firefox.settings.services.mozilla.com/v1/
54.230.111.118200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jtMw3vzTx30UQ5MlOY3KxZS5YSyaJ9l1-2U3pDXP2m18BrNtaZX-KQ==
Age: 188851
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4883
Expires: Fri, 07 Oct 2022 21:36:12 GMT
Date: Fri, 07 Oct 2022 20:14:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5378
Expires: Fri, 07 Oct 2022 21:44:27 GMT
Date: Fri, 07 Oct 2022 20:14:49 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8bk7V5Jwt46PaVY2z666SQbPk74OKILZWtarkTdaF1gCZYHZvkXGedpIxsusGNSh11FlURL0FO4=
x-amz-request-id: SXZZRGXWV2A1XZSD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 07 Oct 2022 19:31:20 GMT
age: 2609
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:14:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
acadplusvk.in/city.com
119.18.52.62301 Moved Permanently 239 B IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 26db08c038f8f9c4384a0d4729d01995
539c24d8af3d32e827d03f3a90d3b43b888d23b2
bf64d384df1866dc50e5cdc4152252d9bece7ee9fa1d1f3420f8edf4e41a580f
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /city.com HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Fri, 07 Oct 2022 20:14:48 GMT
Server: Apache
Location: https://acadplusvk.in/city.com/
Content-Length: 239
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c95e2715db953e22a3b5901aff1d679c
c62a4b221c22029c9eb6451f16c03c61475d9d50
2cf54b6a3e05febd291405cc6cf4cdd6fbe4a2aba93a184de61676580f6d85f5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6423
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:50 GMT
Last-Modified: Fri, 07 Oct 2022 18:27:47 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c95e2715db953e22a3b5901aff1d679c
c62a4b221c22029c9eb6451f16c03c61475d9d50
2cf54b6a3e05febd291405cc6cf4cdd6fbe4a2aba93a184de61676580f6d85f5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6423
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:50 GMT
Last-Modified: Fri, 07 Oct 2022 18:27:47 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c95e2715db953e22a3b5901aff1d679c
c62a4b221c22029c9eb6451f16c03c61475d9d50
2cf54b6a3e05febd291405cc6cf4cdd6fbe4a2aba93a184de61676580f6d85f5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6423
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:50 GMT
Last-Modified: Fri, 07 Oct 2022 18:27:47 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
104.110.29.32200 OK 76 kB URL HTTP/1.1 www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
IP 104.110.29.32:0
File type Web Open Font Format, TrueType, length 75538, version 1.197\012- data
Hash 3d1d3153b04b6ce8a33a20f60df9d723
60e91c7766bdc415134c1111a283ffed3749dbae
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff HTTP/1.1
Host: www.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff
Content-Length: 75538
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Access-Control-Max-Age: 2147483647
Dclocation: GT1DMS
ETag: W/"12712-1832c19c958"
Last-Modified: Sun, 11 Sep 2022 10:30:31 GMT
Nonce: 8763937778443946
Referrer-Policy: no-referrer
Scope: VISITOR
Sid: 71696be0-0755-421a-a6c6-6f1d4e87ae0a
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Uuid: 88db870f-930d-4d65-828f-90fb97d75f90
X-Content-Type-Options: nosniff
X-Vcap-Request-Id: fedf50a2-3b5c-454b-6c32-a721718c94a5
X-Xss-Protection: 1 ; mode=block
X-Akamai-CITISITE: GTDC
Cache-Control: public, no-transform, max-age=21600
Expires: Sat, 08 Oct 2022 02:14:50 GMT
Date: Fri, 07 Oct 2022 20:14:50 GMT
Connection: keep-alive
Set-Cookie: AKMTLTSID=31D530F4F5A60C99A6ED4CF51319B3AB; path=/; domain=citi.com; secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d6c404502c7987174a84d8f0a3efab23
fc3a3f6d63acab3f659fb3536b65fd8564ec8628
94b5693df873bd923ffbf31f576fff01d2628e5796af4c6b91306a743e27d19b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1514
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:50 GMT
Last-Modified: Fri, 07 Oct 2022 19:49:36 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.118200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Fri, 07 Oct 2022 19:29:41 GMT
Cache-Control: max-age=3600
Expires: Fri, 07 Oct 2022 20:21:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VrK_TyhYWviPGoEdYvdtfqkGcFA8iWIt6hMrFaQlukY4K08ZxrOb1A==
Age: 2709
acadplusvk.in/city.com/img/cool-2.1.15.min.js
119.18.52.62200 OK 14 kB URL HTTP/1.1 acadplusvk.in/city.com/img/cool-2.1.15.min.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type C source, ASCII text, with very long lines (585)
Hash 80dd5e3be5152c5c72d552c6a26ef6ff
a019565ce06f5b1c129af9ac0e9cfa82f52dcdea
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cool-2.1.15.min.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:49 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 13891
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/tc.min.js
119.18.52.62200 OK 20 kB URL HTTP/1.1 acadplusvk.in/city.com/img/tc.min.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type C source, ASCII text, with very long lines (19497)
Hash 83c2974d08241a92c3b2dcb8f441271f
424d72cd7dfe7371c647addd7145ab3444a6b121
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/tc.min.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:49 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 19498
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/
119.18.52.62200 OK 316 kB IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (55779)
Size 316 kB (316105 bytes)
Hash f23a6506e3094e7f6ae3ad2091aa28dc
2a317886666718e140693bbc46878d5893506982
209db3111df8be4b0414ecda1956ec28c519bd0e0d5da80b300e322e082eeef1
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /city.com/ HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:48 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/clarity.js
119.18.52.62200 OK 54 kB URL HTTP/1.1 acadplusvk.in/city.com/img/clarity.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (53819)
Hash bfe7b3387bec83787001dbaff19582c7
e2c99fcf2a90e1d741850f478252bfb8ec557100
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/clarity.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:49 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 53904
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/f.txt
119.18.52.62200 OK 40 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f.txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2165)
Hash ca7e72b78555d2e8c4b16d4bd5257d75
1a8681cdb23a36d15b6fcc3709012e2871089945
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f.txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:49 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 39731
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
push.services.mozilla.com/
54.70.239.215101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.239.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NS0u/2z/1CU+thPwqVD41Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Te6FXTJzCYk4sqrZetGCNtEcBP8=
acadplusvk.in/city.com/img/js(4)
119.18.52.62200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(4)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103187 bytes)
Hash b09f9c7bee568b4c30c834d7004a8318
c094eb0aa39e9b1fcdbe5f777608e480aa823116
677cec65f2895fca126756615b8f96c2801078d2b59a98bab4aab3ee8a89d645
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(4) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:49 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 103187
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(3)
119.18.52.62200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(3)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103051 bytes)
Hash a838afd9a56c8f89018f10bd09cc6421
84ee9b65a3192f5e64141e640a2ee6dc276204b0
0e8665d56063213d42b3650b1325534735f0fefe09ee48a7f734f83b5e4bfdfe
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(3) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:49 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 103051
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(5)
119.18.52.62200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(5)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103281 bytes)
