f6a-20eb-48f8-9ccc-3fb625dbd564/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.pmeimg.com/public/user_assets/7ecc0f6a-20eb-48f8-9ccc-3fb625dbd564/phishingresultsimage_resized-71eae046.jpg
Requested by
Host: instructions.itpatches.com
URL: https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-26.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24c2773f43c18fe67a4a2ade64373a025e2a37e654d8b779ef97e05f15796966

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://instructions.itpatches.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:07:37 GMT
via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2019 12:57:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"24c34693534a6ea05d3bef0db06fdc23"
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
17364
x-amz-cf-id
U6FxEQ-F9cQ3Q6okl6OGNG1s1nXFrZar3jMFAHSsaW5acnofFykrUg==
catchaphish_titlescreen_v2-ce86668e.png
images.pmeimg.com/public/user_assets/7ecc0f6a-20eb-48f8-9ccc-3fb625dbd564/ 		491 KB
492 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.pmeimg.com/public/user_assets/7ecc0f6a-20eb-48f8-9ccc-3fb625dbd564/catchaphish_titlescreen_v2-ce86668e.png
Requested by
Host: instructions.itpatches.com
URL: https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-26.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9ed62e0c6c218484c8bde74490e1cecb0b93b6dd0e7788d55ce887e0444711c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://instructions.itpatches.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:07:37 GMT
via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
last-modified
Tue, 28 Apr 2020 15:14:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"bdcb31b1fc31fa8acae90c783b7321f7"
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
502440
x-amz-cf-id
dyuLdzHZaPzglWZ1DEjA3rPBFXZzxO5LTU7WygoI1_taJVVi8X5Row==
se_plus_logo_banner-a59b69f9.png
images.pmeimg.com/public/user_assets/ec3d95fa-3fc8-4edb-91d0-d16f6090070d/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.pmeimg.com/public/user_assets/ec3d95fa-3fc8-4edb-91d0-d16f6090070d/se_plus_logo_banner-a59b69f9.png?q=1630528255103
Requested by
Host: instructions.itpatches.com
URL: https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-26.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b3b4c43f0425cbcbc3ae1338a0df532ba4df25964f1d1fb7c04277e9b05a350

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://instructions.itpatches.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:07:37 GMT
via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
last-modified
Wed, 26 May 2021 03:33:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"d84abcd892aabb218c6e097d84ed5896"
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
77851
x-amz-cf-id
SDk7PW3IavNk57hKxEioGqNdwGv0RCtsh7arZMStF7gUMIg_AwfhQQ==
stay-vigilant-f385cf99.png
images.pmeimg.com/public/user_assets/30a4241c-3e7e-48f6-a7b8-04edcc63bb3b/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.pmeimg.com/public/user_assets/30a4241c-3e7e-48f6-a7b8-04edcc63bb3b/stay-vigilant-f385cf99.png
Requested by
Host: instructions.itpatches.com
URL: https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-26.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
db666cd5384502bdfb46e04e7a604637ff1ca31c73281aad93651e69aa97f787

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://instructions.itpatches.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:07:37 GMT
via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
last-modified
Wed, 19 Dec 2018 21:33:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"9ffb08b49b8244e87da36bb262918cc9"
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
15171
x-amz-cf-id
DcV7R3idveG_y9yjvC4gOQqGskuc1mNPW3Yu56UaYo2PC1wm34oeyA==
arrow-right-8265bb56.png
images.pmeimg.com/public/user_assets/30a4241c-3e7e-48f6-a7b8-04edcc63bb3b/ 		257 B
565 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.pmeimg.com/public/user_assets/30a4241c-3e7e-48f6-a7b8-04edcc63bb3b/arrow-right-8265bb56.png
Requested by
Host: instructions.itpatches.com
URL: https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-26.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
82f3e0729b69fa41816b709f347ae9c63b85e33e005505886e3bdd7aaae03452