Hash e20ba53af81eb737de7fad96944aa60b
530cce66fe22697dc035d6881942ff7bb0c409ff
e76caa473d34a77670863ffd51ee0e59b44c4bdc6367aa0e8e698bf6b264919f
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(5) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:49 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 103281
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(7)
119.18.52.62200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(7)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103187 bytes)
Hash ee67077451cebf8876f2de2297fa96ca
35ef8b8e91654c9b777ad0393237cf7646f6bd2b
4027f452062da70c1206681e4d1e3ad20d633d217bcd0f954f98e4ea7743c842
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(7) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:50 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 103187
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/bat.js
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/bat.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/bat.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:50 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/js
119.18.52.62200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103051 bytes)
Hash cc3f006c0d20688bd4d5760854e6fbfa
86c1c9948bad89d8978f121666970ca75a6041cf
7e035fe791d86c0346cacc50c10ab1cea6941f3dae04a87b7acc0e30ce6436d9
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:49 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 103051
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(6)
119.18.52.62200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(6)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103187 bytes)
Hash e1340ee2f64e9f54d9dbb4611f02ff99
b509c86c7c8add2aaef171af708d002a76838fc8
ac3211cc5864f812b2e7fe668137258fe2e2405cc42642d4fbcd07199f3c4028
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(6) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:50 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 103187
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(2)
119.18.52.62200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(2)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103187 bytes)
Hash a5857f45dc475f0d0248f0e88b1910fe
801f894e1e1f8f45a002108d6db22b99a86078d3
b6f517c4279c052b89206db39d95274ef20699f4142aaa9e4339790d3228a64f
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(2) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:49 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 103187
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(1)
119.18.52.62200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(1)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103051 bytes)
Hash 475095d97d2441005dfdbd85f505a10a
334d9a3458f7edd09d4fca43dd474630439a86c6
008aaa0eebea326ea356339b06467c2eb5f98d4b76759ae45f6eb1f953db28ee
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(1) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:49 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 103051
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/dpm_pixel_min.js
119.18.52.62200 OK 105 kB URL HTTP/1.1 acadplusvk.in/city.com/img/dpm_pixel_min.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (60150)
Size 105 kB (105110 bytes)
Hash 08e770c8a17bf087d50cec01af0892c2
15f6bd70687eeff26cd6e72f647b80894b855e7f
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/dpm_pixel_min.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:50 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 105110
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/js(8)
119.18.52.62200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(8)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103165 bytes)
Hash 150f0f4c807995a977803d2ff092f3eb
53586f85f91df62000e9951a676153cd93435e9b
efcb0e09a533713a54d617f43991909e46d6430c9c1531787ea15492a15b9e86
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(8) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:50 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 103165
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(13)
119.18.52.62200 OK 93 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(13)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash 351f91dc956821f77df4a3df9e488a4f
1c13fa31eff0e9d7d500650ae9f7d006ac40c4b9
8a13175818c1064520ce05abb77e35d1c88111dcf0cd991d5227a55ff196a7e3
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(13) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:50 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 92841
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(10)
119.18.52.62200 OK 93 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(10)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash e8027c272fc8b146d2d67687166dcbf6
79ffac5d6ce9debd2fd3fefd927d4e8ad6e09cfa
e83c9c5a686b6460be3df5f34ddbe456588d4f575083e74045a00c4ff2be7db0
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(10) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:50 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 92863
Keep-Alive: timeout=15
Connection: Keep-Alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10321
Expires: Fri, 07 Oct 2022 23:06:53 GMT
Date: Fri, 07 Oct 2022 20:14:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10321
Expires: Fri, 07 Oct 2022 23:06:53 GMT
Date: Fri, 07 Oct 2022 20:14:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10321
Expires: Fri, 07 Oct 2022 23:06:53 GMT
Date: Fri, 07 Oct 2022 20:14:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10321
Expires: Fri, 07 Oct 2022 23:06:53 GMT
Date: Fri, 07 Oct 2022 20:14:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 16339989f5c6c229a3dcc0ed1e52032f
a1ea26d6e4eb4a72cc8c87100b40035dab69d285
16703f888ee6f974bb89e1c4c16a75186b31b64130abcd1a3bcd3741159d912c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13437
x-amzn-requestid: ec801fbc-c339-46ce-ac5f-18d064e5ef21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_HdeoAMFyOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-02b52b770e6e76cf52b26e47;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Iesqk_XbGiZE-n3mTa1_1WtlXiyEqz-4qfyt3_609O1eujdLcFu3zA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:01:58 GMT
etag: "a1ea26d6e4eb4a72cc8c87100b40035dab69d285"
content-type: image/jpeg
age: 79974
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2ac0ed19ef64f2f765ce7adb2a8fa7c
b6ea582befd01324dd456d59d3f610101dcf910c
d324c9f67b0efc38a935195076488dd0a62f61b893706ecf40ad1f2c5550a7d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11492
x-amzn-requestid: 7ac7e364-5204-4101-87f6-89fbdf3c5cb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_GKSoAMFdkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-4ae692e2617657225c88e5fb;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: jddNzOBqcXe8oUyYEEC82u0w35f4lAdk7Xf4ruu40Ngj2eY-r1Qyww==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
etag: "b6ea582befd01324dd456d59d3f610101dcf910c"
content-type: image/jpeg
age: 81034
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53b7ffdc3799e0ac7a225145242579ef
c47f0525fe5354ee13fe63c0ec31f0f826a58005
4bb518afc9b3e7bfb976d343e46b306155834adbe71fa35b0d6f509959f78aca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10987
x-amzn-requestid: c2ab1012-1afd-4d74-8114-97977b43da24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZgCHwGdGoAMFvyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633cb097-3237927a0c1e081d22c902f7;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 22:15:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: iClOZEPMiFmpeprT8McJ2HI0dCmyxkhEdfYr0qP0YK3U_Pcd9N0Fhg==
via: 1.1 3dde68f1f52282c9e1ee336d97233b0a.cloudfront.net (CloudFront), 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 11:08:01 GMT
age: 32811
etag: "c47f0525fe5354ee13fe63c0ec31f0f826a58005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e30ca5022768294665070cafc9d489c
c6ebf53c21206cfcf8e70279d3ae43f0170ade3a
6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: a9tOPCySPRdXpvJf239ycM7_3PJS7GcITvM52Sxic_FwYr_-n2XQHA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
age: 81034
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed3fa86bbe319c9a2f81ff625e677cb0
e3d5210207f6ff922bc28e328285059c19a523a4
5919694bd942a4f25d5b7ffc3f8aee1af6cdb8461d4ba3dba9a2e72cf19164c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7261
x-amzn-requestid: e1bdf299-b29e-4f58-9c8a-33f5dacdb081
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmirBELYoAMFfgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b13-1969b32c6f4f7e5749e7caa0;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: V3fTgH8URZ1iWMxWPy49--20mtdJvMK6XTG_aPKk68pvwCxPl8lULw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
age: 81034
etag: "e3d5210207f6ff922bc28e328285059c19a523a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4572451a09430ca7a9203f14ddc035ba
46e17c44fba23988d7a9d9832c411ba2810136c3
fa54e73c4b32d8e109504ebcd46e4316de8143f44b7eae20a44ba63d14a6f24b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8445
x-amzn-requestid: 7d295b3b-29d6-4b2e-8314-c9055d1def80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmju5FxwoAMFeQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4cc5-3f58c18b1159ad512c60422b;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:46:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: DC1ECXhkAhfdrU8ZyMhhDdwydsq4PQfzzGOPd-REjCkCsDbXQLnLiA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:01:57 GMT
etag: "46e17c44fba23988d7a9d9832c411ba2810136c3"
content-type: image/jpeg
age: 79975
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
acadplusvk.in/city.com/img/3fac67bbed26d3e121bb84cefe395515.js
119.18.52.62200 OK 4.1 kB URL HTTP/1.1 acadplusvk.in/city.com/img/3fac67bbed26d3e121bb84cefe395515.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (518)
Hash 8840936aaa3f823ad4c7d6c5c5b0476c
a45a46442eaab1ae98c39dfe5e8bc53027a70b91
6a4572cbce614543d10ffc2276b91140ecb0b0b9e2de0b9a87d4bc4016051f17
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/3fac67bbed26d3e121bb84cefe395515.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:50 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 4069
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/8e31a20960f50a1c34f7ccb1cd9737ec.js
119.18.52.62200 OK 340 B URL HTTP/1.1 acadplusvk.in/city.com/img/8e31a20960f50a1c34f7ccb1cd9737ec.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (340), with no line terminators
Hash bdff6eff8de1b3545ba53c6de66e07f4
ed4dc87caeb969487a561460686dd1aeee154d47
84129e02573a4f7ca911b6b37f7129a748efdae9decea2efe415ffeabf1a66bb
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/8e31a20960f50a1c34f7ccb1cd9737ec.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:51 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 340
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 29f977a36a78c156e453a55d86eb0c82
a84cb3c6c89aad5590ab89ca14c3616e4157d6a7
d47dbc200efffb39b01d339c449845021c591c8dde619a8418a78fdb88b06393
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 07 Oct 2022 20:14:52 GMT
Last-Modified: Fri, 07 Oct 2022 18:38:28 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CobRaJsOiSOKI1kSQPr0wxp7wKMotyVwNAxcUYXNzPFeeaqdmjk0Jg==
Age: 5784
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 29f977a36a78c156e453a55d86eb0c82
a84cb3c6c89aad5590ab89ca14c3616e4157d6a7
d47dbc200efffb39b01d339c449845021c591c8dde619a8418a78fdb88b06393
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 07 Oct 2022 20:14:52 GMT
Last-Modified: Fri, 07 Oct 2022 18:47:35 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8s0VU5-zcu4wb8UlE7vXYBtXV1OkX-wFzJFZ0w_CYVHrmdHzv2F6pQ==
Age: 5237
acadplusvk.in/city.com/img/js(12)
119.18.52.62200 OK 93 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(12)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash 79c8eea8898418116e2341640f0ec400
7c123217fd21ddd24fa8cb33674b185e5616793d
5a2aa8a1ce876434e8f0912c3be63026f79d0b0f24ea591e5379d9186fae451f
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(12) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:50 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 92863
Keep-Alive: timeout=15
Connection: Keep-Alive
p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
54.196.132.16200 OK 0 B URL HTTP/2 p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
IP 54.196.132.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: p.tvpixel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://acadplusvk.in/
Origin: https://acadplusvk.in
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 20:14:52 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://acadplusvk.in
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
X-Firefox-Spdy: h2
acadplusvk.in/city.com/img/js(14)
119.18.52.62200 OK 93 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(14)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash 07d6e770baf6cef24f751f89e0450919
d04a2ee8a5cf36e2b5ed43789f9e1f1974642b08
02e871a789bf3801140ce6b9d8a205d308ca81bce448e87fb6bdd60ee98cafc1
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(14) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:50 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 92841
Keep-Alive: timeout=15
Connection: Keep-Alive
p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
54.196.132.16200 OK 2 B URL HTTP/2 p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
IP 54.196.132.16:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: p.tvpixel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1630
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 20:14:52 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=43c3134b-3cd6-4d50-a65d-dc49cccb98bf; Expires=Sat, 07 Oct 2023 20:14:52 GMT; Domain=tvpixel.com; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://acadplusvk.in
access-control-allow-credentials: true
X-Firefox-Spdy: h2
acadplusvk.in/city.com/img/d77cad342c2e126c752063748cd63d48.js
119.18.52.62200 OK 31 kB URL HTTP/1.1 acadplusvk.in/city.com/img/d77cad342c2e126c752063748cd63d48.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (571)
Hash 130b85fd120b6086edd93dc081411f3b
fe858f5c6cd1408944353ea478dd1d6b04956944
21201ecc3c1f81d2725b4f6b81c4dfa208edabe6a023711d6b48933b7acabf84
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/d77cad342c2e126c752063748cd63d48.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:51 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 30873
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/468b3e37a21c4198f4939c8aaca98066.js
119.18.52.62200 OK 1.5 kB URL HTTP/1.1 acadplusvk.in/city.com/img/468b3e37a21c4198f4939c8aaca98066.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (528)
Hash 1134fb1ba0ea9f4c07cb7b8e5391014e
a41047baee806c32a43c3c42b524b65e03a82bef
61e01b4da87624c5972c4f051d92695a76fa8491c2c1512342b714b9f5db2008
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/468b3e37a21c4198f4939c8aaca98066.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:51 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1477
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/51aba9f62787efbaa13e53a8d1ae3892.js
119.18.52.62200 OK 1.3 kB URL HTTP/1.1 acadplusvk.in/city.com/img/51aba9f62787efbaa13e53a8d1ae3892.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (524)
Hash 4d37444c012a76a0557182615bf5cdd3
1ba1932dcc6dff6035c37a14de9852606de28329
bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/51aba9f62787efbaa13e53a8d1ae3892.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:51 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1322
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/js(11)
119.18.52.62200 OK 93 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(11)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash 1d3e9d76d4f76b08cb4ceb30652535dc
b42727daec4a0e7f8e2665283c31be654a3f4e80
0264c5423e565a05bcc16d1abdfec999c4e92fd5ea90146251a8549cb93773f6
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(11) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:50 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 92863
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(9)