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://instructions.itpatches.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:07:37 GMT
via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
last-modified
Wed, 19 Dec 2018 21:34:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"5da1ebc1d80f5988b121bf38deb73429"
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
257
x-amz-cf-id
dV4USiOpeYNeFZjWCLHsFRnNcYZryTdSC32k2Byt4EtxDQcp7ba5lQ==
collect
www.google-analytics.com/j/ 		2 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1799497431&t=pageview&_s=1&dl=https%3A%2F%2Finstructions.itpatches.com%2F6ae5b7%2F175fe597-8f71-4357-8e8e-7a55284b7503%2F%3F&ul=en-us&de=UTF-8&dt=PhishMe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2050423507&gjid=381029903&cid=1886302124.1638421658&tid=UA-126808791-4&_gid=1888489810.1638421658&_r=1&gtm=2ouba1&z=888717271
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://instructions.itpatches.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 05:07:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://instructions.itpatches.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1799497431&t=pageview&_s=2&dl=https%3A%2F%2Finstructions.itpatches.com%2F6ae5b7%2F175fe597-8f71-4357-8e8e-7a55284b7503%2F%3F&ul=en-us&de=UTF-8&dt=PhishMe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=1886302124.1638421658&tid=UA-126808791-4&_gid=1888489810.1638421658&gtm=2ouba1&z=967649985
Requested by
Host: instructions.itpatches.com
URL: https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://instructions.itpatches.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 21:56:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25864
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-126808791-4&cid=1886302124.1638421658&jid=2050423507&gjid=381029903&_gid=1888489810.1638421658&_u=YEBAAUAAAAAAAC~&z=1935985215
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://instructions.itpatches.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 02 Dec 2021 05:07:37 GMT
content-type
text/plain
access-control-allow-origin
https://instructions.itpatches.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
218520729
player.vimeo.com/video/ Frame 619F 		14 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/218520729?title=0&byline=0&portrait=0&autoplay=0&autopause=0
Requested by
Host: instructions.itpatches.com
URL: https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5b5893f3359688fcc8bba5cd7c581b797b128612facc9aad39690bd26e543660
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://instructions.itpatches.com/

Response headers

Connection
keep-alive
Content-Length
9840
Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Thu, 02 Dec 2021 05:16:36 GMT
Via
1.1 varnish, 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
1
X-VServer
infra-playproxy-b-1
X-Vimeo-DC
ge
Accept-Ranges
bytes
Date
Thu, 02 Dec 2021 05:07:37 GMT
Age
0
X-Served-By
cache-hhn4031-HHN
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1638421658.839363,VS0,VE107
Vary
Accept-Encoding
X-Player-Backend
p
youve-been-phished-caf9f122.jpg
images.pmeimg.com/public/user_assets/30a4241c-3e7e-48f6-a7b8-04edcc63bb3b/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.pmeimg.com/public/user_assets/30a4241c-3e7e-48f6-a7b8-04edcc63bb3b/youve-been-phished-caf9f122.jpg
Requested by
Host: instructions.itpatches.com
URL: https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-26.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f99c596f000e5cf7d4d40cf006992955525c0d27663d325ff00576694ab6bdcc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://instructions.itpatches.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:07:37 GMT
via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
last-modified
Wed, 19 Dec 2018 21:36:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"7945ea57a10c069d0cd128f15cb352a0"
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
66044
x-amz-cf-id
DQ9ViCrHrcZtbDyWNN6x9G8bpy8qMLCfqExXySP5cYieG-OdbQqPmA==
phishing-problem-2348fb7f.jpg
images.pmeimg.com/public/user_assets/30a4241c-3e7e-48f6-a7b8-04edcc63bb3b/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.pmeimg.com/public/user_assets/30a4241c-3e7e-48f6-a7b8-04edcc63bb3b/phishing-problem-2348fb7f.jpg
Requested by
Host: instructions.itpatches.com
URL: https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-26.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
598391abcb69cb488dc7e1369ffeec85f116b2da02a31fbdba56fcc9445f165d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://instructions.itpatches.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:07:37 GMT
via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
last-modified
Wed, 19 Dec 2018 21:37:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"bb10df55279a03a71d3141f3059cc5a8"
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
116936
x-amz-cf-id
YrF8IMwY9oCBo_sT4RJVcA_wPJNBJ12zE37xswdvr1m1VGf0JmZ4eQ==
Graphik-Bold.woff
images.pmeimg.com/system/content_fonts/uploads/000/000/163/original/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://images.pmeimg.com/system/content_fonts/uploads/000/000/163/original/Graphik-Bold.woff
Requested by
Host: instructions.itpatches.com
URL: https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-26.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e733431317cd0be348fa6c25e0794512d20e6b1ad036d597bf2d872324b87d3b