119.18.52.62200 OK 93 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(9)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash dc97114eb2971a8778934dd712c1b0de
90927dda01826d8403a55c598c2e825e87811622
c9c84a02bd7802730402506e08933a2bf019ce78600f266189b86a2d53c0bdd6
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(9) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:50 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 92863
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/d74f82b561a6aa5d9247eaf72394131a.js
119.18.52.62200 OK 1.6 kB URL HTTP/1.1 acadplusvk.in/city.com/img/d74f82b561a6aa5d9247eaf72394131a.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (549)
Hash 43372887591ae43fb66862c6ae6d2c9b
f32f657f4a8162f6ee9f1cf9a3d88e688d0eb027
1243ffed4530d6d237dd040101bf2933687f6e9272b10132060115058f914206
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/d74f82b561a6aa5d9247eaf72394131a.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:51 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1585
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/557566dc60916e3de69e006bef252459.js
119.18.52.62200 OK 2.2 kB URL HTTP/1.1 acadplusvk.in/city.com/img/557566dc60916e3de69e006bef252459.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1964)
Hash c12999fcad47ab9cba1967b8c736048d
cd62dba28e44aceb5f26c5757f24f59f4f79dc95
31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/557566dc60916e3de69e006bef252459.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:51 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 2183
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/96e0eb995483e83e7b3f71968eedeed1.js
119.18.52.62200 OK 406 kB URL HTTP/1.1 acadplusvk.in/city.com/img/96e0eb995483e83e7b3f71968eedeed1.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (965)
Size 406 kB (405607 bytes)
Hash d33c3e72339d9cf9815514de159bf650
39dd5c8f75063350b0e58cfe95bba2c0aeb1f0c1
d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/96e0eb995483e83e7b3f71968eedeed1.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:51 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 405607
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/d90ce1a791ada193ee0ca4e9ce66632d.js
119.18.52.62200 OK 4.8 kB URL HTTP/1.1 acadplusvk.in/city.com/img/d90ce1a791ada193ee0ca4e9ce66632d.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1194)
Hash f858f498c16f3fcb99e48c58f276fda5
6ed0863603eb27999945bf50bf80cac0c3617100
c1b3f3803c42132039b21ce8921335c9cb785a58d513fdc04b0350434bec8e29
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/d90ce1a791ada193ee0ca4e9ce66632d.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:51 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 4849
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/fdf45a7c15c1cee06bb71e10dac4e26e.js
119.18.52.62200 OK 989 B URL HTTP/1.1 acadplusvk.in/city.com/img/fdf45a7c15c1cee06bb71e10dac4e26e.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (524)
Hash a88ee16d6636b998b8a6bb0eedf3a3bb
84b7338657d33ace2048bf6b6e3b8b3fa649548a
7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/fdf45a7c15c1cee06bb71e10dac4e26e.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:51 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 989
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/serverComponent.php
119.18.52.62200 OK 2.0 kB URL HTTP/1.1 acadplusvk.in/city.com/img/serverComponent.php
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2006)
Hash 1fb82a059a748b9c4d9edf55fc111f7d
d994b755c90d3dcb0ade573d8eef086bc3232cf1
1a6193c0936ec29f4350799172f83ad78a95112799ea30c662e80f25b418361c
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/serverComponent.php HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:51 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/banner.min.js
119.18.52.62200 OK 16 kB URL HTTP/1.1 acadplusvk.in/city.com/img/banner.min.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15581), with no line terminators
Hash 58864702922ad7456667ccfa2f212a7b
f46a0697469863fc711f07b85a5327fdcfa8a839
66e0a4b3019f0e19c99a314095a7e13932cd8afcb82a236475abf3f8723ea69d
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/banner.min.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:51 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 15581
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/tagging.min.js
119.18.52.62200 OK 45 kB URL HTTP/1.1 acadplusvk.in/city.com/img/tagging.min.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (45425), with no line terminators
Hash fdec3832e07f010886e9b9e76781723b
3c97b16b253fb4cfb08955d8912029d30810ad70
3f383b43ed678109c3a4006112945b4381899317658913dcf1d061a55b47cab5
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/tagging.min.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:51 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 45425
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/9d552101ccdbc20ef239307e0ace1356.js
119.18.52.62200 OK 160 kB URL HTTP/1.1 acadplusvk.in/city.com/img/9d552101ccdbc20ef239307e0ace1356.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (573)
Size 160 kB (159835 bytes)
Hash 6089906788dab761a1717f00e49f6d47
afea4afa3858165eb7b2023a697829a7470e28c7
53c561089a7987d29afa32543f9d7585b9a4f565b0b6c54b703e802f2f52d386
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/9d552101ccdbc20ef239307e0ace1356.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:51 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 159835
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/tags.js
119.18.52.62200 OK 82 kB URL HTTP/1.1 acadplusvk.in/city.com/img/tags.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15031)
Hash a2fe0ddd8b16afaa6b95b0fc8b038546
63eff196885a0e292a9138f48556297b8ee034c4
a1012b65a2ec44d9f1a2e3a11f74e644e505cb6544e3717b4442cb9aa73452b0
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/tags.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:51 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 82417
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/logo.js
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/logo.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/logo.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:52 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/tags.js(1).download
119.18.52.62200 OK 82 kB URL HTTP/1.1 acadplusvk.in/city.com/img/tags.js(1).download
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15031)
Hash f7ab1198801b8843ae33d61a778ce15b
f00f5121ba45a47f2c57bf96aeb61e4e5aff12df
ecddeb2adfa02b823671f9e56787dd23cadfe86fa9042940d5fea9e38054c174
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/tags.js(1).download HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:52 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 82417
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/6c8322c7341eac98645c10e3d1d3c7ae.js
119.18.52.62200 OK 239 kB URL HTTP/1.1 acadplusvk.in/city.com/img/6c8322c7341eac98645c10e3d1d3c7ae.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65536), with no line terminators
Size 239 kB (238837 bytes)
Hash 9c5a73216a34c42f3974a08a8080ce22
ce94b2f85d3629b84964e6be3dc1849361836996
93a2bf9c16a92eea122a84d246579a50fb89c3b269c78c080588cee14129b2c7
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/6c8322c7341eac98645c10e3d1d3c7ae.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:51 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 238837
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/embed.js
119.18.52.62200 OK 1.6 kB URL HTTP/1.1 acadplusvk.in/city.com/img/embed.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (449)
Hash f18dcd577f0deae68783ef9243454a0c
15e181c5b5dbfc2766d046944c3ccd5527837ad2
7ce1ab6d7d544d02fdbfd070df6d6290a630944648f78629bccf6b7c426254ff
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/embed.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:52 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1573
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/tags.js(2).download
119.18.52.62200 OK 82 kB URL HTTP/1.1 acadplusvk.in/city.com/img/tags.js(2).download
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15031)
Hash fe50cab64bcc9f5c84a2a6dae5ddb851
fd34b1022666c559a6db812aaba4b6932118ecfa
7c61e941b642ce421086c40e8edd357d643de75763ebe83073d329f2693f6786
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/tags.js(2).download HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:52 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 82417
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/16003743.js
119.18.52.62200 OK 0 B URL HTTP/1.1 acadplusvk.in/city.com/img/16003743.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/16003743.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:52 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/16001692.js
119.18.52.62200 OK 685 B URL HTTP/1.1 acadplusvk.in/city.com/img/16001692.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (683), with CRLF line terminators
Hash bc3635963138a424c4fd59cf3318d19e
9f3286f6098730e4a38c6e9983dbb794ee25c840
fbfbcd5ac1839093e7f7fed9f57af9bdca51c799c591af25b624ebc421fdd052
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/16001692.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:52 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 685
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/f(1).txt
119.18.52.62200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(1).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1707), with no line terminators
Hash a3c474b77891aeaaef198d1181db85b7
c2c52aa65260562ce3bed6232dfab67b202d65dc
60efe6c61d482a9ad16c13a430e4f9b230d4a7667873a043327afadd372bef6d
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(1).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:53 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1707
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplusvk.in/city.com/img/f(2).txt
119.18.52.62200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(2).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash 105e05de24c950e870a5e43f18e1aa49
8b7b2a758921116bb3a7a213df81cc7a95ab2f18
0ed87b4fd56a4ea6f91e90ec9227281332adcb6d90c16871ddd93a8b0769fa24
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(2).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:53 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1687
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplusvk.in/city.com/img/f(3).txt
119.18.52.62200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(3).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash 59183bb0c357bdb97de4dc8b213a65d5
3d367827bdca980d192662f3a111f0e305298c2d
76fb126ee024dcf4a093ac4d3614448b9281355f1033a422fc929298e88fa877
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(3).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:53 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1687
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplusvk.in/city.com/img/f(4).txt
119.18.52.62200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(4).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash 0fd5231876c22268722a1e7165491c79
58c83e84250ac336d464a3dd3259f4bcf0abe847
6bb0c1eaae6f6770f889c139ca441c1c21ab76ba7cd86cb28600955f3ee15302
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(4).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:53 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1687
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplusvk.in/city.com/img/f(5).txt
119.18.52.62200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(5).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash aee303a04ab673a2672eb1f03d5948eb
e4815a021bb7f559a74f06af7d4bbb15f412c34f
2c3e0f1421ec0c865caf07a6fee834c43eb456613a9d1aee3a3db0c463c9d340
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(5).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:53 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1687
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
119.18.52.62200 OK 1.3 MB URL HTTP/1.1 acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (65017), with no line terminators
Size 1.3 MB (1263457 bytes)
Hash 05bc274118a209ed92dda2b6f1f3513c
8a1d98b811afa6ce31973058f405791def19488d
c49f7ec632ced66bfd8ac1ed0cc98a6c8e583f7b36e1faccf190a04955d39c01
GET /city.com/img/styles.a4a9307b7b034ca614a7.css HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:51 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1263457
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/css
acadplusvk.in/city.com/img/f(6).txt
119.18.52.62200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(6).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash 4de224726a52a4e597299903c0bb3e8d
3cf73c8bdaac20bd12ce5e1988eaad5360477cf7
85272ec3d43640c29bdc41f4f2f7c2942b2f96d76254e8b2802006eab8bc44fa
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(6).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:53 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1687
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplusvk.in/city.com/img/f(7).txt
119.18.52.62200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(7).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1706), with no line terminators
Hash 23d55fab0c56bb20c76f5581cdf86690
3252edaef11fb2fddbb4a8afdb691a6bcaa5751c
441dbbcac58f504c76ab5ff91afa232a4f7734790a9fd2345cad297f00537aa0
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(7).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:53 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1706
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplusvk.in/city.com/img/bat.js
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/bat.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/bat.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:53 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/f(8).txt
119.18.52.62200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(8).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash 9b2c364e9da0124e5ab850764f97c6f7
9e3ba6ab87fc565c26c8a228e21ae56c93499a54
ec92c710f2d67faf40a7c39947630493ffd75ca46a82cfadde25e8eb05e53bf3
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(8).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:53 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1687
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplusvk.in/city.com/img/Bootstrap.js
119.18.52.62200 OK 234 kB URL HTTP/1.1 acadplusvk.in/city.com/img/Bootstrap.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (579)
Size 234 kB (234403 bytes)
Hash 49a3c4174ffd09053b1dca60cf732391
3fb3ecbbe6d35c0e45d5118c05a86423ba473798
b4d7c52d0920ce3ce14dd5f198df3fb2e9bf39ff31e209a92cf146c86de4ce62
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/Bootstrap.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:51 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 234403
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 54a8c6f45c6a0f3a5c0199d65ca880c6
173104e5386bb24b90f2d7350d008490555e635f
036b47cef15d692924142d169d5f859b5273cc83f6adf61b4e6de9d693313abe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2351
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:54 GMT
Last-Modified: Fri, 07 Oct 2022 19:35:43 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1665173694858
52.31.4.32302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1665173694858
IP 52.31.4.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1665173694858 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://acadplusvk.in
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v044-08f9cc93e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1665173694858
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=52941839415643537923471699821568710122; Max-Age=15552000; Expires=Wed, 05 Apr 2023 20:14:55 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: uerVoN54Qtc=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1665173694858
52.31.4.32200 OK 124 B URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1665173694858
IP 52.31.4.32:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