Request headers

Referer
https://instructions.itpatches.com/
Origin
https://instructions.itpatches.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:07:37 GMT
via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
last-modified
Tue, 03 Nov 2020 08:40:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"0bd50c6351c54c517572532f251e18f6"
access-control-max-age
60
access-control-allow-methods
GET, HEAD
content-type
application/x-font-woff
access-control-allow-origin
*
access-control-expose-headers
ETag
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
45884
x-amz-cf-id
q4b3MwIHuKLQf2v7fWeX0q0snachWgio9rxqLdROf6UBlfxRdh8m0w==
Graphik-Regular.woff
images.pmeimg.com/system/content_fonts/uploads/000/000/175/original/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://images.pmeimg.com/system/content_fonts/uploads/000/000/175/original/Graphik-Regular.woff
Requested by
Host: instructions.itpatches.com
URL: https://instructions.itpatches.com/6ae5b7/175fe597-8f71-4357-8e8e-7a55284b7503/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-26.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
868d34d2e0e636e0590f587746036bf9009c83b2c48965de48c4c7a804ba1a09

Request headers

Referer
https://instructions.itpatches.com/
Origin
https://instructions.itpatches.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:07:37 GMT
via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
last-modified
Tue, 03 Nov 2020 08:50:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"ada0bac546989e71ddba6096570203ef"
access-control-max-age
60
access-control-allow-methods
GET, HEAD
content-type
application/x-font-woff
access-control-allow-origin
*
access-control-expose-headers
ETag
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
43884
x-amz-cf-id
uyc0so-cO8mtHTIwBIFtoWefBOWSKIVoJJStJRwcdRb7hs2WC4j2XA==
636011423-9f2e8096d4ae629e515936a7670069618c035451107eb9de64c4de9663428f37-d.jpg
i.vimeocdn.com/video/ Frame 619F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/636011423-9f2e8096d4ae629e515936a7670069618c035451107eb9de64c4de9663428f37-d.jpg?mw=80&q=85
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/218520729?title=0&byline=0&portrait=0&autoplay=0&autopause=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5d094b77041fc5da845dac5b7270876aa8f04e9ab12d74e51df869d6e866cf58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:07:37 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
1199054
x-viewmaster-lossless-format
false
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
1645
viewmaster-server
viewmaster-us-central1-bg70
x-served-by
cache-dfw18641-DFW, cache-hhn4043-HHN
x-timer
S1638421658.979276,VS0,VE0
etag
92b8892575afb42c01590e50d70d5fe7
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 5
player.de-DE.js
f.vimeocdn.com/p/3.46.0/js/ Frame 619F 		682 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/218520729?title=0&byline=0&portrait=0&autoplay=0&autopause=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6a86cf28ce8ec2b4c9354709be1a2a7dca13e8a694a21c628362bc695862eadb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:07:37 GMT
via
1.1 varnish, 1.1 varnish
age
1162594
x-guploader-uploadid
ADPycdtux1zROgcaW_plrl0H4SI0jOIrTJxraUdygACSruupsT7divizfIaiztVI1lnC0ih6nlrtThbJqmRTcKsG5V4
x-cache
MISS, HIT
content-encoding
br
content-length
163924
x-served-by
cache-bwi5182-BWI, cache-hhn4022-HHN
last-modified
Thu, 18 Nov 2021 18:02:22 GMT
server
UploadServer
x-timer
S1638421658.981768,VS0,VE0
etag
"994938d7d3ec4fd309b1cdf45d94f959"
vary
Accept-Encoding,x-http-method-override
content-type
application/javascript
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
0, 2402
player.css
f.vimeocdn.com/p/3.46.0/css/ Frame 619F 		195 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/3.46.0/css/player.css