GET /id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1665173694858 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplusvk.in
Content-Type: application/x-www-form-urlencoded
Referer: https://acadplusvk.in/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://acadplusvk.in
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v044-00915bc04.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: JQ1RiobnQ+I=
Content-Length: 124
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb8451a42aabd3cfbe241b305b704d64
a3877c21f13dbb472e051d459e4656fc46690275
5fd79754e671af8953c110c346508d6c893165bf98b272533c209bf259384662
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4696
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:55 GMT
Last-Modified: Fri, 07 Oct 2022 18:56:39 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f50d2e650cf68984c27d915f82232d43
52f23655ea0c90f5544eccd2ce845a752d5a578e
f34b126fadf6c7c51516cb94e23371f2dc46d9dfce8a3fb34033ce0621e32db8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:55 GMT
Server: ECS (amb/6BA4)
Content-Length: 471
metrics1.citi.com/id?d_visid_ver=3.1.2&d_fieldgroup=MC&mcorgid=61834D9B5228A7430A490D45%40AdobeOrg&ts=1665173695071
15.236.176.210200 OK 89 B URL HTTP/2 metrics1.citi.com/id?d_visid_ver=3.1.2&d_fieldgroup=MC&mcorgid=61834D9B5228A7430A490D45%40AdobeOrg&ts=1665173695071
IP 15.236.176.210:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4215fba7aa8859dfe0daf0ace9e66c83
e47e6509cb80c1fb85728aaf740cfb6c4af22118
cf8eec50af32a9dd68dbd4a30a4f3c2fcdc78375bcd12206686c7df8ba95700d
GET /id?d_visid_ver=3.1.2&d_fieldgroup=MC&mcorgid=61834D9B5228A7430A490D45%40AdobeOrg&ts=1665173695071 HTTP/1.1
Host: metrics1.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://acadplusvk.in
access-control-allow-credentials: true
date: Fri, 07 Oct 2022 20:14:55 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31A0445FE9F146AC-60000B6B46FB8E1F[CE]; Path=/; Domain=citi.com; Max-Age=63072000; Expires=Sun, 06 Oct 2024 20:14:14 GMT; SameSite=None; Secure
AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C04214617358572780873083298165451523538; Path=/; Domain=citi.com; Max-Age=63072000; Expires=Sun, 06 Oct 2024 20:14:14 GMT; SameSite=None; Secure
s_ecid=MCMID%7C04214617358572780873083298165451523538; Path=/; Domain=citi.com; Max-Age=63072000; Expires=Sun, 06 Oct 2024 20:14:14 GMT; SameSite=None; Secure
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 89
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&d_mid=04214617358572780873083298165451523538&d_cid_ic=AVID%0131A0445FE9F146AC-60000B6B46FB8E1F&ts=1665173695418
52.31.4.32200 OK 301 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&d_mid=04214617358572780873083298165451523538&d_cid_ic=AVID%0131A0445FE9F146AC-60000B6B46FB8E1F&ts=1665173695418
IP 52.31.4.32:0
File type JSON data\012- , ASCII text, with very long lines (358), with no line terminators
Hash 04e9a3884325c4301d1e32c3c1076906
17ded6eebc3ba07ce376a950136dd9fdb5455c19
9b6f807857d9dbdac18a788c3e98fb8fdc48d16ef1654bc76ffe1bb67f8e47e5
GET /id?d_visid_ver=3.1.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&d_mid=04214617358572780873083298165451523538&d_cid_ic=AVID%0131A0445FE9F146AC-60000B6B46FB8E1F&ts=1665173695418 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://acadplusvk.in
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v044-041e262a1.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=08992587373291410282551721717139520625; Max-Age=15552000; Expires=Wed, 05 Apr 2023 20:14:55 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: KVCDbdavRyo=
Content-Length: 301
Connection: keep-alive
acadplusvk.in/city.com/img/cedric.js
119.18.52.62200 OK 617 kB URL HTTP/1.1 acadplusvk.in/city.com/img/cedric.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (63761)
Size 617 kB (616835 bytes)
Hash f8f92080b98bd0fc50db4648e713e634
86897ee3830af2faf33ee5a7f742f25a291011c8
48451bef935eba4b7a149a7b6dc16cc7183e75cb2887d571a3382ae3f155686a
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cedric.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:52 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 616835
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/1-es2015.e6099f56b51f44414444.js
119.18.52.62200 OK 764 kB URL HTTP/1.1 acadplusvk.in/city.com/img/1-es2015.e6099f56b51f44414444.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65536), with no line terminators
Size 764 kB (763890 bytes)
Hash de7f2d520bd1683950d46b2c7fc79646
d9e8fe6842dd1937e46304d4811c10f8d538a184
6f56350d404b7363262ab1a2331f6ee082822c230c2dda9061439acb0ee2ea29
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/1-es2015.e6099f56b51f44414444.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:52 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 763890
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/EqualHousing.png
119.18.52.62200 OK 1.6 kB URL HTTP/1.1 acadplusvk.in/city.com/img/EqualHousing.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 29 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash 83a5bb8d054fc7b4adab0615c487dc25
8a26d8e39da754c8f63d2a3122ed87a6e4a7f369
f23485e8b9c368f28f18a0bb110573df79c00ac3a2ca71d68017db100207639d
GET /city.com/img/EqualHousing.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:56 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1606
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/social-media_twitter@3x.png
119.18.52.62200 OK 1.3 kB URL HTTP/1.1 acadplusvk.in/city.com/img/social-media_twitter@3x.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 66 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 60b0fec951727b4762fabc2570a1317f
56f9ed9699233f4cef1317a9a2c83179070b5e8a
5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837
GET /city.com/img/social-media_twitter@3x.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:56 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1277
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff
104.110.29.32200 OK 69 kB URL HTTP/1.1 www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff
IP 104.110.29.32:0
File type Web Open Font Format, TrueType, length 78762, version 1.197\012- data
Hash a32d68c89adbd7d3f740e92ffdc2f3fd
83b5c15736e65da9c32dc23aff484b1ccef350d0
dc1eda5ff315deef847a09ec620c27ef5a6b0b31de41c3b72bc8f7a7bbde8fe5
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff HTTP/1.1
Host: www.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff
Content-Length: 78762
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Access-Control-Max-Age: 2147483647
Dclocation: GT1DMS
ETag: W/"133aa-1832c19c958"
Last-Modified: Sun, 11 Sep 2022 10:30:31 GMT
Nonce: 9121593632974370
Referrer-Policy: no-referrer
Scope: VISITOR
Sid: df2866c6-a651-4c8f-9eab-5015e6158000
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Uuid: d7db5394-7f36-4fc2-95c6-2df7667abd32
X-Content-Type-Options: nosniff
X-Vcap-Request-Id: c110a1ed-9a5a-4d44-4a45-61791f52c94c
X-Xss-Protection: 1 ; mode=block
X-Akamai-CITISITE: GTDC
Cache-Control: public, no-transform, max-age=21600
Expires: Sat, 08 Oct 2022 02:14:50 GMT
Date: Fri, 07 Oct 2022 20:14:50 GMT
Connection: keep-alive
Set-Cookie: AKMTLTSID=A196FC4B743C37D70B71FDE1AA0D72A3; path=/; domain=citi.com; secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
acadplusvk.in/city.com/img/qrsignon.png
119.18.52.62200 OK 741 B URL HTTP/1.1 acadplusvk.in/city.com/img/qrsignon.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash a5ee9c25c190474a2efe66a609a2ca19
890832b6a7115abd51f480dce8e74206f06a428a
dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683
GET /city.com/img/qrsignon.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:56 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 741
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/icon_globe_med-grey@2x.svg
119.18.52.62200 OK 3.5 kB URL HTTP/1.1 acadplusvk.in/city.com/img/icon_globe_med-grey@2x.svg
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (2189)
Hash 8409dd31d1b13d560ad4b9ae144054f7
37114f6c37aa187f5bdc360547678f22eaa9d9c6
a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/icon_globe_med-grey@2x.svg HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:56 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 3523
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/svg+xml
acadplusvk.in/city.com/img/logo.js
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/logo.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/logo.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=0328bb63-3fb3-44c2-a0ee-bc71a1aaf059.1665173692.1.1665173692.1665173692.3ee398d7-f2a1-472e-857a-53a1dd723e5d; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C04214617358572780873083298165451523538%7CMCAID%7C31A0445FE9F146AC-60000B6B46FB8E1F%7CMCOPTOUT-1665180895s%7CNONE%7CMCAAMLH-1665778495%7C6%7CMCAAMB-1665778495%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:56 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/googlePlay@3x.png
119.18.52.62200 OK 25 kB URL HTTP/1.1 acadplusvk.in/city.com/img/googlePlay@3x.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 390 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 27b0482f8ebba1e3cc92d2eee497497e
379e9e2ed883250c02736c151a47d38248285572
a079bb0d5590826bcc664715122004dff51e76c79608bc29f586c9388b623b77
GET /city.com/img/googlePlay@3x.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:56 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 25077
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
104.110.29.32200 OK 50 kB URL HTTP/1.1 www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
IP 104.110.29.32:0
File type Web Open Font Format, TrueType, length 71874, version 1.197\012- data
Hash 9f9e30fda8d51d8ec9d411438551e804
6bf329224599767ed07e05e3951e169908ce2be2
3257a02727a7853a68d6f70e80d7e628ac21672d3915ed360b307c7d1acee407
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff HTTP/1.1
Host: www.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff
Content-Length: 71874
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Access-Control-Max-Age: 2147483647
Dclocation: GT1DMS
ETag: W/"118c2-1832c19c958"
Last-Modified: Sun, 11 Sep 2022 10:30:31 GMT
Nonce: 0709743870704434
Referrer-Policy: no-referrer
Scope: VISITOR
Sid: 098d4980-3dc3-48e2-a25c-6c769d9bf22b
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Uuid: 4af483e8-e607-410d-b9e9-551d446f0326
X-Content-Type-Options: nosniff
X-Vcap-Request-Id: b61c5aff-0824-449c-48d6-f99efa07db7a
X-Xss-Protection: 1 ; mode=block
X-Akamai-CITISITE: GTDC
Cache-Control: public, no-transform, max-age=21600
Expires: Sat, 08 Oct 2022 02:14:50 GMT
Date: Fri, 07 Oct 2022 20:14:50 GMT
Connection: keep-alive
Set-Cookie: AKMTLTSID=A414018FDD382AC611D17487A3FA925E; path=/; domain=citi.com; secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
acadplusvk.in/city.com/img/050-location@2x.svg
119.18.52.62200 OK 1.8 kB URL HTTP/1.1 acadplusvk.in/city.com/img/050-location@2x.svg
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (785)
Hash 2a7528b41a09c242728c2805a6c37219
44f73d9270a82962219bb314894d5b5624c55631
6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/050-location@2x.svg HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:56 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1752
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/svg+xml
acadplusvk.in/city.com/img/phone.png
119.18.52.62200 OK 9.9 kB URL HTTP/1.1 acadplusvk.in/city.com/img/phone.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 396 x 270, 8-bit/color RGBA, non-interlaced\012- data
Hash 448436abd4bc903abc9a9c53cdd2fe5e
1f3731747ded20c04b25009d3a570d1164ddf1ed
5df469ee4da2bc124065cb8df0e24173c5cbc8b9e0c807960fc39c93ffb640c8
GET /city.com/img/phone.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:56 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 9873
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/appStore@3x.png
119.18.52.62200 OK 20 kB URL HTTP/1.1 acadplusvk.in/city.com/img/appStore@3x.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 351 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash d461f4d2e32e339372869b3f4be72007
d8e3a847a7d18c3948617f75622f6cd27bd4cd54
87c763c6b05015e55915d0a1e6647e4e5d0b996e78d79e1afe228dd33b68e65b
GET /city.com/img/appStore@3x.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:56 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 20047
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/laptop-and-phone-success.png
119.18.52.62200 OK 2.5 kB URL HTTP/1.1 acadplusvk.in/city.com/img/laptop-and-phone-success.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 132 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash d63ac8356aa91fa9f070d79dadaed88f
7990f46b70c992de92c29e2361ddf9f0bf369869
e5c725c5a6510cd7323ff66fa032e69cfe7aec1dd042911cae0607d071670eec
GET /city.com/img/laptop-and-phone-success.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:56 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 2544
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/social-media_youtube@3x.png
119.18.52.62200 OK 1.2 kB URL HTTP/1.1 acadplusvk.in/city.com/img/social-media_youtube@3x.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 72 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 3541c5442b1b90b4efe20ab4b2802323
ad778d35efc7b9950d2158d800b61966204b75d8
be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8
GET /city.com/img/social-media_youtube@3x.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:56 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1175
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/citilogoredesign.png
119.18.52.62200 OK 1.8 kB URL HTTP/1.1 acadplusvk.in/city.com/img/citilogoredesign.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 89 x 89, 8-bit/color RGBA, non-interlaced\012- data
Hash b8c9db53b866a0120618cd396e1513f1
5cfe9732c78e4eb7365681834cdd682b977a0232
102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed
GET /city.com/img/citilogoredesign.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:56 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1799
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
online.citi.com/nga-lite-signon/LSO_4959.jpg
23.13.42.166200 OK 108 kB URL HTTP/2 online.citi.com/nga-lite-signon/LSO_4959.jpg
IP 23.13.42.166:0
File type JPEG image data, progressive, precision 8, 2160x600, components 3\012- data
Size 108 kB (108233 bytes)
Hash 7dd9aa1bc81d1bf0e77e3e08de814096
0e251835579aa147fd88c76b85b74359856c6de9
dbdebfcc2ed9932006edcfc7f8190ca5c9a04ff737e990645712ccc33e5ce070
GET /nga-lite-signon/LSO_4959.jpg HTTP/1.1
Host: online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0445FE9F146AC-60000B6B46FB8E1F[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C04214617358572780873083298165451523538; s_ecid=MCMID%7C04214617358572780873083298165451523538
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 13:54:04 GMT
accept-ranges: bytes
content-length: 108233
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-type: image/jpeg
date: Fri, 07 Oct 2022 20:14:57 GMT
set-cookie: AKMTLTSID=46CDDBE7B53610C78C17AB90FFE08921; path=/; domain=citi.com; secure
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-Firefox-Spdy: h2
acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=0328bb63-3fb3-44c2-a0ee-bc71a1aaf059.1665173692.1.1665173692.1665173692.3ee398d7-f2a1-472e-857a-53a1dd723e5d; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C04214617358572780873083298165451523538%7CMCAID%7C31A0445FE9F146AC-60000B6B46FB8E1F%7CMCOPTOUT-1665180895s%7CNONE%7CMCAAMLH-1665778495%7C6%7CMCAAMB-1665778495%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173697777-82CA2EA2-C551-45B8-A0C0-A8A798FED917
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:56 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=0328bb63-3fb3-44c2-a0ee-bc71a1aaf059.1665173692.1.1665173692.1665173692.3ee398d7-f2a1-472e-857a-53a1dd723e5d; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C04214617358572780873083298165451523538%7CMCAID%7C31A0445FE9F146AC-60000B6B46FB8E1F%7CMCOPTOUT-1665180895s%7CNONE%7CMCAAMLH-1665778495%7C6%7CMCAAMB-1665778495%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173697777-82CA2EA2-C551-45B8-A0C0-A8A798FED917