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/218520729?title=0&byline=0&portrait=0&autoplay=0&autopause=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
df28fccbafb244dd6825a3eb86ec470c874a19fa978031c470f2280a5a319a5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:07:37 GMT
via
1.1 varnish, 1.1 varnish
age
1162594
x-guploader-uploadid
ADPycduhx01JBKaRR6hdfLeWmsglTRqnyss_e388w5HreX3J9zuyPnOARdJCkecjW30qjJsnh6RxeY2jLnc_sr4kFwYLdPUIpg
x-cache
MISS, HIT
content-encoding
br
content-length
19236
x-served-by
cache-bwi5128-BWI, cache-hhn4022-HHN
last-modified
Thu, 18 Nov 2021 18:02:22 GMT
server
UploadServer
x-timer
S1638421658.981708,VS0,VE0
etag
"4d1acc56d3e4ce8c3dd5b7b01300b9da"
vary
Accept-Encoding,x-http-method-override
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
0, 869809
vuid.min.js
f.vimeocdn.com/js_opt/modules/utils/ Frame 619F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/218520729?title=0&byline=0&portrait=0&autoplay=0&autopause=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:07:37 GMT
content-encoding
gzip
age
5436346
x-cache
HIT, HIT
content-length
1238
x-served-by
cache-bwi5125-BWI, cache-hhn4022-HHN
last-modified
Thu, 30 Sep 2021 05:42:18 GMT
server
Apache
cache-control
max-age=315360000
x-timer
S1638421658.981816,VS0,VE0
etag
"a68-5cd2fe8e48280-gzip"
vary
Accept-Encoding,x-http-method-override
content-type
text/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
expires
Sun, 28 Sep 2031 07:01:52 GMT
x-vimeo-dc
ge
x-bapp-server
assets-v3244-jqhzs
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3, 773839
vuid
vimeo.com/ablincoln/ Frame 619F 		0
791 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vimeo.com/ablincoln/vuid?pid=1600fb1e30a2b89455fd96e086d487d11de7cca91638421657
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://player.vimeo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Via
1.1 varnish, 1.1 varnish
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache
MISS, MISS
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Served-By
cache-bwi5167-BWI, cache-fra19137-FRA
X-Vimeo-DC
ge
Server
nginx
X-Timer
S1638421658.034235,VS0,VE125
X-Frame-Options
sameorigin
Date
Thu, 02 Dec 2021 05:07:38 GMT
Vary
User-Agent
Expires
Wed, 01 Dec 2021 17:07:38 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-BApp-Server
pweb-v17870-ljq59
X-UA-Compatible
IE=edge
Accept-Ranges
bytes
X-Cache-Hits
0, 0
player-test-impression
fresnel.vimeocdn.com/add/ Frame 619F 		0
110 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Thu, 02 Dec 2021 05:07:38 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0
636011423-9f2e8096d4ae629e515936a7670069618c035451107eb9de64c4de9663428f37-d
i.vimeocdn.com/video/ Frame 619F 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/636011423-9f2e8096d4ae629e515936a7670069618c035451107eb9de64c4de9663428f37-d?mw=500&mh=281
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/218520729?title=0&byline=0&portrait=0&autoplay=0&autopause=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
06f4bcb82b17e03922a67c9c41e01550b07b7a5f79943a5656f21eb46b9f7b73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 05:07:38 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
1876484
x-viewmaster-lossless-format
false
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
19142
viewmaster-server
viewmaster-us-central1-hhmc
x-served-by
cache-dfw18637-DFW, cache-hhn4043-HHN
x-timer
S1638421658.087187,VS0,VE1
etag
33fc4fb88cbf50d415993988b0268130
vary
Accept
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 1
player-stats
fresnel.vimeocdn.com/add/ Frame 619F 		0
40 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=1600fb1e30a2b89455fd96e086d487d11de7cca91638421657
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Thu, 02 Dec 2021 05:07:38 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| gaplugins object| gaGlobal object| gaData number| pollingIntervalInMilliseconds

5 Cookies

Domain/Path Name / Value
instructions.itpatches.com/ Name: _phishme.com_session_id
Value: 76d03f1ba7caef34491ae2ca3c877a76
.itpatches.com/ Name: _ga
Value: GA1.2.1886302124.1638421658
.itpatches.com/ Name: _gid
Value: GA1.2.1888489810.1638421658
.itpatches.com/ Name: _gat_gtag_UA_126808791_4
Value: 1
.vimeo.com/ Name: vuid
Value: pl255446080.942425453

1 Console Messages

Source Level URL
Text
network error URL: https://images.pmeimg.com/javascripts/jquery.periodicalupdater.js
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
f.vimeocdn.com
fresnel.vimeocdn.com
i.vimeocdn.com
images.pmeimg.com
instructions.itpatches.com
player.vimeo.com
stats.g.doubleclick.net
vimeo.com
www.google-analytics.com
www.googletagmanager.com
13.32.29.26
151.101.0.217
151.101.114.109
151.101.192.217
2001:4de0:ac18::1:a:2a
2a00:1450:4001:80e::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c0c::9a
34.120.202.204
54.83.101.48
06f4bcb82b17e03922a67c9c41e01550b07b7a5f79943a5656f21eb46b9f7b73
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0e1fb14c94ae5a81173b8c528ad70302179c135d8a7562eb26fffb8d85875891
24c2773f43c18fe67a4a2ade64373a025e2a37e654d8b779ef97e05f15796966
2c0944f3bf0744243f5452c452e75e78e49cc7602868f7359cac04162b86c4ac
358a2cef510b8f0518ab423ac0888e99272b0160c6e57736a0f7bdae061fa6f2
598391abcb69cb488dc7e1369ffeec85f116b2da02a31fbdba56fcc9445f165d
5b5893f3359688fcc8bba5cd7c581b797b128612facc9aad39690bd26e543660
5d094b77041fc5da845dac5b7270876aa8f04e9ab12d74e51df869d6e866cf58
6a86cf28ce8ec2b4c9354709be1a2a7dca13e8a694a21c628362bc695862eadb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7b3b4c43f0425cbcbc3ae1338a0df532ba4df25964f1d1fb7c04277e9b05a350
82f3e0729b69fa41816b709f347ae9c63b85e33e005505886e3bdd7aaae03452
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
850ebab175e20015432217d462b446fd904cc7e90ae8c0339212053481163969
868d34d2e0e636e0590f587746036bf9009c83b2c48965de48c4c7a804ba1a09
91cfe57992509d3832cbc58e037d21af41b48af97290a8be16269ca183aa6928
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9ed62e0c6c218484c8bde74490e1cecb0b93b6dd0e7788d55ce887e0444711c
c5ae5a8bda6c78c09031c95a788e2fb625d95a7ae47c47fa0080ab370d9ac462
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4
db666cd5384502bdfb46e04e7a604637ff1ca31c73281aad93651e69aa97f787
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df28fccbafb244dd6825a3eb86ec470c874a19fa978031c470f2280a5a319a5c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e733431317cd0be348fa6c25e0794512d20e6b1ad036d597bf2d872324b87d3b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f99c596f000e5cf7d4d40cf006992955525c0d27663d325ff00576694ab6bdcc