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:56 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=0328bb63-3fb3-44c2-a0ee-bc71a1aaf059.1665173692.1.1665173692.1665173692.3ee398d7-f2a1-472e-857a-53a1dd723e5d; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C04214617358572780873083298165451523538%7CMCAID%7C31A0445FE9F146AC-60000B6B46FB8E1F%7CMCOPTOUT-1665180895s%7CNONE%7CMCAAMLH-1665778495%7C6%7CMCAAMB-1665778495%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173697777-82CA2EA2-C551-45B8-A0C0-A8A798FED917
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:56 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/cbol-pre-login-static-assets/assets/partner-login/qr/images/qrsignon-1.png
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/cbol-pre-login-static-assets/assets/partner-login/qr/images/qrsignon-1.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /cbol-pre-login-static-assets/assets/partner-login/qr/images/qrsignon-1.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=0328bb63-3fb3-44c2-a0ee-bc71a1aaf059.1665173692.1.1665173692.1665173692.3ee398d7-f2a1-472e-857a-53a1dd723e5d; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C04214617358572780873083298165451523538%7CMCAID%7C31A0445FE9F146AC-60000B6B46FB8E1F%7CMCOPTOUT-1665180895s%7CNONE%7CMCAAMLH-1665778495%7C6%7CMCAAMB-1665778495%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173697777-82CA2EA2-C551-45B8-A0C0-A8A798FED917
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:56 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
citi.demdex.net/dest5.html?d_nsid=0
52.31.4.32200 OK 2.8 kB URL HTTP/1.1 citi.demdex.net/dest5.html?d_nsid=0
IP 52.31.4.32:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: citi.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Fri, 7 Oct 2022 20:14:58 GMT
DCS: dcs-prod-irl1-1-v044-025937753.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 29 Sep 2022 16:18:56 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: UERj1/S3QIc=
Content-Length: 2791
Connection: keep-alive
acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=0328bb63-3fb3-44c2-a0ee-bc71a1aaf059.1665173692.1.1665173692.1665173692.3ee398d7-f2a1-472e-857a-53a1dd723e5d; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C04214617358572780873083298165451523538%7CMCAID%7C31A0445FE9F146AC-60000B6B46FB8E1F%7CMCOPTOUT-1665180895s%7CNONE%7CMCAAMLH-1665778495%7C6%7CMCAAMB-1665778495%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173697777-82CA2EA2-C551-45B8-A0C0-A8A798FED917
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:57 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=0328bb63-3fb3-44c2-a0ee-bc71a1aaf059.1665173692.1.1665173692.1665173692.3ee398d7-f2a1-472e-857a-53a1dd723e5d; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C04214617358572780873083298165451523538%7CMCAID%7C31A0445FE9F146AC-60000B6B46FB8E1F%7CMCOPTOUT-1665180895s%7CNONE%7CMCAAMLH-1665778495%7C6%7CMCAAMB-1665778495%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173697777-82CA2EA2-C551-45B8-A0C0-A8A798FED917
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:57 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=0328bb63-3fb3-44c2-a0ee-bc71a1aaf059.1665173692.1.1665173692.1665173692.3ee398d7-f2a1-472e-857a-53a1dd723e5d; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C04214617358572780873083298165451523538%7CMCAID%7C31A0445FE9F146AC-60000B6B46FB8E1F%7CMCOPTOUT-1665180895s%7CNONE%7CMCAAMLH-1665778495%7C6%7CMCAAMB-1665778495%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173697777-82CA2EA2-C551-45B8-A0C0-A8A798FED917
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:57 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=0328bb63-3fb3-44c2-a0ee-bc71a1aaf059.1665173692.1.1665173692.1665173692.3ee398d7-f2a1-472e-857a-53a1dd723e5d; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C04214617358572780873083298165451523538%7CMCAID%7C31A0445FE9F146AC-60000B6B46FB8E1F%7CMCOPTOUT-1665180895s%7CNONE%7CMCAAMLH-1665778495%7C6%7CMCAAMB-1665778495%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173697777-82CA2EA2-C551-45B8-A0C0-A8A798FED917
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:57 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.woff
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.woff
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.woff HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=0328bb63-3fb3-44c2-a0ee-bc71a1aaf059.1665173692.1.1665173692.1665173692.3ee398d7-f2a1-472e-857a-53a1dd723e5d; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C04214617358572780873083298165451523538%7CMCAID%7C31A0445FE9F146AC-60000B6B46FB8E1F%7CMCOPTOUT-1665180895s%7CNONE%7CMCAAMLH-1665778495%7C6%7CMCAAMB-1665778495%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173697777-82CA2EA2-C551-45B8-A0C0-A8A798FED917
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:57 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Light.woff
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Light.woff
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Light.woff HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=0328bb63-3fb3-44c2-a0ee-bc71a1aaf059.1665173692.1.1665173692.1665173692.3ee398d7-f2a1-472e-857a-53a1dd723e5d; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C04214617358572780873083298165451523538%7CMCAID%7C31A0445FE9F146AC-60000B6B46FB8E1F%7CMCOPTOUT-1665180895s%7CNONE%7CMCAAMLH-1665778495%7C6%7CMCAAMB-1665778495%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173697777-82CA2EA2-C551-45B8-A0C0-A8A798FED917
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:57 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=0328bb63-3fb3-44c2-a0ee-bc71a1aaf059.1665173692.1.1665173692.1665173692.3ee398d7-f2a1-472e-857a-53a1dd723e5d; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C04214617358572780873083298165451523538%7CMCAID%7C31A0445FE9F146AC-60000B6B46FB8E1F%7CMCOPTOUT-1665180895s%7CNONE%7CMCAAMLH-1665778495%7C6%7CMCAAMB-1665778495%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173697777-82CA2EA2-C551-45B8-A0C0-A8A798FED917
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:57 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.ttf
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.ttf
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.ttf HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=0328bb63-3fb3-44c2-a0ee-bc71a1aaf059.1665173692.1.1665173692.1665173692.3ee398d7-f2a1-472e-857a-53a1dd723e5d; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C04214617358572780873083298165451523538%7CMCAID%7C31A0445FE9F146AC-60000B6B46FB8E1F%7CMCOPTOUT-1665180895s%7CNONE%7CMCAAMLH-1665778495%7C6%7CMCAAMB-1665778495%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173697777-82CA2EA2-C551-45B8-A0C0-A8A798FED917
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:57 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Light.ttf
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Light.ttf
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Light.ttf HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=0328bb63-3fb3-44c2-a0ee-bc71a1aaf059.1665173692.1.1665173692.1665173692.3ee398d7-f2a1-472e-857a-53a1dd723e5d; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C04214617358572780873083298165451523538%7CMCAID%7C31A0445FE9F146AC-60000B6B46FB8E1F%7CMCOPTOUT-1665180895s%7CNONE%7CMCAAMLH-1665778495%7C6%7CMCAAMB-1665778495%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173697777-82CA2EA2-C551-45B8-A0C0-A8A798FED917
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:57 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/6c8ea0384518f24fa6367b97cbf3fd9d.js
119.18.52.62200 OK 0 B URL HTTP/1.1 acadplusvk.in/city.com/img/6c8ea0384518f24fa6367b97cbf3fd9d.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/6c8ea0384518f24fa6367b97cbf3fd9d.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:51 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 130786
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript