r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4921
Expires: Fri, 07 Oct 2022 21:36:12 GMT
Date: Fri, 07 Oct 2022 20:14:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: k8RyZXa5lkkaZFE_Tuhd6K0CJwi4FurpbWxHDicJWFIdqEKfBHN7Bw==
Age: 188813
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5416
Expires: Fri, 07 Oct 2022 21:44:27 GMT
Date: Fri, 07 Oct 2022 20:14:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8bk7V5Jwt46PaVY2z666SQbPk74OKILZWtarkTdaF1gCZYHZvkXGedpIxsusGNSh11FlURL0FO4=
x-amz-request-id: SXZZRGXWV2A1XZSD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 07 Oct 2022 19:31:20 GMT
age: 2571
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:14:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
acadplusvk.in/city.com/emailaddress.php
200 OK 315 kB URL HTTP/1.1 acadplusvk.in/city.com/emailaddress.php
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (55764)
Size 315 kB (315077 bytes)
Hash 2efadd1c00eb792bf5a51055a16f25eb
f61b3dd926fa878fcfe3a0720b951e6310b58f81
dd4720981aabfb019aa5356eecaab914db4e271ff33fb7257c7621fdf5523930
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /city.com/emailaddress.php HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:10 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
200 OK 471 B IP
Hash c95e2715db953e22a3b5901aff1d679c
c62a4b221c22029c9eb6451f16c03c61475d9d50
2cf54b6a3e05febd291405cc6cf4cdd6fbe4a2aba93a184de61676580f6d85f5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4448
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:12 GMT
Last-Modified: Fri, 07 Oct 2022 19:00:05 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash c95e2715db953e22a3b5901aff1d679c
c62a4b221c22029c9eb6451f16c03c61475d9d50
2cf54b6a3e05febd291405cc6cf4cdd6fbe4a2aba93a184de61676580f6d85f5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4448
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:12 GMT
Last-Modified: Fri, 07 Oct 2022 19:00:05 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash c95e2715db953e22a3b5901aff1d679c
c62a4b221c22029c9eb6451f16c03c61475d9d50
2cf54b6a3e05febd291405cc6cf4cdd6fbe4a2aba93a184de61676580f6d85f5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4448
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:12 GMT
Last-Modified: Fri, 07 Oct 2022 19:00:05 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
200 OK 76 kB URL HTTP/1.1 www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
IP
File type Web Open Font Format, TrueType, length 75538, version 1.197\012- data
Hash 3d1d3153b04b6ce8a33a20f60df9d723
60e91c7766bdc415134c1111a283ffed3749dbae
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff HTTP/1.1
Host: www.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff
Content-Length: 75538
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Access-Control-Max-Age: 2147483647
Dclocation: GT1DMS
ETag: W/"12712-1832c19c958"
Last-Modified: Sun, 11 Sep 2022 10:30:31 GMT
Nonce: 8763937778443946
Referrer-Policy: no-referrer
Scope: VISITOR
Sid: 71696be0-0755-421a-a6c6-6f1d4e87ae0a
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Uuid: 88db870f-930d-4d65-828f-90fb97d75f90
X-Content-Type-Options: nosniff
X-Vcap-Request-Id: fedf50a2-3b5c-454b-6c32-a721718c94a5
X-Xss-Protection: 1 ; mode=block
X-Akamai-CITISITE: GTDC
Cache-Control: public, no-transform, max-age=21600
Expires: Sat, 08 Oct 2022 02:14:12 GMT
Date: Fri, 07 Oct 2022 20:14:12 GMT
Connection: keep-alive
Set-Cookie: AKMTLTSID=5B1A5E420D1B828A376850AE93C07C4F; path=/; domain=citi.com; secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff
200 OK 79 kB URL HTTP/1.1 www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff
IP
File type Web Open Font Format, TrueType, length 78762, version 1.197\012- data
Hash b1f3eca7de0c2cb35740f32dd0b83823
dffc474081c23fc151265b637a4468e82004ecc8
045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff HTTP/1.1
Host: www.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff
Content-Length: 78762
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Access-Control-Max-Age: 2147483647
Dclocation: GT1DMS
ETag: W/"133aa-1832c19c958"
Last-Modified: Sun, 11 Sep 2022 10:30:31 GMT
Nonce: 9121593632974370
Referrer-Policy: no-referrer
Scope: VISITOR
Sid: df2866c6-a651-4c8f-9eab-5015e6158000
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Uuid: d7db5394-7f36-4fc2-95c6-2df7667abd32
X-Content-Type-Options: nosniff
X-Vcap-Request-Id: c110a1ed-9a5a-4d44-4a45-61791f52c94c
X-Xss-Protection: 1 ; mode=block
X-Akamai-CITISITE: GTDC
Cache-Control: public, no-transform, max-age=21600
Expires: Sat, 08 Oct 2022 02:14:12 GMT
Date: Fri, 07 Oct 2022 20:14:12 GMT
Connection: keep-alive
Set-Cookie: AKMTLTSID=5C6E850C392E3A8C07C4C427DC7D8FB9; path=/; domain=citi.com; secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
200 OK 72 kB URL HTTP/1.1 www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
IP
File type Web Open Font Format, TrueType, length 71874, version 1.197\012- data
Hash 9fd45584370dd1c58e1ed9050efb925f
7b41085678166c62e23e8cf3c8c9ab13e13c356d
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff HTTP/1.1
Host: www.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff
Content-Length: 71874
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Access-Control-Max-Age: 2147483647
Dclocation: GT1DMS
ETag: W/"118c2-1832c19c958"
Last-Modified: Sun, 11 Sep 2022 10:30:31 GMT
Nonce: 0709743870704434
Referrer-Policy: no-referrer
Scope: VISITOR
Sid: 098d4980-3dc3-48e2-a25c-6c769d9bf22b
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Uuid: 4af483e8-e607-410d-b9e9-551d446f0326
X-Content-Type-Options: nosniff
X-Vcap-Request-Id: b61c5aff-0824-449c-48d6-f99efa07db7a
X-Xss-Protection: 1 ; mode=block
X-Akamai-CITISITE: GTDC
Cache-Control: public, no-transform, max-age=21600
Expires: Sat, 08 Oct 2022 02:14:12 GMT
Date: Fri, 07 Oct 2022 20:14:12 GMT
Connection: keep-alive
Set-Cookie: AKMTLTSID=78B245478DE830C00DBB5B3B485D0E8B; path=/; domain=citi.com; secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
acadplusvk.in/city.com/img/js(1)
200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(1)
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103051 bytes)
Hash 475095d97d2441005dfdbd85f505a10a
334d9a3458f7edd09d4fca43dd474630439a86c6
008aaa0eebea326ea356339b06467c2eb5f98d4b76759ae45f6eb1f953db28ee
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(1) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:11 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 103051
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/cool-2.1.15.min.js
200 OK 14 kB URL HTTP/1.1 acadplusvk.in/city.com/img/cool-2.1.15.min.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type C source, ASCII text, with very long lines (585)
Hash 80dd5e3be5152c5c72d552c6a26ef6ff
a019565ce06f5b1c129af9ac0e9cfa82f52dcdea
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cool-2.1.15.min.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:11 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 13891
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/tc.min.js
200 OK 20 kB URL HTTP/1.1 acadplusvk.in/city.com/img/tc.min.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type C source, ASCII text, with very long lines (19497)
Hash 83c2974d08241a92c3b2dcb8f441271f
424d72cd7dfe7371c647addd7145ab3444a6b121
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/tc.min.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:11 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 19498
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Fri, 07 Oct 2022 19:29:41 GMT
Cache-Control: max-age=3600
Expires: Fri, 07 Oct 2022 20:21:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5j1WmquuCcg-OJGfbEEW3sN4p8jRbikGminbqm1BOtotPakLw6OaGA==
Age: 2671
ocsp.digicert.com/
200 OK 471 B IP
Hash d6c404502c7987174a84d8f0a3efab23
fc3a3f6d63acab3f659fb3536b65fd8564ec8628
94b5693df873bd923ffbf31f576fff01d2628e5796af4c6b91306a743e27d19b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1471
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:12 GMT
Last-Modified: Fri, 07 Oct 2022 19:49:41 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
acadplusvk.in/city.com/img/js(2)
200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(2)
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103187 bytes)
Hash a5857f45dc475f0d0248f0e88b1910fe
801f894e1e1f8f45a002108d6db22b99a86078d3
b6f517c4279c052b89206db39d95274ef20699f4142aaa9e4339790d3228a64f
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(2) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:11 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 103187
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/f.txt
200 OK 40 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f.txt
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2165)
Hash ca7e72b78555d2e8c4b16d4bd5257d75
1a8681cdb23a36d15b6fcc3709012e2871089945
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f.txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:11 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 39731
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplusvk.in/city.com/img/clarity.js
200 OK 54 kB URL HTTP/1.1 acadplusvk.in/city.com/img/clarity.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (53819)
Hash bfe7b3387bec83787001dbaff19582c7
e2c99fcf2a90e1d741850f478252bfb8ec557100
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/clarity.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:11 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 53904
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/js(5)
200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(5)
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103281 bytes)
Hash e20ba53af81eb737de7fad96944aa60b
530cce66fe22697dc035d6881942ff7bb0c409ff
e76caa473d34a77670863ffd51ee0e59b44c4bdc6367aa0e8e698bf6b264919f
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(5) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:11 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 103281
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js
200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103051 bytes)
Hash cc3f006c0d20688bd4d5760854e6fbfa
86c1c9948bad89d8978f121666970ca75a6041cf
7e035fe791d86c0346cacc50c10ab1cea6941f3dae04a87b7acc0e30ce6436d9
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:11 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 103051
Keep-Alive: timeout=15
Connection: Keep-Alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DRmp5om65FOtiT4M/f2ajg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yQZ/aA0ChzNst4Sy51m4NogYRnM=
acadplusvk.in/city.com/img/js(3)
200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(3)
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103051 bytes)
Hash a838afd9a56c8f89018f10bd09cc6421
84ee9b65a3192f5e64141e640a2ee6dc276204b0
0e8665d56063213d42b3650b1325534735f0fefe09ee48a7f734f83b5e4bfdfe
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(3) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:11 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 103051
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/bat.js
404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/bat.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/bat.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:11 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/js(6)
200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(6)
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103187 bytes)
Hash e1340ee2f64e9f54d9dbb4611f02ff99
b509c86c7c8add2aaef171af708d002a76838fc8
ac3211cc5864f812b2e7fe668137258fe2e2405cc42642d4fbcd07199f3c4028
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(6) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:11 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 103187
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(7)
200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(7)
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103187 bytes)
Hash ee67077451cebf8876f2de2297fa96ca
35ef8b8e91654c9b777ad0393237cf7646f6bd2b
4027f452062da70c1206681e4d1e3ad20d633d217bcd0f954f98e4ea7743c842
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(7) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:11 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 103187
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(8)
200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(8)
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103165 bytes)
Hash 150f0f4c807995a977803d2ff092f3eb
53586f85f91df62000e9951a676153cd93435e9b
efcb0e09a533713a54d617f43991909e46d6430c9c1531787ea15492a15b9e86
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(8) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 103165
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(9)
200 OK 93 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(9)
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash dc97114eb2971a8778934dd712c1b0de
90927dda01826d8403a55c598c2e825e87811622
c9c84a02bd7802730402506e08933a2bf019ce78600f266189b86a2d53c0bdd6
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(9) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 92863
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(10)
200 OK 93 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(10)
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash e8027c272fc8b146d2d67687166dcbf6
79ffac5d6ce9debd2fd3fefd927d4e8ad6e09cfa
e83c9c5a686b6460be3df5f34ddbe456588d4f575083e74045a00c4ff2be7db0
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(10) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 92863
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(12)
200 OK 93 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(12)
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash 79c8eea8898418116e2341640f0ec400
7c123217fd21ddd24fa8cb33674b185e5616793d
5a2aa8a1ce876434e8f0912c3be63026f79d0b0f24ea591e5379d9186fae451f
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(12) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 92863
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(11)
200 OK 93 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(11)
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash 1d3e9d76d4f76b08cb4ceb30652535dc
b42727daec4a0e7f8e2665283c31be654a3f4e80
0264c5423e565a05bcc16d1abdfec999c4e92fd5ea90146251a8549cb93773f6
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(11) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 92863
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(13)
200 OK 93 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(13)
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash 351f91dc956821f77df4a3df9e488a4f
1c13fa31eff0e9d7d500650ae9f7d006ac40c4b9
8a13175818c1064520ce05abb77e35d1c88111dcf0cd991d5227a55ff196a7e3
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(13) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 92841
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/3fac67bbed26d3e121bb84cefe395515.js
200 OK 4.1 kB URL HTTP/1.1 acadplusvk.in/city.com/img/3fac67bbed26d3e121bb84cefe395515.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (518)
Hash 8840936aaa3f823ad4c7d6c5c5b0476c
a45a46442eaab1ae98c39dfe5e8bc53027a70b91
6a4572cbce614543d10ffc2276b91140ecb0b0b9e2de0b9a87d4bc4016051f17
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/3fac67bbed26d3e121bb84cefe395515.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 4069
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/8e31a20960f50a1c34f7ccb1cd9737ec.js
200 OK 340 B URL HTTP/1.1 acadplusvk.in/city.com/img/8e31a20960f50a1c34f7ccb1cd9737ec.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (340), with no line terminators
Hash bdff6eff8de1b3545ba53c6de66e07f4
ed4dc87caeb969487a561460686dd1aeee154d47
84129e02573a4f7ca911b6b37f7129a748efdae9decea2efe415ffeabf1a66bb
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/8e31a20960f50a1c34f7ccb1cd9737ec.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 340
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/d77cad342c2e126c752063748cd63d48.js
200 OK 31 kB URL HTTP/1.1 acadplusvk.in/city.com/img/d77cad342c2e126c752063748cd63d48.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (571)
Hash 130b85fd120b6086edd93dc081411f3b
fe858f5c6cd1408944353ea478dd1d6b04956944
21201ecc3c1f81d2725b4f6b81c4dfa208edabe6a023711d6b48933b7acabf84
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/d77cad342c2e126c752063748cd63d48.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 30873
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/6c8ea0384518f24fa6367b97cbf3fd9d.js
200 OK 131 kB URL HTTP/1.1 acadplusvk.in/city.com/img/6c8ea0384518f24fa6367b97cbf3fd9d.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (614)
Size 131 kB (130786 bytes)
Hash cc5856a5888308a00d5e9db804679222
e3b5f525808ae6a09bfb1ce791f7688f32889be3
dfb30742c209a6119b53853df43d609166ce3b72e09c0f6d7bafaac8a4f1bd00
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/6c8ea0384518f24fa6367b97cbf3fd9d.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 130786
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/468b3e37a21c4198f4939c8aaca98066.js
200 OK 1.5 kB URL HTTP/1.1 acadplusvk.in/city.com/img/468b3e37a21c4198f4939c8aaca98066.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (528)
Hash 1134fb1ba0ea9f4c07cb7b8e5391014e
a41047baee806c32a43c3c42b524b65e03a82bef
61e01b4da87624c5972c4f051d92695a76fa8491c2c1512342b714b9f5db2008
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/468b3e37a21c4198f4939c8aaca98066.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1477
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/51aba9f62787efbaa13e53a8d1ae3892.js
200 OK 1.3 kB URL HTTP/1.1 acadplusvk.in/city.com/img/51aba9f62787efbaa13e53a8d1ae3892.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (524)
Hash 4d37444c012a76a0557182615bf5cdd3
1ba1932dcc6dff6035c37a14de9852606de28329
bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/51aba9f62787efbaa13e53a8d1ae3892.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1322
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/9d552101ccdbc20ef239307e0ace1356.js
200 OK 160 kB URL HTTP/1.1 acadplusvk.in/city.com/img/9d552101ccdbc20ef239307e0ace1356.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (573)
Size 160 kB (159835 bytes)
Hash 6089906788dab761a1717f00e49f6d47
afea4afa3858165eb7b2023a697829a7470e28c7
53c561089a7987d29afa32543f9d7585b9a4f565b0b6c54b703e802f2f52d386
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/9d552101ccdbc20ef239307e0ace1356.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 159835
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/d74f82b561a6aa5d9247eaf72394131a.js
200 OK 1.6 kB URL HTTP/1.1 acadplusvk.in/city.com/img/d74f82b561a6aa5d9247eaf72394131a.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (549)
Hash 43372887591ae43fb66862c6ae6d2c9b
f32f657f4a8162f6ee9f1cf9a3d88e688d0eb027
1243ffed4530d6d237dd040101bf2933687f6e9272b10132060115058f914206
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/d74f82b561a6aa5d9247eaf72394131a.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1585
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/42d4d669434e7d621371bd59ca097dbf.js
200 OK 4.8 kB URL HTTP/1.1 acadplusvk.in/city.com/img/42d4d669434e7d621371bd59ca097dbf.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (532)
Hash 573342e8c2bbcc33e1da4ee9293cbbac
c631b62c4bc3c757e7619c8e6650bbddf7aa7b8e
76b3e3ecb44a3b1216be2633c4736dc6fbef5a83a7058b7919dcb1489b5b211b
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/42d4d669434e7d621371bd59ca097dbf.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 4796
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/557566dc60916e3de69e006bef252459.js
200 OK 2.2 kB URL HTTP/1.1 acadplusvk.in/city.com/img/557566dc60916e3de69e006bef252459.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1964)
Hash c12999fcad47ab9cba1967b8c736048d
cd62dba28e44aceb5f26c5757f24f59f4f79dc95
31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/557566dc60916e3de69e006bef252459.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 2183
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/d90ce1a791ada193ee0ca4e9ce66632d.js
200 OK 4.8 kB URL HTTP/1.1 acadplusvk.in/city.com/img/d90ce1a791ada193ee0ca4e9ce66632d.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1194)
Hash f858f498c16f3fcb99e48c58f276fda5
6ed0863603eb27999945bf50bf80cac0c3617100
c1b3f3803c42132039b21ce8921335c9cb785a58d513fdc04b0350434bec8e29
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/d90ce1a791ada193ee0ca4e9ce66632d.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 4849
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 29f977a36a78c156e453a55d86eb0c82
a84cb3c6c89aad5590ab89ca14c3616e4157d6a7
d47dbc200efffb39b01d339c449845021c591c8dde619a8418a78fdb88b06393
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 07 Oct 2022 20:14:13 GMT
Last-Modified: Fri, 07 Oct 2022 18:37:59 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UtzmBnnOSPRXKG_2NlF8UOavrpSHUAQa3av2k29RX0bgWh0BZS5cbA==
Age: 5774
acadplusvk.in/city.com/img/fdf45a7c15c1cee06bb71e10dac4e26e.js
200 OK 989 B URL HTTP/1.1 acadplusvk.in/city.com/img/fdf45a7c15c1cee06bb71e10dac4e26e.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (524)
Hash a88ee16d6636b998b8a6bb0eedf3a3bb
84b7338657d33ace2048bf6b6e3b8b3fa649548a
7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/fdf45a7c15c1cee06bb71e10dac4e26e.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 989
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 29f977a36a78c156e453a55d86eb0c82
a84cb3c6c89aad5590ab89ca14c3616e4157d6a7
d47dbc200efffb39b01d339c449845021c591c8dde619a8418a78fdb88b06393
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 07 Oct 2022 20:14:13 GMT
Last-Modified: Fri, 07 Oct 2022 18:37:59 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gGFPVN4yS-xQFQ-hrx0-MqazG5tNKStcQpqRjqrHMRt8JzNbPUOsag==
Age: 5774
acadplusvk.in/city.com/img/banner.min.js
200 OK 16 kB URL HTTP/1.1 acadplusvk.in/city.com/img/banner.min.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15581), with no line terminators
Hash 58864702922ad7456667ccfa2f212a7b
f46a0697469863fc711f07b85a5327fdcfa8a839
66e0a4b3019f0e19c99a314095a7e13932cd8afcb82a236475abf3f8723ea69d
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/banner.min.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 15581
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/serverComponent.php
200 OK 2.0 kB URL HTTP/1.1 acadplusvk.in/city.com/img/serverComponent.php
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2006)
Hash 1fb82a059a748b9c4d9edf55fc111f7d
d994b755c90d3dcb0ade573d8eef086bc3232cf1
1a6193c0936ec29f4350799172f83ad78a95112799ea30c662e80f25b418361c
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/serverComponent.php HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/tagging.min.js
200 OK 45 kB URL HTTP/1.1 acadplusvk.in/city.com/img/tagging.min.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (45425), with no line terminators
Hash fdec3832e07f010886e9b9e76781723b
3c97b16b253fb4cfb08955d8912029d30810ad70
3f383b43ed678109c3a4006112945b4381899317658913dcf1d061a55b47cab5
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/tagging.min.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 45425
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
200 OK 0 B URL HTTP/2 p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: p.tvpixel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://acadplusvk.in/
Origin: https://acadplusvk.in
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 20:14:13 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://acadplusvk.in
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
X-Firefox-Spdy: h2
acadplusvk.in/city.com/img/tags.js
200 OK 82 kB URL HTTP/1.1 acadplusvk.in/city.com/img/tags.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15031)
Hash a2fe0ddd8b16afaa6b95b0fc8b038546
63eff196885a0e292a9138f48556297b8ee034c4
a1012b65a2ec44d9f1a2e3a11f74e644e505cb6544e3717b4442cb9aa73452b0
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/tags.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 82417
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/6c8322c7341eac98645c10e3d1d3c7ae.js
200 OK 239 kB URL HTTP/1.1 acadplusvk.in/city.com/img/6c8322c7341eac98645c10e3d1d3c7ae.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65536), with no line terminators
Size 239 kB (238837 bytes)
Hash 9c5a73216a34c42f3974a08a8080ce22
ce94b2f85d3629b84964e6be3dc1849361836996
93a2bf9c16a92eea122a84d246579a50fb89c3b269c78c080588cee14129b2c7
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/6c8322c7341eac98645c10e3d1d3c7ae.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 238837
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/logo.js
404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/logo.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/logo.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/js(14)
200 OK 2 B URL HTTP/1.1 acadplusvk.in/city.com/img/js(14)
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(14) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 92841
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/Bootstrap.js
200 OK 234 kB URL HTTP/1.1 acadplusvk.in/city.com/img/Bootstrap.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (579)
Size 234 kB (234403 bytes)
Hash 49a3c4174ffd09053b1dca60cf732391
3fb3ecbbe6d35c0e45d5118c05a86423ba473798
b4d7c52d0920ce3ce14dd5f198df3fb2e9bf39ff31e209a92cf146c86de4ce62
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/Bootstrap.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 234403
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/tags.js(1).download
200 OK 82 kB URL HTTP/1.1 acadplusvk.in/city.com/img/tags.js(1).download
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15031)
Hash f7ab1198801b8843ae33d61a778ce15b
f00f5121ba45a47f2c57bf96aeb61e4e5aff12df
ecddeb2adfa02b823671f9e56787dd23cadfe86fa9042940d5fea9e38054c174
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/tags.js(1).download HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 82417
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/1-es2015.e6099f56b51f44414444.js
200 OK 764 kB URL HTTP/1.1 acadplusvk.in/city.com/img/1-es2015.e6099f56b51f44414444.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65536), with no line terminators
Size 764 kB (763890 bytes)
Hash de7f2d520bd1683950d46b2c7fc79646
d9e8fe6842dd1937e46304d4811c10f8d538a184
6f56350d404b7363262ab1a2331f6ee082822c230c2dda9061439acb0ee2ea29
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/1-es2015.e6099f56b51f44414444.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 763890
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/tags.js(2).download
200 OK 82 kB URL HTTP/1.1 acadplusvk.in/city.com/img/tags.js(2).download
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15031)
Hash fe50cab64bcc9f5c84a2a6dae5ddb851
fd34b1022666c559a6db812aaba4b6932118ecfa
7c61e941b642ce421086c40e8edd357d643de75763ebe83073d329f2693f6786
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/tags.js(2).download HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 82417
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/embed.js
200 OK 1.6 kB URL HTTP/1.1 acadplusvk.in/city.com/img/embed.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (449)
Hash f18dcd577f0deae68783ef9243454a0c
15e181c5b5dbfc2766d046944c3ccd5527837ad2
7ce1ab6d7d544d02fdbfd070df6d6290a630944648f78629bccf6b7c426254ff
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/embed.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1573
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
200 OK 1.3 MB URL HTTP/1.1 acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (65017), with no line terminators
Size 1.3 MB (1263457 bytes)
Hash 05bc274118a209ed92dda2b6f1f3513c
8a1d98b811afa6ce31973058f405791def19488d
c49f7ec632ced66bfd8ac1ed0cc98a6c8e583f7b36e1faccf190a04955d39c01
GET /city.com/img/styles.a4a9307b7b034ca614a7.css HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1263457
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/css
acadplusvk.in/city.com/img/16003743.js
200 OK 0 B URL HTTP/1.1 acadplusvk.in/city.com/img/16003743.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/16003743.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/16001692.js
200 OK 685 B URL HTTP/1.1 acadplusvk.in/city.com/img/16001692.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (683), with CRLF line terminators
Hash bc3635963138a424c4fd59cf3318d19e
9f3286f6098730e4a38c6e9983dbb794ee25c840
fbfbcd5ac1839093e7f7fed9f57af9bdca51c799c591af25b624ebc421fdd052
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/16001692.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 685
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/f(1).txt
200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(1).txt
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1707), with no line terminators
Hash a3c474b77891aeaaef198d1181db85b7
c2c52aa65260562ce3bed6232dfab67b202d65dc
60efe6c61d482a9ad16c13a430e4f9b230d4a7667873a043327afadd372bef6d
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(1).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1707
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplusvk.in/city.com/img/f(2).txt
200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(2).txt
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash 105e05de24c950e870a5e43f18e1aa49
8b7b2a758921116bb3a7a213df81cc7a95ab2f18
0ed87b4fd56a4ea6f91e90ec9227281332adcb6d90c16871ddd93a8b0769fa24
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(2).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1687
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10359
Expires: Fri, 07 Oct 2022 23:06:53 GMT
Date: Fri, 07 Oct 2022 20:14:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10359
Expires: Fri, 07 Oct 2022 23:06:53 GMT
Date: Fri, 07 Oct 2022 20:14:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10359
Expires: Fri, 07 Oct 2022 23:06:53 GMT
Date: Fri, 07 Oct 2022 20:14:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10359
Expires: Fri, 07 Oct 2022 23:06:53 GMT
Date: Fri, 07 Oct 2022 20:14:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10359
Expires: Fri, 07 Oct 2022 23:06:53 GMT
Date: Fri, 07 Oct 2022 20:14:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 16339989f5c6c229a3dcc0ed1e52032f
a1ea26d6e4eb4a72cc8c87100b40035dab69d285
16703f888ee6f974bb89e1c4c16a75186b31b64130abcd1a3bcd3741159d912c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13437
x-amzn-requestid: ec801fbc-c339-46ce-ac5f-18d064e5ef21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_HdeoAMFyOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-02b52b770e6e76cf52b26e47;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Iesqk_XbGiZE-n3mTa1_1WtlXiyEqz-4qfyt3_609O1eujdLcFu3zA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:47:25 GMT
age: 80809
etag: "a1ea26d6e4eb4a72cc8c87100b40035dab69d285"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53b7ffdc3799e0ac7a225145242579ef
c47f0525fe5354ee13fe63c0ec31f0f826a58005
4bb518afc9b3e7bfb976d343e46b306155834adbe71fa35b0d6f509959f78aca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10987
x-amzn-requestid: c2ab1012-1afd-4d74-8114-97977b43da24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZgCHwGdGoAMFvyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633cb097-3237927a0c1e081d22c902f7;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 22:15:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: JYDg0-KelCPr__4bKtpARLrwiE1CHGICcFI6I9_TFCMcmESbykNhXQ==
via: 1.1 3dde68f1f52282c9e1ee336d97233b0a.cloudfront.net (CloudFront), 1.1 27f6faf9790b5a2877fb528fa31f7922.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:50 GMT
age: 79524
etag: "c47f0525fe5354ee13fe63c0ec31f0f826a58005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 54a8c6f45c6a0f3a5c0199d65ca880c6
173104e5386bb24b90f2d7350d008490555e635f
036b47cef15d692924142d169d5f859b5273cc83f6adf61b4e6de9d693313abe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2297
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:14 GMT
Last-Modified: Fri, 07 Oct 2022 19:35:57 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2ac0ed19ef64f2f765ce7adb2a8fa7c
b6ea582befd01324dd456d59d3f610101dcf910c
d324c9f67b0efc38a935195076488dd0a62f61b893706ecf40ad1f2c5550a7d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11492
x-amzn-requestid: 7ac7e364-5204-4101-87f6-89fbdf3c5cb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_GKSoAMFdkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-4ae692e2617657225c88e5fb;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: trKPg7J7s_BuMlog8HXU2ipo4dQlR3RAJ93KqFxf0BhcrzB8FDx3_A==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 25b9a991f871f75614e7f92f97b136a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:43:40 GMT
age: 81034
etag: "b6ea582befd01324dd456d59d3f610101dcf910c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg
200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4572451a09430ca7a9203f14ddc035ba
46e17c44fba23988d7a9d9832c411ba2810136c3
fa54e73c4b32d8e109504ebcd46e4316de8143f44b7eae20a44ba63d14a6f24b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8445
x-amzn-requestid: 7d295b3b-29d6-4b2e-8314-c9055d1def80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmju5FxwoAMFeQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4cc5-3f58c18b1159ad512c60422b;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:46:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: DC1ECXhkAhfdrU8ZyMhhDdwydsq4PQfzzGOPd-REjCkCsDbXQLnLiA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:57 GMT
etag: "46e17c44fba23988d7a9d9832c411ba2810136c3"
content-type: image/jpeg
age: 79517
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e30ca5022768294665070cafc9d489c
c6ebf53c21206cfcf8e70279d3ae43f0170ade3a
6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: Vy9jQu1a8BGypY4C4u_9gao5wPEkVHgArhG2zMNdH8KfBS0lfmyHBA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57bd3a2d9e0e4cbf89d9eb3d7dfb916e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:43:40 GMT
age: 81034
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed3fa86bbe319c9a2f81ff625e677cb0
e3d5210207f6ff922bc28e328285059c19a523a4
5919694bd942a4f25d5b7ffc3f8aee1af6cdb8461d4ba3dba9a2e72cf19164c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7261
x-amzn-requestid: e1bdf299-b29e-4f58-9c8a-33f5dacdb081
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmirBELYoAMFfgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b13-1969b32c6f4f7e5749e7caa0;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: FO5iGJFmDfdklhzIVOxp4x3AV7ltFqBDDlYBz39Zzx99t7oykNR2WQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 a4479a6315f90864adc6175b280f8f44.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:43:40 GMT
age: 81034
etag: "e3d5210207f6ff922bc28e328285059c19a523a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
acadplusvk.in/city.com/img/f(3).txt
200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(3).txt
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash 59183bb0c357bdb97de4dc8b213a65d5
3d367827bdca980d192662f3a111f0e305298c2d
76fb126ee024dcf4a093ac4d3614448b9281355f1033a422fc929298e88fa877
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(3).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1687
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1665173654221
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1665173654221
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1665173654221 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://acadplusvk.in
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v044-07188673d.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1665173654221
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=69703762255640180944255232603972338003; Max-Age=15552000; Expires=Wed, 05 Apr 2023 20:14:14 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: 5xIzJkbNSGQ=
Content-Length: 0
Connection: keep-alive
acadplusvk.in/city.com/img/f(4).txt
200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(4).txt
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash 0fd5231876c22268722a1e7165491c79
58c83e84250ac336d464a3dd3259f4bcf0abe847
6bb0c1eaae6f6770f889c139ca441c1c21ab76ba7cd86cb28600955f3ee15302
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(4).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1687
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplusvk.in/city.com/img/f(5).txt
200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(5).txt
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash aee303a04ab673a2672eb1f03d5948eb
e4815a021bb7f559a74f06af7d4bbb15f412c34f
2c3e0f1421ec0c865caf07a6fee834c43eb456613a9d1aee3a3db0c463c9d340
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(5).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1687
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplusvk.in/city.com/img/f(6).txt
200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(6).txt
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash 4de224726a52a4e597299903c0bb3e8d
3cf73c8bdaac20bd12ce5e1988eaad5360477cf7
85272ec3d43640c29bdc41f4f2f7c2942b2f96d76254e8b2802006eab8bc44fa
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(6).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1687
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1665173654221
200 OK 124 B URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1665173654221
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
GET /id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1665173654221 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplusvk.in
Content-Type: application/x-www-form-urlencoded
Referer: https://acadplusvk.in/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://acadplusvk.in
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v044-057fd01b2.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: Zm6GK+TwSxI=
Content-Length: 124
Connection: keep-alive
acadplusvk.in/city.com/img/f(8).txt
200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(8).txt
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash 9b2c364e9da0124e5ab850764f97c6f7
9e3ba6ab87fc565c26c8a228e21ae56c93499a54
ec92c710f2d67faf40a7c39947630493ffd75ca46a82cfadde25e8eb05e53bf3
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(8).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1687
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplusvk.in/city.com/img/f(7).txt
200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(7).txt
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1706), with no line terminators
Hash 23d55fab0c56bb20c76f5581cdf86690
3252edaef11fb2fddbb4a8afdb691a6bcaa5751c
441dbbcac58f504c76ab5ff91afa232a4f7734790a9fd2345cad297f00537aa0
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(7).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1706
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplusvk.in/city.com/img/bat.js
404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/bat.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/bat.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/logo.js
404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/logo.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/logo.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=4784a9b6-3beb-49dc-89d0-3c3c0e6c8168.1665173653.1.1665173653.1665173653.1ef87543-a182-47d8-947b-80031e4f7d73; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CvVersion%7C3.1.2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
200 OK 471 B IP
Hash cb8451a42aabd3cfbe241b305b704d64
a3877c21f13dbb472e051d459e4656fc46690275
5fd79754e671af8953c110c346508d6c893165bf98b272533c209bf259384662
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 606
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:14 GMT
Last-Modified: Fri, 07 Oct 2022 20:04:08 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
acadplusvk.in/city.com/img/social-media_twitter@3x.png
200 OK 1.3 kB URL HTTP/1.1 acadplusvk.in/city.com/img/social-media_twitter@3x.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 66 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 60b0fec951727b4762fabc2570a1317f
56f9ed9699233f4cef1317a9a2c83179070b5e8a
5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837
GET /city.com/img/social-media_twitter@3x.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1277
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/social-media_youtube@3x.png
200 OK 1.2 kB URL HTTP/1.1 acadplusvk.in/city.com/img/social-media_youtube@3x.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 72 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 3541c5442b1b90b4efe20ab4b2802323
ad778d35efc7b9950d2158d800b61966204b75d8
be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8
GET /city.com/img/social-media_youtube@3x.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1175
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/social-media_facebook@3x.png
200 OK 445 B URL HTTP/1.1 acadplusvk.in/city.com/img/social-media_facebook@3x.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 27 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f627e41e84a3b87f57c9de2e3a722d0
a7d350d9d267149f60b46a454f021920f89df877
695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b
GET /city.com/img/social-media_facebook@3x.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 445
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/appStore@3x.png
200 OK 20 kB URL HTTP/1.1 acadplusvk.in/city.com/img/appStore@3x.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 351 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash d461f4d2e32e339372869b3f4be72007
d8e3a847a7d18c3948617f75622f6cd27bd4cd54
87c763c6b05015e55915d0a1e6647e4e5d0b996e78d79e1afe228dd33b68e65b
GET /city.com/img/appStore@3x.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 20047
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
200 OK 471 B IP
Hash f50d2e650cf68984c27d915f82232d43
52f23655ea0c90f5544eccd2ce845a752d5a578e
f34b126fadf6c7c51516cb94e23371f2dc46d9dfce8a3fb34033ce0621e32db8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5533
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:14 GMT
Last-Modified: Fri, 07 Oct 2022 18:42:01 GMT
Server: ECS (amb/6BC2)
X-Cache: HIT
Content-Length: 471
metrics1.citi.com/id?d_visid_ver=3.1.2&d_fieldgroup=MC&mcorgid=61834D9B5228A7430A490D45%40AdobeOrg&ts=1665173654491
200 OK 89 B URL HTTP/2 metrics1.citi.com/id?d_visid_ver=3.1.2&d_fieldgroup=MC&mcorgid=61834D9B5228A7430A490D45%40AdobeOrg&ts=1665173654491
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash f0496b33f4b349d68690ff06138f1c64
a3f203f68d4a0965734962afa9132ab39713cc93
9073528a37a8b5c4b1ad0db1cf3921fa8b5f607bc82ac838494d78f049699abd
GET /id?d_visid_ver=3.1.2&d_fieldgroup=MC&mcorgid=61834D9B5228A7430A490D45%40AdobeOrg&ts=1665173654491 HTTP/1.1
Host: metrics1.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://acadplusvk.in
access-control-allow-credentials: true
date: Fri, 07 Oct 2022 20:14:14 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; Path=/; Domain=citi.com; Max-Age=63072000; Expires=Sun, 06 Oct 2024 20:14:14 GMT; SameSite=None; Secure
AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; Path=/; Domain=citi.com; Max-Age=63072000; Expires=Sun, 06 Oct 2024 20:14:14 GMT; SameSite=None; Secure
s_ecid=MCMID%7C88612723193342365602293033654333274497; Path=/; Domain=citi.com; Max-Age=63072000; Expires=Sun, 06 Oct 2024 20:14:14 GMT; SameSite=None; Secure
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 89
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
acadplusvk.in/city.com/img/citilogoredesign.png
200 OK 1.8 kB URL HTTP/1.1 acadplusvk.in/city.com/img/citilogoredesign.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 89 x 89, 8-bit/color RGBA, non-interlaced\012- data
Hash b8c9db53b866a0120618cd396e1513f1
5cfe9732c78e4eb7365681834cdd682b977a0232
102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed
GET /city.com/img/citilogoredesign.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1799
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/050-location@2x.svg
200 OK 1.8 kB URL HTTP/1.1 acadplusvk.in/city.com/img/050-location@2x.svg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (785)
Hash 2a7528b41a09c242728c2805a6c37219
44f73d9270a82962219bb314894d5b5624c55631
6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/050-location@2x.svg HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1752
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/svg+xml
acadplusvk.in/city.com/img/icon_globe_med-grey@2x.svg
200 OK 3.5 kB URL HTTP/1.1 acadplusvk.in/city.com/img/icon_globe_med-grey@2x.svg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (2189)
Hash 8409dd31d1b13d560ad4b9ae144054f7
37114f6c37aa187f5bdc360547678f22eaa9d9c6
a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/icon_globe_med-grey@2x.svg HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 3523
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/svg+xml
acadplusvk.in/city.com/img/phone.png
200 OK 9.9 kB URL HTTP/1.1 acadplusvk.in/city.com/img/phone.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 396 x 270, 8-bit/color RGBA, non-interlaced\012- data
Hash 448436abd4bc903abc9a9c53cdd2fe5e
1f3731747ded20c04b25009d3a570d1164ddf1ed
5df469ee4da2bc124065cb8df0e24173c5cbc8b9e0c807960fc39c93ffb640c8
GET /city.com/img/phone.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 9873
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/qrsignon.png
200 OK 741 B URL HTTP/1.1 acadplusvk.in/city.com/img/qrsignon.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash a5ee9c25c190474a2efe66a609a2ca19
890832b6a7115abd51f480dce8e74206f06a428a
dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683
GET /city.com/img/qrsignon.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 741
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/laptop-and-phone-success.png
200 OK 2.5 kB URL HTTP/1.1 acadplusvk.in/city.com/img/laptop-and-phone-success.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 132 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash d63ac8356aa91fa9f070d79dadaed88f
7990f46b70c992de92c29e2361ddf9f0bf369869
e5c725c5a6510cd7323ff66fa032e69cfe7aec1dd042911cae0607d071670eec
GET /city.com/img/laptop-and-phone-success.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 2544
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
online.citi.com/nga-lite-signon/LSO_4959.jpg
200 OK 108 kB URL HTTP/2 online.citi.com/nga-lite-signon/LSO_4959.jpg
IP
File type JPEG image data, progressive, precision 8, 2160x600, components 3\012- data
Size 108 kB (108233 bytes)
Hash 7dd9aa1bc81d1bf0e77e3e08de814096
0e251835579aa147fd88c76b85b74359856c6de9
dbdebfcc2ed9932006edcfc7f8190ca5c9a04ff737e990645712ccc33e5ce070
GET /nga-lite-signon/LSO_4959.jpg HTTP/1.1
Host: online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 13:54:04 GMT
accept-ranges: bytes
content-length: 108233
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-type: image/jpeg
date: Fri, 07 Oct 2022 20:14:14 GMT
set-cookie: AKMTLTSID=45B7A666A73138FE33A0DCBABEED05B5; path=/; domain=citi.com; secure
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-Firefox-Spdy: h2
acadplusvk.in/city.com/img/laptop-and-phone-pairing.png
200 OK 3.0 kB URL HTTP/1.1 acadplusvk.in/city.com/img/laptop-and-phone-pairing.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 132 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash b046a1c58205ebfbee7886df2de485b5
05a4dd6b988a6c55afa3225780e341e5db52a787
a9a43473908fb995ecdc6bd80d80fd42d3e43bf31687aff0978d7389de2573aa
GET /city.com/img/laptop-and-phone-pairing.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 3044
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=4784a9b6-3beb-49dc-89d0-3c3c0e6c8168.1665173653.1.1665173653.1665173653.1ef87543-a182-47d8-947b-80031e4f7d73; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1665173654644-B6A429FC-6F80-40AE-A3FE-A4517F701CBF
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=4784a9b6-3beb-49dc-89d0-3c3c0e6c8168.1665173653.1.1665173653.1665173653.1ef87543-a182-47d8-947b-80031e4f7d73; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1665173654644-B6A429FC-6F80-40AE-A3FE-A4517F701CBF
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff
404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=4784a9b6-3beb-49dc-89d0-3c3c0e6c8168.1665173653.1.1665173653.1665173653.1ef87543-a182-47d8-947b-80031e4f7d73; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1665173654644-B6A429FC-6F80-40AE-A3FE-A4517F701CBF
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/cbol-pre-login-static-assets/assets/partner-login/qr/images/qrsignon-1.png
404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/cbol-pre-login-static-assets/assets/partner-login/qr/images/qrsignon-1.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /cbol-pre-login-static-assets/assets/partner-login/qr/images/qrsignon-1.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=4784a9b6-3beb-49dc-89d0-3c3c0e6c8168.1665173653.1.1665173653.1665173653.1ef87543-a182-47d8-947b-80031e4f7d73; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1665173654644-B6A429FC-6F80-40AE-A3FE-A4517F701CBF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/googlePlay@3x.png
200 OK 25 kB URL HTTP/1.1 acadplusvk.in/city.com/img/googlePlay@3x.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 390 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 27b0482f8ebba1e3cc92d2eee497497e
379e9e2ed883250c02736c151a47d38248285572
a079bb0d5590826bcc664715122004dff51e76c79608bc29f586c9388b623b77
GET /city.com/img/googlePlay@3x.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 25077
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&d_mid=88612723193342365602293033654333274497&d_cid_ic=AVID%0131A0444B2E65B401-60001B15870166D2&ts=1665173654986
200 OK 302 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&d_mid=88612723193342365602293033654333274497&d_cid_ic=AVID%0131A0444B2E65B401-60001B15870166D2&ts=1665173654986
IP
File type JSON data\012- , ASCII text, with very long lines (358), with no line terminators
Hash 70dcd93078e977f5c43079575de77087
a78a13ce398e2c263045ea13487f4f9c337664ae
c9722b08b8ccd6c17efc8f857d58b0bee92641afb8866051e3dd652b56e5e958
GET /id?d_visid_ver=3.1.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&d_mid=88612723193342365602293033654333274497&d_cid_ic=AVID%0131A0444B2E65B401-60001B15870166D2&ts=1665173654986 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://acadplusvk.in
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v044-01c2009f5.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=83119670576578212351617328604748103714; Max-Age=15552000; Expires=Wed, 05 Apr 2023 20:14:15 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: Fzw53G+LRg4=
Content-Length: 302
Connection: keep-alive
acadplusvk.in/city.com/img/EqualHousing.png
200 OK 1.6 kB URL HTTP/1.1 acadplusvk.in/city.com/img/EqualHousing.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 29 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash 83a5bb8d054fc7b4adab0615c487dc25
8a26d8e39da754c8f63d2a3122ed87a6e4a7f369
f23485e8b9c368f28f18a0bb110573df79c00ac3a2ca71d68017db100207639d
GET /city.com/img/EqualHousing.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1606
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf
404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=4784a9b6-3beb-49dc-89d0-3c3c0e6c8168.1665173653.1.1665173653.1665173653.1ef87543-a182-47d8-947b-80031e4f7d73; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1665173654644-B6A429FC-6F80-40AE-A3FE-A4517F701CBF
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf
404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=4784a9b6-3beb-49dc-89d0-3c3c0e6c8168.1665173653.1.1665173653.1665173653.1ef87543-a182-47d8-947b-80031e4f7d73; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1665173654644-B6A429FC-6F80-40AE-A3FE-A4517F701CBF
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf
404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=4784a9b6-3beb-49dc-89d0-3c3c0e6c8168.1665173653.1.1665173653.1665173653.1ef87543-a182-47d8-947b-80031e4f7d73; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1665173654644-B6A429FC-6F80-40AE-A3FE-A4517F701CBF
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:13 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Light.woff
404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Light.woff
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Light.woff HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=4784a9b6-3beb-49dc-89d0-3c3c0e6c8168.1665173653.1.1665173653.1665173653.1ef87543-a182-47d8-947b-80031e4f7d73; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C88612723193342365602293033654333274497%7CMCAID%7C31A0444B2E65B401-60001B15870166D2%7CMCOPTOUT-1665180854s%7CNONE%7CMCAAMLH-1665778455%7C6%7CMCAAMB-1665778455%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1665173654644-B6A429FC-6F80-40AE-A3FE-A4517F701CBF; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:14 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff
404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=4784a9b6-3beb-49dc-89d0-3c3c0e6c8168.1665173653.1.1665173653.1665173653.1ef87543-a182-47d8-947b-80031e4f7d73; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C88612723193342365602293033654333274497%7CMCAID%7C31A0444B2E65B401-60001B15870166D2%7CMCOPTOUT-1665180854s%7CNONE%7CMCAAMLH-1665778455%7C6%7CMCAAMB-1665778455%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1665173654644-B6A429FC-6F80-40AE-A3FE-A4517F701CBF; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:14 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.woff
404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.woff
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.woff HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=4784a9b6-3beb-49dc-89d0-3c3c0e6c8168.1665173653.1.1665173653.1665173653.1ef87543-a182-47d8-947b-80031e4f7d73; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C88612723193342365602293033654333274497%7CMCAID%7C31A0444B2E65B401-60001B15870166D2%7CMCOPTOUT-1665180854s%7CNONE%7CMCAAMLH-1665778455%7C6%7CMCAAMB-1665778455%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1665173654644-B6A429FC-6F80-40AE-A3FE-A4517F701CBF; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:14 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Light.woff
404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Light.woff
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/commonui-assets/fonts/interstate/Interstate-Light.woff HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=4784a9b6-3beb-49dc-89d0-3c3c0e6c8168.1665173653.1.1665173653.1665173653.1ef87543-a182-47d8-947b-80031e4f7d73; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C88612723193342365602293033654333274497%7CMCAID%7C31A0444B2E65B401-60001B15870166D2%7CMCOPTOUT-1665180854s%7CNONE%7CMCAAMLH-1665778455%7C6%7CMCAAMB-1665778455%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1665173654644-B6A429FC-6F80-40AE-A3FE-A4517F701CBF; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:14 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
citi.demdex.net/dest5.html?d_nsid=0
200 OK 2.8 kB URL HTTP/1.1 citi.demdex.net/dest5.html?d_nsid=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: citi.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Fri, 7 Oct 2022 20:14:15 GMT
DCS: dcs-prod-irl1-1-v044-0b1a912a4.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 29 Sep 2022 16:23:21 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: 44CHMtQgQRI=
transfer-encoding: chunked
Connection: keep-alive
acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Light.ttf
404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Light.ttf
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Light.ttf HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=4784a9b6-3beb-49dc-89d0-3c3c0e6c8168.1665173653.1.1665173653.1665173653.1ef87543-a182-47d8-947b-80031e4f7d73; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C88612723193342365602293033654333274497%7CMCAID%7C31A0444B2E65B401-60001B15870166D2%7CMCOPTOUT-1665180854s%7CNONE%7CMCAAMLH-1665778455%7C6%7CMCAAMB-1665778455%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1665173654644-B6A429FC-6F80-40AE-A3FE-A4517F701CBF; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:14 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Light.ttf
404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Light.ttf
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/commonui-assets/fonts/interstate/Interstate-Light.ttf HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=4784a9b6-3beb-49dc-89d0-3c3c0e6c8168.1665173653.1.1665173653.1665173653.1ef87543-a182-47d8-947b-80031e4f7d73; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C88612723193342365602293033654333274497%7CMCAID%7C31A0444B2E65B401-60001B15870166D2%7CMCOPTOUT-1665180854s%7CNONE%7CMCAAMLH-1665778455%7C6%7CMCAAMB-1665778455%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1665173654644-B6A429FC-6F80-40AE-A3FE-A4517F701CBF; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:14 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf
404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=4784a9b6-3beb-49dc-89d0-3c3c0e6c8168.1665173653.1.1665173653.1665173653.1ef87543-a182-47d8-947b-80031e4f7d73; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C88612723193342365602293033654333274497%7CMCAID%7C31A0444B2E65B401-60001B15870166D2%7CMCOPTOUT-1665180854s%7CNONE%7CMCAAMLH-1665778455%7C6%7CMCAAMB-1665778455%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1665173654644-B6A429FC-6F80-40AE-A3FE-A4517F701CBF; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:14 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.ttf
404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.ttf
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.ttf HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=4784a9b6-3beb-49dc-89d0-3c3c0e6c8168.1665173653.1.1665173653.1665173653.1ef87543-a182-47d8-947b-80031e4f7d73; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C88612723193342365602293033654333274497%7CMCAID%7C31A0444B2E65B401-60001B15870166D2%7CMCOPTOUT-1665180854s%7CNONE%7CMCAAMLH-1665778455%7C6%7CMCAAMB-1665778455%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1665173654644-B6A429FC-6F80-40AE-A3FE-A4517F701CBF; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:14 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
200 OK 471 B IP
Hash f1dd147f2fb2aa13c04d6a302fc3ac17
019b0340f20c582cb07049c1f637d3c1cc2b3de9
699482ac85d20d0a396a62cf1712b4d32c7bde9024f2beed84272c818283d718
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:15 GMT
Server: ECS (amb/6BC8)
Content-Length: 471
contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
200 OK 1.3 kB URL HTTP/2 contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (1317), with no line terminators
Hash b998a7bad147a9dd13c141178302b706
333909dd42355326d101ef1c131c13459c8a2eda
36434b3dbde259b976a1beb2c71f7a2a0dde20a3ddc83bea69d19c99927a3605
POST /client/v3.1/web/wup?cid=cedric HTTP/1.1
Host: contents2.00110.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 172
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 1317
date: Fri, 07 Oct 2022 20:14:14 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: 7cccfb4d-24dc-493a-b812-67cd7e0a6098
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
nexus.ensighten.com/error/e.gif?msg=_dl%20is%20not%20defined&lnn=481&fn=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Fimg%2FBootstrap.js&cid=1129&client=citi&publishPath=na_prod&rid=3092996&did=622672&errorName=ReferenceError
204 No Content 0 B URL HTTP/2 nexus.ensighten.com/error/e.gif?msg=_dl%20is%20not%20defined&lnn=481&fn=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Fimg%2FBootstrap.js&cid=1129&client=citi&publishPath=na_prod&rid=3092996&did=622672&errorName=ReferenceError
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /error/e.gif?msg=_dl%20is%20not%20defined&lnn=481&fn=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Fimg%2FBootstrap.js&cid=1129&client=citi&publishPath=na_prod&rid=3092996&did=622672&errorName=ReferenceError HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: CloudFront
date: Fri, 07 Oct 2022 01:05:19 GMT
cache-control: no-cache, no-store
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wy4uImcTlT7Bk4t4q9yvr5vxkcgvl7Z3sdfPAnCc6zJ8ClyA6qGvcg==
age: 68936
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 38c8ed81c69d2af0003394c9fb9274c5
a71c6fb6d685275f8a8c7d9d87860df08a450038
fdff30d374603ecd62c6d244a1175731787725dba48777122802055969be28f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 579e733097a7260db68f6ab5fc4ab3c9
bcee618650f7eb1595974812db6995d7ee0e9764
c025aa32afae5edb4c793bcc3076c86ae945438c7d2e96f7847054aeb1ed690b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 38c8ed81c69d2af0003394c9fb9274c5
a71c6fb6d685275f8a8c7d9d87860df08a450038
fdff30d374603ecd62c6d244a1175731787725dba48777122802055969be28f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 579e733097a7260db68f6ab5fc4ab3c9
bcee618650f7eb1595974812db6995d7ee0e9764
c025aa32afae5edb4c793bcc3076c86ae945438c7d2e96f7847054aeb1ed690b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nexus.ensighten.com/citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963
200 OK 989 B URL HTTP/2 nexus.ensighten.com/citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963
IP
File type ASCII text, with very long lines (524)
Hash a88ee16d6636b998b8a6bb0eedf3a3bb
84b7338657d33ace2048bf6b6e3b8b3fa649548a
7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110
GET /citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 989
date: Fri, 22 Jul 2022 05:10:06 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Jul 2021 20:01:14 GMT
etag: "a88ee16d6636b998b8a6bb0eedf3a3bb"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: .wEMJ82rme0Ajy8MXYWYMqCLOS4zdOlx
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oNy6XGUOOnZqRTze1ZdHf4hdHiC1WzMC0_VwvF0Mf2Hax0RW6PGJnQ==
age: 6707050
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/695231162/?random=1645199688136&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2490011135&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/695231162/?random=1645199688136&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2490011135&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/695231162/?random=1645199688136&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2490011135&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 579e733097a7260db68f6ab5fc4ab3c9
bcee618650f7eb1595974812db6995d7ee0e9764
c025aa32afae5edb4c793bcc3076c86ae945438c7d2e96f7847054aeb1ed690b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/819500023/?random=1645199688162&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=934572699&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/819500023/?random=1645199688162&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=934572699&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/819500023/?random=1645199688162&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=934572699&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/916451471/?random=1645199688127&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1013547421&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/916451471/?random=1645199688127&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1013547421&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/916451471/?random=1645199688127&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1013547421&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/959299794/?random=1645199688176&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2969722864&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/959299794/?random=1645199688176&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2969722864&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/959299794/?random=1645199688176&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2969722864&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/975701947/?random=1645199688158&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3742915801&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/975701947/?random=1645199688158&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3742915801&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/975701947/?random=1645199688158&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3742915801&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/960621875/?random=1645199688150&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3640341865&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/960621875/?random=1645199688150&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3640341865&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/960621875/?random=1645199688150&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3640341865&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/830907969/?random=1645199688154&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3929776891&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/830907969/?random=1645199688154&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3929776891&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/830907969/?random=1645199688154&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3929776891&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
302 Found 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=5886E39989AF4FFC94E7BD113C66060C&RedC=c.clarity.ms&MXFR=36C1683FC53369C518887A09C1336750
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=36C1683FC53369C518887A09C1336750; domain=.clarity.ms; expires=Wed, 01-Nov-2023 20:14:15 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Fri, 07 Oct 2022 20:14:15 GMT
content-length: 0
X-Firefox-Spdy: h2
c1.rfihub.net/js/tc.min.js
200 OK 6.2 kB URL HTTP/2 c1.rfihub.net/js/tc.min.js
IP
File type C source, ASCII text, with very long lines (19497)
Hash ab5a2e3f2414c0a2b622e48c0b6da2fd
1a894787bde6cbf9b58d47b8f4245607420112ad
a5ef19cf7ca85f760c462ed2f228430c8d0a6d9daf3aa34894a5c42113cfdb8f
GET /js/tc.min.js HTTP/1.1
Host: c1.rfihub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6162
date: Fri, 07 Oct 2022 19:29:40 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
expires: Fri, 07 Oct 2022 20:29:40 GMT
last-modified: Fri, 07 Oct 2022 19:29:30 GMT
content-encoding: gzip
server: Jetty(9.3.29.v20201019)
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7-iOp3OmnbfwC4dG9OF1ygSNZeH-jQSoItom8JRn40hPvCph0UFytQ==
age: 2675
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 87465c15992fe10c24c62a185f8c171d
fa938b624d06d1e2927c8eda6a44b2a32d930f59
239ef7fe5df8c396d96a928c20d66c842a5ec3e9ff71a3cd7c0068906fc3e537
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ab2b7d996f9349fc41869dd032af9539
30763523f8aec56dd406c6b1750484662d14e60f
cee36007cd227e85bc6f1d3c0901a5cbcb9f52a8a7563d90b697cb2b67c42e47
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 07 Oct 2022 20:14:15 GMT
Last-Modified: Fri, 07 Oct 2022 19:22:18 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zS6e9FOv4UcLXczUEUIprli7DnWxJEUtD08hhSNWJcn-Zf4BKTCdFQ==
Age: 3117
ocsp.sectigo.com/
200 OK 472 B IP
Hash eaa32bc70d58ee3e9cefd05cb9e45209
b4a2ddb3627b993cc0207e945257777a8ef9c4ff
d2bc78bf694beade4f35a9a1622d7ff5062e6308c3ea49d14e0ee638f2100fa6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 12:17:23 GMT
Expires: Wed, 12 Oct 2022 12:17:22 GMT
Etag: "b4a2ddb3627b993cc0207e945257777a8ef9c4ff"
Cache-Control: max-age=402786,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75694d545e671c0e-OSL
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
200 OK 221 B URL HTTP/2 1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 221
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Thu, 06 Oct 2022 20:41:29 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hgg1aeqfqyU3YJIBHPDUD0m34uThUM9q17hxLVYxG2WcG8VzqLDWiA==
age: 84767
X-Firefox-Spdy: h2
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
200 OK 3.2 kB URL HTTP/2 1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
date: Thu, 06 Oct 2022 21:57:01 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2n_5QB3VNaPaN7yrRqcJiqpO59wjenYWHTiU2FTZTsRl2oRfrg29AQ==
age: 80235
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 00776157dc98913405595c4b126e9ee2
8ee3950fa60340b03e0c53c8e5e07d18321a69f0
daa313ad6f0cb705d8a4fdb55aa65ffd6c1695326409c2ccf378e3c7e36de35c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.everesttech.net/cm/dd?d_uuid=83119670576578212351617328604748103714
302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=83119670576578212351617328604748103714
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=83119670576578212351617328604748103714 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Fri, 07 Oct 2022 20:14:15 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y0CIlwAAALRq6AOV; Domain=.everesttech.net; Expires=Sat, 07-Oct-2023 20:14:15 GMT; Path=/
everest_session_v2=Y0CIlwAAALRq6QOV; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y0CIlwAAALRq6AOV
Server: AMO-cookiemap/1.1
www.googletagmanager.com/gtag/js?id=DC-6260004
200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-6260004
IP
File type ASCII text, with very long lines (2039)
Hash 57eb8c56da253958741b2692a3cb4e84
43f4c7ceaefbe4fe3f63e1d06379d27efee88d46
8ff01783148b88ad4ba8ec95161eb20039072097c14cf0c6fb73c1bae059a274
GET /gtag/js?id=DC-6260004 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 07 Oct 2022 20:14:15 GMT
expires: Fri, 07 Oct 2022 20:14:15 GMT
cache-control: private, max-age=900
last-modified: Fri, 07 Oct 2022 18:10:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42577
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 4a3537782727d0cd620456d32a8cfe81
3dcf889c6b528df6edbc76942729d6ee23d40bd6
dbeca37bb01f7549e346005a57f8887fe161c10ea813fbe54fffbe17c68a4994
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 02:15:46 GMT
Expires: Wed, 12 Oct 2022 02:15:45 GMT
Etag: "3dcf889c6b528df6edbc76942729d6ee23d40bd6"
Cache-Control: max-age=366689,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75694d54ced61c0e-OSL
20766699p.rfihub.com/ca.html?ver=9&ra=280&rb=648&ca=20766699&_o=17169175&_t=&_rev=1&_pcode=1&_orderid=1&ssv_cuuid=&ssv_package=null&ssv_prodlist=null&ssv_pagename=&pe=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&pf=&ra=06770335328994781
200 OK 118 B URL HTTP/1.1 20766699p.rfihub.com/ca.html?ver=9&ra=280&rb=648&ca=20766699&_o=17169175&_t=&_rev=1&_pcode=1&_orderid=1&ssv_cuuid=&ssv_package=null&ssv_prodlist=null&ssv_pagename=&pe=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&pf=&ra=06770335328994781
IP
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 372d494a4cb82acdc6b44d6941392ec4
3c777c56cb89b34f2e15159282dca81dcdfe33d7
c437eb764a99e6cd5172d63c3fae564bbc51eda4981058d5edebd2bf0700eb76
GET /ca.html?ver=9&ra=280&rb=648&ca=20766699&_o=17169175&_t=&_rev=1&_pcode=1&_orderid=1&ssv_cuuid=&ssv_package=null&ssv_prodlist=null&ssv_pagename=&pe=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&pf=&ra=06770335328994781 HTTP/1.1
Host: 20766699p.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:15 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: ruds=H4sIAAAAAAAA_-MSNjU0Mja0NDMxMjaxMDYxNDM1MRDiM9SNdHcqiff0NEvyMkgCAM7MAuslAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0Mja0NDMxMjaxMDYxNDM1MRDiM9SNdHcqiff0NEvyMkgCAM7MAuslAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 1 Nov 2023 20:14:15 GMT; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 118
Server: Jetty(9.3.29.v20201019)
dpm.demdex.net/ibs:dpid=411&dpuuid=Y0CIlwAAALRq6AOV
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y0CIlwAAALRq6AOV
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y0CIlwAAALRq6AOV HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acadplusvk.in/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v044-08a9bb06a.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y0CIlwAAALRq6AOV
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=89113545353415417680974536912896346420; Max-Age=15552000; Expires=Wed, 05 Apr 2023 20:14:15 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Rijx95tcTRk=
Content-Length: 0
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5eee2baed68ec922370bd283860860fd
7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4
7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.citi.com/cbol-pre-login-static-assets/assets/favicon.ico
200 OK 8.1 kB URL HTTP/1.1 www.citi.com/cbol-pre-login-static-assets/assets/favicon.ico
IP
File type PNG image data, 367 x 367, 8-bit/color RGBA, non-interlaced\012- data
Hash 7408f1858b7d67263a001f84022b33a4
89161c6255a5559cc1282c5a9c7d4d84623bd12f
0cffb7ed99266581c5b90b6b2d8c758232f6746f9784ead6ae85725806691eb6
GET /cbol-pre-login-static-assets/assets/favicon.ico HTTP/1.1
Host: www.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/x-icon
Accept-Ranges: bytes
Access-Control-Max-Age: 2147483647
Content-Encoding: gzip
Dclocation: GT1DMS
ETag: W/"222b-1832c19c958"
Last-Modified: Sun, 11 Sep 2022 10:30:31 GMT
Nonce: 5832969664633891
Referrer-Policy: no-referrer
Scope: VISITOR
Sid: 45ec3dcf-f728-4c78-9d83-e2a95904a15d
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Uuid: c7341cab-3099-4279-bbd9-6dfa6fca7504
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Vcap-Request-Id: 796e9db3-5c1e-4b72-4e3e-b0a772dd8e02
X-Xss-Protection: 1 ; mode=block
X-Akamai-CITISITE: GTDC
Content-Length: 8116
Cache-Control: public, no-transform, max-age=21600
Expires: Sat, 08 Oct 2022 02:14:15 GMT
Date: Fri, 07 Oct 2022 20:14:15 GMT
Connection: keep-alive
Set-Cookie: AKMTLTSID=CF990EC561C836EE53751844714FA005; path=/; domain=citi.com; secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
c.bing.com/c.gif?CtsSyncId=5886E39989AF4FFC94E7BD113C66060C&RedC=c.clarity.ms&MXFR=36C1683FC53369C518887A09C1336750
302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=5886E39989AF4FFC94E7BD113C66060C&RedC=c.clarity.ms&MXFR=36C1683FC53369C518887A09C1336750
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=5886E39989AF4FFC94E7BD113C66060C&RedC=c.clarity.ms&MXFR=36C1683FC53369C518887A09C1336750 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acadplusvk.in/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=5886E39989AF4FFC94E7BD113C66060C&MUID=2A18D36E8BA06A5C2930C1588AF76B1C
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=2A18D36E8BA06A5C2930C1588AF76B1C; domain=c.bing.com; expires=Wed, 01-Nov-2023 20:14:15 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7853495A32084A8E87CF976EB6F04D43 Ref B: OSL30EDGE0314 Ref C: 2022-10-07T20:14:15Z
date: Fri, 07 Oct 2022 20:14:15 GMT
content-length: 0
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y0CIlwAAALRq6AOV
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y0CIlwAAALRq6AOV
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y0CIlwAAALRq6AOV HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acadplusvk.in/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v044-06f4f0b6e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: d4hmA7CJR0Y=
Content-Length: 59
Connection: keep-alive
ocsp.sectigo.com/
200 OK 471 B IP
Hash 12935dcd89c3ab7d9c78083be1767d01
42b657e22ebb717fd456ade4fb281f82dc6aae05
0c0a0968e628d03d05cad813929b75b6ddf4a51f98336ca60720c058b965e9c5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 23:15:45 GMT
Expires: Thu, 13 Oct 2022 23:15:44 GMT
Etag: "42b657e22ebb717fd456ade4fb281f82dc6aae05"
Cache-Control: max-age=528688,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75694d5468770b45-OSL
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
200 OK 221 B URL HTTP/2 1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 221
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 07 Oct 2022 10:05:30 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uBM1wfDdFPT54gLPCHJwA-vdIJnzmJvMbZO8DX-lVp-WJkD86Prbgg==
age: 36526
X-Firefox-Spdy: h2
nexus.ensighten.com/citi/na_prod/code/50e387a65c7b171989d0eec776cc168f.js?conditionId0=421908
200 OK 32 kB URL HTTP/2 nexus.ensighten.com/citi/na_prod/code/50e387a65c7b171989d0eec776cc168f.js?conditionId0=421908
IP
File type ASCII text, with very long lines (557)
Hash 1ecb617255bb127f241673a4f97ed471
2869bf2a9088b468d27cf7005a155804930c8d41
104cc824d3d6e8613af60966cad93586e7c78508e8e766cf4d4b6c4969860ed8
GET /citi/na_prod/code/50e387a65c7b171989d0eec776cc168f.js?conditionId0=421908 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 07 Oct 2022 17:08:31 GMT
x-amz-replication-status: PENDING
last-modified: Fri, 07 Oct 2022 17:08:18 GMT
etag: W/"864252f00f6077facba2ffdca7069e58"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: U6QBn4XOxjM.RiW.AaE5YkaRGWVR.wjC
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1a7FlSBFznfhjkK021_kdfSf0IAUrp2zzsYGlNPC-guR3WDI3yJz3Q==
age: 11145
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=5886E39989AF4FFC94E7BD113C66060C&MUID=2A18D36E8BA06A5C2930C1588AF76B1C
200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=5886E39989AF4FFC94E7BD113C66060C&MUID=2A18D36E8BA06A5C2930C1588AF76B1C
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=5886E39989AF4FFC94E7BD113C66060C&MUID=2A18D36E8BA06A5C2930C1588AF76B1C HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acadplusvk.in/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Fri, 07-Oct-2022 20:24:15 GMT; path=/; SameSite=None; Secure;
date: Fri, 07 Oct 2022 20:14:15 GMT
content-length: 42
X-Firefox-Spdy: h2
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
200 OK 3.2 kB URL HTTP/2 1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 07 Oct 2022 12:14:43 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FqE0w7hrhsJlyFQvjnjFgdssOsOYpbLVDx4vT5JEU_RKqriatHlEXQ==
age: 28773
X-Firefox-Spdy: h2
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
200 OK 221 B URL HTTP/2 1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.c81358859121583b7adf2ace89cb39f44.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 221
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 07 Oct 2022 11:05:08 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: piT99JSUEOsREzU9kHPxv5AAFRYnM_I2G7lENQmgc2csoDtyye9ctg==
age: 32948
X-Firefox-Spdy: h2
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
200 OK 3.2 kB URL HTTP/2 1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.c81358859121583b7adf2ace89cb39f44.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
date: Fri, 07 Oct 2022 08:21:50 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UFUPHhd83xrqAsTBtTGuEYB0jMCi7G8oER4ewjBc8ukf3b1Osvyb7g==
age: 42747
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash da760bd41ef8ff9370254bfa22f58538
d2913d670acf488ba2460758095e8238c1d47966
92af768a29358479e72788fbbb20cfd27aad26588b07a3218968710da11a2d37
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 13:42:54 GMT
Expires: Wed, 12 Oct 2022 13:42:53 GMT
Etag: "d2913d670acf488ba2460758095e8238c1d47966"
Cache-Control: max-age=407916,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75694d56f8c01c0e-OSL
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1642556755234.js
200 OK 89 kB URL HTTP/2 resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1642556755234.js
IP
File type Unicode text, UTF-8 text, with very long lines (53734)
Hash 0910c09f371905190d92a517f6664582
82015ba51fdafebdc71f17b7c2650025bfba0770
25707832992c14c98b3e72d17579ba9a4e082de9f544750d8576a84d3e3b4bbb
GET /wdcusciti/50/onsite/generic1642556755234.js HTTP/1.1
Host: resources.digital-cloud-citi.medallia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BCwZ+cDcanB29+BIrIjunK0dcPElBR1vbfl7mt31+KPJClzhOrG0x4PRt1pSmRTPehz6jLE8X8E=
x-amz-request-id: R1SSFTZN4WDYR195
last-modified: Wed, 19 Jan 2022 01:45:56 GMT
etag: "23e4d609fe08b7a8c3e4f1da77c7f96c"
x-amz-version-id: rSjn3UrYpUyqzJwJI83SrWd_Yi2yQGv5
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Fri, 07 Oct 2022 20:14:16 GMT
via: 1.1 varnish
age: 252177
x-served-by: cache-bma1655-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1665173656.185133,VS0,VE2
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 89391
X-Firefox-Spdy: h2
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/embed.js
200 OK 531 B URL HTTP/2 resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/embed.js
IP
File type ASCII text, with very long lines (592)
Hash 163d0bd34ff8cd5d5d8c376ff4fa5448
49290a53b47fe11dd527ed41db0876da97afc365
6b05ff7c0159529870ef88073983b50eee80d938ffbd55d5c9aebb0dab4d772a
GET /wdcusciti/50/onsite/embed.js HTTP/1.1
Host: resources.digital-cloud-citi.medallia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 2aA23+/FTZdxpQ34HQzWIl1OrSThhnkFgxh90mliTGHGDA6XkLcPWhHmpm8fftHZAJpmWTN+954=
x-amz-request-id: SVVR1VEX72BWA9EC
last-modified: Mon, 29 Aug 2022 07:49:45 GMT
etag: "c1db4c234cf539e2bfab42c09c1ca05d"
x-amz-version-id: eKMfkf17jnOEK1NZY3.0vSO_D.gj7xc9
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
content-encoding: gzip
accept-ranges: bytes
date: Fri, 07 Oct 2022 20:14:16 GMT
via: 1.1 varnish
age: 258322
x-served-by: cache-bma1655-BMA
x-cache: HIT
x-cache-hits: 6
x-timer: S1665173656.187577,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 531
X-Firefox-Spdy: h2
cdn.pbbl.co/r/1560.js
403 Forbidden 986 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 47b0d94528a1bdb01804cd66b48e50f0
2ffcfb3cd611c1407f2caf613bd6c0fac6c4f900
bc90cbacca8c40c1c13917c881b096756a81240a045b20bd4891f0d09c2e8398
GET /r/1560.js HTTP/1.1
Host: cdn.pbbl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: CloudFront
date: Fri, 07 Oct 2022 20:14:16 GMT
content-type: text/html
content-length: 986
x-cache: Error from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X_-JSyYTofz05eVuJW7A6qMxyIR026Ip5naA1f0DR0FHLiEnA1gQFQ==
vary: Origin
X-Firefox-Spdy: h2
sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
451 Unavailable For Legal Reasons 0 B URL HTTP/2 sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709 HTTP/1.1
Host: sr.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 451 Unavailable For Legal Reasons
date: Fri, 07 Oct 2022 20:14:16 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 933aabad69ddcf07300ed74eea530752
934ee8c356480a34e0ac375a65aac14fc1d51d34
836bfb7c4f428ff7eb49ac130e91bd27a8f66c53da1ce2adcc39615888d3b25a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1777
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:16 GMT
Last-Modified: Fri, 07 Oct 2022 19:44:39 GMT
Server: ECS (amb/6BC2)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 933aabad69ddcf07300ed74eea530752
934ee8c356480a34e0ac375a65aac14fc1d51d34
836bfb7c4f428ff7eb49ac130e91bd27a8f66c53da1ce2adcc39615888d3b25a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4189
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:16 GMT
Last-Modified: Fri, 07 Oct 2022 19:04:28 GMT
Server: ECS (amb/6B85)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 933aabad69ddcf07300ed74eea530752
934ee8c356480a34e0ac375a65aac14fc1d51d34
836bfb7c4f428ff7eb49ac130e91bd27a8f66c53da1ce2adcc39615888d3b25a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2879
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:16 GMT
Last-Modified: Fri, 07 Oct 2022 19:26:17 GMT
Server: ECS (amb/6B81)
X-Cache: HIT
Content-Length: 471
www.google.com/pagead/1p-user-list/644574043/?random=1645199688142&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3716761758&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
200 OK 81 B URL HTTP/2 www.google.com/pagead/1p-user-list/644574043/?random=1645199688142&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3716761758&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /pagead/1p-user-list/644574043/?random=1645199688142&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3716761758&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ck=0&m=2
200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ck=0&m=2
IP
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ck=0&m=2 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ck=0&m=1
200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ck=0&m=1
IP
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ck=0&m=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ck=0&m=1
200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ck=0&m=1
IP
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ck=0&m=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
content22.online.citi.com/fp/check.js;CIS3SID=69915BADAB241B2E060746F35B8AB099?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jb=37312e2668716f773f4c616c77782468736f3d4c69667778266a7362753f46697067646f7a246273623f46697265666d782730303936
200 OK 80 kB URL HTTP/1.1 content22.online.citi.com/fp/check.js;CIS3SID=69915BADAB241B2E060746F35B8AB099?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jb=37312e2668716f773f4c616c77782468736f3d4c69667778266a7362753f46697067646f7a246273623f46697265666d782730303936
IP
File type ASCII text, with very long lines (7261)
Hash 9387e952ede91764d134b3f96e2769c0
def5aa2293204cca89e88c4b3d726941e87867e7
aa2ac6e3e26394d27a0a4ce6fa3138b7a51729b6182155702ecac4e06bf63bab
GET /fp/check.js;CIS3SID=69915BADAB241B2E060746F35B8AB099?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jb=37312e2668716f773f4c616c77782468736f3d4c69667778266a7362753f46697067646f7a246273623f46697265666d782730303936 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 31f079b47db06ff4
Set-Cookie: thx_guid=2928c5ca9e289d05841f979bbdee4730; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure;
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ck=0&m=1
200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ck=0&m=1
IP
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ck=0&m=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: image/png
content22.online.citi.com/fp/check.js;CIS3SID=46224D2C1EE73E9471744854588FFD2B?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jb=3d3326246a7167753f4c6b6c7578266a736d3f4c696e757824687360773f4469726d666f78266a73603d466b7a65666d7a2530323934
200 OK 79 kB URL HTTP/1.1 content22.online.citi.com/fp/check.js;CIS3SID=46224D2C1EE73E9471744854588FFD2B?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jb=3d3326246a7167753f4c6b6c7578266a736d3f4c696e757824687360773f4469726d666f78266a73603d466b7a65666d7a2530323934
IP
File type ASCII text, with very long lines (15506)
Hash 115a551dfbcf7bd339858230ec694727
edee5d2eab3cb464493ee1f131c430b07b617b70
0919b8637d338d0f944221608cd087d4577d60bd674ef17493e4ca354de2a4b0
GET /fp/check.js;CIS3SID=46224D2C1EE73E9471744854588FFD2B?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jb=3d3326246a7167753f4c6b6c7578266a736d3f4c696e757824687360773f4469726d666f78266a73603d466b7a65666d7a2530323934 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 5527618d41f91b6a
Set-Cookie: thx_guid=d96e9479b924024b3de51d92b766aafa; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure;
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
content22.online.citi.com/fp/check.js;CIS3SID=69B4B09FD8A728BF2EE7FCB11A1B9673?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jb=3731242668736f753d4c6b6e7d7a266a73673f4c69667770246a73627d3d46697067646d78246273623d46697265646f782530303b34
200 OK 79 kB URL HTTP/1.1 content22.online.citi.com/fp/check.js;CIS3SID=69B4B09FD8A728BF2EE7FCB11A1B9673?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jb=3731242668736f753d4c6b6e7d7a266a73673f4c69667770246a73627d3d46697067646d78246273623d46697265646f782530303b34
IP
File type ASCII text, with very long lines (2243)
Hash 3606980bf9da7b1addf1f02853f9ac24
32bbf01b8e8192395b7cd9f9ba89af47791e88e8
2a5dd4910f527d8d48c47ae13c11aaa779a77bf3b854263a16837e93fc34840b
GET /fp/check.js;CIS3SID=69B4B09FD8A728BF2EE7FCB11A1B9673?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jb=3731242668736f753d4c6b6e7d7a266a73673f4c69667770246a73627d3d46697067646d78246273623d46697265646f782530303b34 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 6b89f78c1aa12a6c
Set-Cookie: thx_guid=27f5bf9af357b3e2d5b0c092785fd781; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure;
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 03ea6d00987a7103101ce9cfe249e8bd
fb4341ca68ae858b8ba2900e3440ac08285a9ac9
de7708ce0488e96aaf2f1121edc18de8dbaab64ce7ecb2867bf3183d1ce181d7
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 07 Oct 2022 20:14:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 06 Oct 2022 23:19:07 GMT
Expires: Fri, 07 Oct 2022 23:19:07 GMT
ETag: "fb4341ca68ae858b8ba2900e3440ac08285a9ac9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
200 OK 471 B IP
Hash 933aabad69ddcf07300ed74eea530752
934ee8c356480a34e0ac375a65aac14fc1d51d34
836bfb7c4f428ff7eb49ac130e91bd27a8f66c53da1ce2adcc39615888d3b25a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:16 GMT
Server: ECS (amb/6BAC)
Content-Length: 471
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ck=0&m=2
200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ck=0&m=2
IP
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ck=0&m=2 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
200 OK 5.2 kB URL HTTP/2 nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
IP
File type C source, ASCII text, with very long lines (585)
Hash a8a8316559534b9784a92826ab49b9f2
3836a3dbc421106117da4a97871aed09eedbdf0c
b11175156d2ff85a9f749c78ab961597cc0034db4df0295f2e57335e94f61b1e
GET /resources/onsite/js/cool-2.1.15.min.js HTTP/1.1
Host: nebula-cdn.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5DsDii/Q4DH7ELXaSSQk8LthmRPPyf53c8AfqU+DuRMLCwyO0c2GhS45Jvn2u1AAXM+COlEdWaw=
x-amz-request-id: N94HBZ7MFH62Q62Y
last-modified: Sun, 24 Jan 2021 11:03:10 GMT
etag: "80dd5e3be5152c5c72d552c6a26ef6ff"
x-amz-version-id: 9HCXbKZTbCJZkS8s9IuB.pE0JEvI0TGW
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Fri, 07 Oct 2022 20:14:16 GMT
via: 1.1 varnish
age: 1000143
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1665173657.674611,VS0,VE3
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 5197
X-Firefox-Spdy: h2
contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
200 OK 558 B URL HTTP/2 contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (558), with no line terminators
Hash 69075aa95b9d926f18131d4e51b6f6d2
53563b5f6d02c928e95b27128a5faea69ae424fe
c0cd7c9a7346402353bc20785eaac08cf7cdbebf343e78f647acbad2ef2a1ef6
POST /client/v3.1/web/wup?cid=cedric HTTP/1.1
Host: contents2.00110.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 3906
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 558
date: Fri, 07 Oct 2022 20:14:15 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: 7dc33852-c4f1-482a-b541-1744925bce88
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jb=3b34266e73633563603460366237666133323434386262383a67656363673762326c3033356663
204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jb=3b34266e73633563603460366237666133323434386262383a67656363673762326c3033356663
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jb=3b34266e73633563603460366237666133323434386262383a67656363673762326c3033356663 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/ls_fp.html;CIS3SID=39DDB22A2A941BD8E1E401BF4108121F?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
200 OK 13 kB URL HTTP/1.1 content22.online.citi.com/fp/ls_fp.html;CIS3SID=39DDB22A2A941BD8E1E401BF4108121F?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash f3f4c1d15c4d460d4be7f809b2066ee7
ce66704b7ad1c5e6e94387dceefc0bc427f07fb2
f7763bed75b4347df419126ab9fec87677a6bdb5a476b96b65dd34508c8a19b2
GET /fp/ls_fp.html;CIS3SID=39DDB22A2A941BD8E1E401BF4108121F?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked
content22.online.citi.com/fp/clear.png
200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png
IP
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*, 89oebq5k/5527618d41f91b6a9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 07 Oct 2022 20:14:17 GMT
Expires: Wed, 06 Oct 2027 20:14:17 GMT
Etag: 834ccd08d2874ffda135a3cd36744bf8
Cache-Control: private, must-revalidate, max-age=0
Access-Control-Allow-Origin: https://acadplusvk.in
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jd=3d3726246a64663d35266864683d386431603637613865363234653733606437653f326161316637603838316d65266864746c3f303834363835
204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jd=3d3726246a64663d35266864683d386431603637613865363234653733606437653f326161316637603838316d65266864746c3f303834363835
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jd=3d3726246a64663d35266864683d386431603637613865363234653733606437653f326161316637603838316d65266864746c3f303834363835 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/top_fp.html;CIS3SID=39DDB22A2A941BD8E1E401BF4108121F?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
200 OK 13 kB URL HTTP/1.1 content22.online.citi.com/fp/top_fp.html;CIS3SID=39DDB22A2A941BD8E1E401BF4108121F?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash abf77fe88c40495507144d89f84ac626
195b3df7df3854c618fc1b971a35b88fd2399523
89df43d62702f2841240741bc8a592adf17aa8a488f97bbf9de859896c8ee645
GET /fp/top_fp.html;CIS3SID=39DDB22A2A941BD8E1E401BF4108121F?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ja=3e32352426613530247a3f3226663d31323a3278313032342463663f33303a3078393030322673787b3d307a38266472703d332e31303a322e333832342e313030322c3330323a2c33323a322c3933392c333038302c313030362c322e322473636c3d3234266c683f68747678732531432530442530446361636c706c777374632c696c25304e636b747b2c636f6d253244676d61696c616666726771712c7068782664723d26686a3d36306c316464643234663837613261606e61366163613867353663613d3936322468736f3d4c696c7778266a73623f44697067646d78253a303936266a736d753d4e616e757a246a7160753f446b70676e6f78246e6a6b3f3134267672643f555641266d617468703f32383936623a3a633235676061346c66613862613863363933316436616161303231613734673330326132613b6c3b346361363c306633363636623566343b3226703d706c7765696c5d646e61736025354566616c716521726475676b6c5f756b6e666d75715d6565646b615d786e617b65702d354766636e736521706c7765696e5f61646d60655d6361706f62697425354566616e736523786c75656b6e5d73756b6169766b656525374564696e73672172647565696c5d73686f636b7563766525354564636c716723726c756f696e5f7265616e706c6371657227374564636c716723726e7d67696c5f7464615f726c6371657025374766616c736523726c7567696e5d666574636e7472253d4566616c736523706c776f696e5d7176655d766b677567702d354564616e7b6721726c776f696c5f6863766125354564636c7365266361663d313a3a303237&jb=3137266e713f456f78696e6e61253246352c32253230285833332531402730304c616e75782532307a38365d3e3425314025303272742731433b3e2e302b2530384565616b6d2d3244323233303031303127303046697265646d782730443b362e38
204 204 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ja=3e32352426613530247a3f3226663d31323a3278313032342463663f33303a3078393030322673787b3d307a38266472703d332e31303a322e333832342e313030322c3330323a2c33323a322c3933392c333038302c313030362c322e322473636c3d3234266c683f68747678732531432530442530446361636c706c777374632c696c25304e636b747b2c636f6d253244676d61696c616666726771712c7068782664723d26686a3d36306c316464643234663837613261606e61366163613867353663613d3936322468736f3d4c696c7778266a73623f44697067646d78253a303936266a736d753d4e616e757a246a7160753f446b70676e6f78246e6a6b3f3134267672643f555641266d617468703f32383936623a3a633235676061346c66613862613863363933316436616161303231613734673330326132613b6c3b346361363c306633363636623566343b3226703d706c7765696c5d646e61736025354566616c716521726475676b6c5f756b6e666d75715d6565646b615d786e617b65702d354766636e736521706c7765696e5f61646d60655d6361706f62697425354566616e736523786c75656b6e5d73756b6169766b656525374564696e73672172647565696c5d73686f636b7563766525354564636c716723726c756f696e5f7265616e706c6371657227374564636c716723726e7d67696c5f7464615f726c6371657025374766616c736523726c7567696e5d666574636e7472253d4566616c736523706c776f696e5d7176655d766b677567702d354564616e7b6721726c776f696c5f6863766125354564636c7365266361663d313a3a303237&jb=3137266e713f456f78696e6e61253246352c32253230285833332531402730304c616e75782532307a38365d3e3425314025303272742731433b3e2e302b2530384565616b6d2d3244323233303031303127303046697265646d782730443b362e38
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ja=3e32352426613530247a3f3226663d31323a3278313032342463663f33303a3078393030322673787b3d307a38266472703d332e31303a322e333832342e313030322c3330323a2c33323a322c3933392c333038302c313030362c322e322473636c3d3234266c683f68747678732531432530442530446361636c706c777374632c696c25304e636b747b2c636f6d253244676d61696c616666726771712c7068782664723d26686a3d36306c316464643234663837613261606e61366163613867353663613d3936322468736f3d4c696c7778266a73623f44697067646d78253a303936266a736d753d4e616e757a246a7160753f446b70676e6f78246e6a6b3f3134267672643f555641266d617468703f32383936623a3a633235676061346c66613862613863363933316436616161303231613734673330326132613b6c3b346361363c306633363636623566343b3226703d706c7765696c5d646e61736025354566616c716521726475676b6c5f756b6e666d75715d6565646b615d786e617b65702d354766636e736521706c7765696e5f61646d60655d6361706f62697425354566616e736523786c75656b6e5d73756b6169766b656525374564696e73672172647565696c5d73686f636b7563766525354564636c716723726c756f696e5f7265616e706c6371657227374564636c716723726e7d67696c5f7464615f726c6371657025374766616c736523726c7567696e5d666574636e7472253d4566616c736523706c776f696e5d7176655d766b677567702d354564616e7b6721726c776f696c5f6863766125354564636c7365266361663d313a3a303237&jb=3137266e713f456f78696e6e61253246352c32253230285833332531402730304c616e75782532307a38365d3e3425314025303272742731433b3e2e302b2530384565616b6d2d3244323233303031303127303046697265646d782730443b362e38 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Fri, 07 Oct 2022 20:14:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
content22.online.citi.com/fp/clear.png
304 Not Modified 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*, 89oebq5k/6b89f78c1aa12a6cf13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 07 Oct 2022 20:14:17 GMT
If-None-Match: 834ccd08d2874ffda135a3cd36744bf8
HTTP/1.1 304 Not Modified
Date: Fri, 07 Oct 2022 20:14:17 GMT
Access-Control-Allow-Origin: *
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jb=3136246c71613d63623460346a35666133383434386a60303a656561696535623066323135646b
204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jb=3136246c71613d63623460346a35666133383434386a60303a656561696535623066323135646b
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jb=3136246c71613d63623460346a35666133383434386a60303a656561696535623066323135646b HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/ls_fp.html;CIS3SID=C07EFD2EE16301BEB28ED3A919365D6B?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1
200 OK 14 kB URL HTTP/1.1 content22.online.citi.com/fp/ls_fp.html;CIS3SID=C07EFD2EE16301BEB28ED3A919365D6B?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash 07f2f749f56f913bc45a6be37481d826
46efb478edbbc6cc63cde154431434e9c809e547
cecd9deac07e06e77a05e5f0716fd8ee11a61be8a33f4cf51ceb7460d8c79612
GET /fp/ls_fp.html;CIS3SID=C07EFD2EE16301BEB28ED3A919365D6B?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jd=3735242668666e3d37266866603f3864316a36376130673e32366535396266376735306361336e37623838336565246a66746c3d323833313237
204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jd=3735242668666e3d37266866603f3864316a36376130673e32366535396266376735306361336e37623838336565246a66746c3d323833313237
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jd=3735242668666e3d37266866603f3864316a36376130673e32366535396266376735306361336e37623838336565246a66746c3d323833313237 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/top_fp.html;CIS3SID=C07EFD2EE16301BEB28ED3A919365D6B?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1
200 OK 13 kB URL HTTP/1.1 content22.online.citi.com/fp/top_fp.html;CIS3SID=C07EFD2EE16301BEB28ED3A919365D6B?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash 12019cb4464b4158a0dac77f05d8da59
d8606fe80c19bdcc2fcf97a79ff8a30a7b26801a
802401755cef878581e89a197906adde14df5837c3145f7d98574a7884bb7f22
GET /fp/top_fp.html;CIS3SID=C07EFD2EE16301BEB28ED3A919365D6B?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=96
Transfer-Encoding: chunked
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ja=3430372624633d30267a3f302e643d31323032783138303c2461663d393238307a33323232247b78793d307830266670723d332c33303a3224313032342c33303a302e313230322c31323a30243b33392c3930383024333830342c302430267361663f30342464683d6874747073273341253046273044636b6164706c757174692e6b6e2732466369747b2e6b6d6d25324e676d61616e69666472657b732e706a722466723f2e68683d653832646035333430303a3433676c6239653536323b37353139636437636532246a7b6d3d4c696677782662716a3f4669726d666f782730323b362462736f753d4c696e7778266a7162773f446b7a65666f78266c6a613d333624747a643d5556432e6f6174687a3f323831346a3a3863303f6562613666646338606938613639313964346363613030336137346d3138326130633b6639366163343430643336343e60356634313226703572647767696e57666c61716a27374564696c736521706c7565696e5f75696c666d757b5f6d656469635d726c6379677225354566636c7b6721706c7d65696e57636c6d62655f6963726f6063762735476e616c736521706c7767696e5d71776b61697c696d6525354764636c716523706c7567696c5f7b6a6f636b7f6376652d374d64616c736d21706c77656b6c5f706d616c706c6179657025354564616e716723786c7567696e5d746e635d706e617965722537456e636c736529726c756f6b665d646576696c767227374764616e7b6521706c7567696c5f7376655f746b67756d7225354566636e716523706e7567696e5f68617e632535456e636c736d246b61643d323a37353132&jb=3b35246c733d4d6f7a696e6c692732463526322532382a50333125334a2532304e6b6c7778273a307838365f3634273342253030707427314939362e3029273032476763696f25324632323138323130312d30304661706d646f78253a4639362c32
204 204 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ja=3430372624633d30267a3f302e643d31323032783138303c2461663d393238307a33323232247b78793d307830266670723d332c33303a3224313032342c33303a302e313230322c31323a30243b33392c3930383024333830342c302430267361663f30342464683d6874747073273341253046273044636b6164706c757174692e6b6e2732466369747b2e6b6d6d25324e676d61616e69666472657b732e706a722466723f2e68683d653832646035333430303a3433676c6239653536323b37353139636437636532246a7b6d3d4c696677782662716a3f4669726d666f782730323b362462736f753d4c696e7778266a7162773f446b7a65666f78266c6a613d333624747a643d5556432e6f6174687a3f323831346a3a3863303f6562613666646338606938613639313964346363613030336137346d3138326130633b6639366163343430643336343e60356634313226703572647767696e57666c61716a27374564696c736521706c7565696e5f75696c666d757b5f6d656469635d726c6379677225354566636c7b6721706c7d65696e57636c6d62655f6963726f6063762735476e616c736521706c7767696e5d71776b61697c696d6525354764636c716523706c7567696c5f7b6a6f636b7f6376652d374d64616c736d21706c77656b6c5f706d616c706c6179657025354564616e716723786c7567696e5d746e635d706e617965722537456e636c736529726c756f6b665d646576696c767227374764616e7b6521706c7567696c5f7376655f746b67756d7225354566636e716523706e7567696e5f68617e632535456e636c736d246b61643d323a37353132&jb=3b35246c733d4d6f7a696e6c692732463526322532382a50333125334a2532304e6b6c7778273a307838365f3634273342253030707427314939362e3029273032476763696f25324632323138323130312d30304661706d646f78253a4639362c32
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ja=3430372624633d30267a3f302e643d31323032783138303c2461663d393238307a33323232247b78793d307830266670723d332c33303a3224313032342c33303a302e313230322c31323a30243b33392c3930383024333830342c302430267361663f30342464683d6874747073273341253046273044636b6164706c757174692e6b6e2732466369747b2e6b6d6d25324e676d61616e69666472657b732e706a722466723f2e68683d653832646035333430303a3433676c6239653536323b37353139636437636532246a7b6d3d4c696677782662716a3f4669726d666f782730323b362462736f753d4c696e7778266a7162773f446b7a65666f78266c6a613d333624747a643d5556432e6f6174687a3f323831346a3a3863303f6562613666646338606938613639313964346363613030336137346d3138326130633b6639366163343430643336343e60356634313226703572647767696e57666c61716a27374564696c736521706c7565696e5f75696c666d757b5f6d656469635d726c6379677225354566636c7b6721706c7d65696e57636c6d62655f6963726f6063762735476e616c736521706c7767696e5d71776b61697c696d6525354764636c716523706c7567696c5f7b6a6f636b7f6376652d374d64616c736d21706c77656b6c5f706d616c706c6179657025354564616e716723786c7567696e5d746e635d706e617965722537456e636c736529726c756f6b665d646576696c767227374764616e7b6521706c7567696c5f7376655f746b67756d7225354566636e716523706e7567696e5f68617e632535456e636c736d246b61643d323a37353132&jb=3b35246c733d4d6f7a696e6c692732463526322532382a50333125334a2532304e6b6c7778273a307838365f3634273342253030707427314939362e3029273032476763696f25324632323138323130312d30304661706d646f78253a4639362c32 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Fri, 07 Oct 2022 20:14:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 23be53f0796c8e41706dcd00284560fc
9608740dde2b8801081f68b9aa0afe9ae048e3fb
08efc4c1977aef68123a25c191e9af752bf3ffc9d9c3a1790ae3ec350a239206
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 23be53f0796c8e41706dcd00284560fc
9608740dde2b8801081f68b9aa0afe9ae048e3fb
08efc4c1977aef68123a25c191e9af752bf3ffc9d9c3a1790ae3ec350a239206
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.securetrust.com/
200 OK 638 B IP
ASN #20940 Akamai International B.V.
Hash 0a8ac3d47900b822b2cd58763b0994a2
17504b2a1bc179e55f44ead83c03abfc55d3549d
08442c9fe7c9753d83ab211491da46e231ae25b9cc148ae80583b79e93e3bd6d
POST / HTTP/1.1
Host: ocsp.securetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 638
Date: Fri, 07 Oct 2022 20:14:17 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 23be53f0796c8e41706dcd00284560fc
9608740dde2b8801081f68b9aa0afe9ae048e3fb
08efc4c1977aef68123a25c191e9af752bf3ffc9d9c3a1790ae3ec350a239206
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
content22.online.citi.com/fp/clear.png
304 Not Modified 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*, 89oebq5k/31f079b47db06ff46a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 07 Oct 2022 20:14:17 GMT
If-None-Match: 834ccd08d2874ffda135a3cd36744bf8
HTTP/1.1 304 Not Modified
Date: Fri, 07 Oct 2022 20:14:17 GMT
Access-Control-Allow-Origin: *
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 23be53f0796c8e41706dcd00284560fc
9608740dde2b8801081f68b9aa0afe9ae048e3fb
08efc4c1977aef68123a25c191e9af752bf3ffc9d9c3a1790ae3ec350a239206
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
content22.online.citi.com/fp/ls_fp.html;CIS3SID=0AC2DD197F3981BD870D01E0998EE1C1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
200 OK 14 kB URL HTTP/1.1 content22.online.citi.com/fp/ls_fp.html;CIS3SID=0AC2DD197F3981BD870D01E0998EE1C1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash debfcc5f81a2df6f69097c827c36a1ec
2edd55951ac6abfcec2b0b6fa38d0a91e6da989d
c75550f6aecd224c7555dbd5ad9c765bb16a05efb4db0d0ac27c21b1bd630f2f
GET /fp/ls_fp.html;CIS3SID=0AC2DD197F3981BD870D01E0998EE1C1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=95
Transfer-Encoding: chunked
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jb=31362e6c71633d6160346a366037646333303634386a603838656561616735623066323337646b
204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jb=31362e6c71633d6160346a366037646333303634386a603838656561616735623066323337646b
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jb=31362e6c71633d6160346a366037646333303634386a603838656561616735623066323337646b HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: text/javascript
googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/?random=1665173657319&cv=9&fst=1665173657319&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/?random=1665173657319&cv=9&fst=1665173657319&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2386), with no line terminators
Hash 560f2971c386204aee4d86790f9b71d8
26d202489dddb035c49064efcc609f1ce61fc9fa
312d5a1e38d6a0046161ea75837f60930a9837f2133dbacc7bdbce01fd8ef617
GET /pagead/viewthroughconversion/644574043/?random=1665173657319&cv=9&fst=1665173657319&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1077
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-Oct-2022 20:29:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/?random=1665173657325&cv=9&fst=1665173657325&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/?random=1665173657325&cv=9&fst=1665173657325&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2386), with no line terminators
Hash 4398ca0955647954c8cff9a6d2264408
54b8be94b16f9613da771e3c3e8e11a3910567a5
fb2f83ceeec2c994d812ae4706468bf2a939dbfdbfa758698e88a50811d08cae
GET /pagead/viewthroughconversion/830907969/?random=1665173657325&cv=9&fst=1665173657325&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1078
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-Oct-2022 20:29:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
89oebq5ka4b25zymnoyrkbsdklbqrknifamjhly35527618d41f91b6aam1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&di=yes
200 OK 81 B URL HTTP/1.1 89oebq5ka4b25zymnoyrkbsdklbqrknifamjhly35527618d41f91b6aam1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&di=yes
IP
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&di=yes HTTP/1.1
Host: 89oebq5ka4b25zymnoyrkbsdklbqrknifamjhly35527618d41f91b6aam1.e.aa.online-metrix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81
Content-Type: image/png
googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/?random=1665173657329&cv=9&fst=1665173657329&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/?random=1665173657329&cv=9&fst=1665173657329&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2384), with no line terminators
Hash e65219d014cdcdd786d104a8a80b6e98
95aeb14117e6e6ff7d9bdaead648bb70176723bd
c885ad3913cdf9bf22c745faa2b52f04c035322abfd79b563402b27843b6096e
GET /pagead/viewthroughconversion/960621875/?random=1665173657329&cv=9&fst=1665173657329&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1077
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-Oct-2022 20:29:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jd=37352e2668646e3f352662646a3d3a66316234376130673630366535316066376735306163336e37623a38336565266866766c3d303a31373a37
204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jd=37352e2668646e3f352662646a3d3a66316234376130673630366535316066376735306163336e37623a38336565266866766c3d303a31373a37
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jd=37352e2668646e3f352662646a3d3a66316234376130673630366535316066376735306163336e37623a38336565266866766c3d303a31373a37 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: text/javascript
googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/?random=1665173657341&cv=9&fst=1665173657341&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/?random=1665173657341&cv=9&fst=1665173657341&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2384), with no line terminators
Hash 900fa3e37504fbc6b8e08b0f52a4380d
10d69fa08822360a5f4d2a95bebe7d7d3bd271c1
3c61b4fac7d3e5b100b86ccd2f7fce48e521b8a5f1a08dff1b6d522f91c0df6e
GET /pagead/viewthroughconversion/695231162/?random=1665173657341&cv=9&fst=1665173657341&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1077
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-Oct-2022 20:29:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/?random=1665173657334&cv=9&fst=1665173657334&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/?random=1665173657334&cv=9&fst=1665173657334&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2386), with no line terminators
Hash 1017731863ccf89d2042122311f0faa2
259ecb040d74b99902de74946022ce68aeb83c8e
15e26957c55d9fc6ae2f79a3a45bf0ad72d71832cd1dea788c7bbb93fa7bd085
GET /pagead/viewthroughconversion/975701947/?random=1665173657334&cv=9&fst=1665173657334&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1079
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-Oct-2022 20:29:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/?random=1665173657313&cv=9&fst=1665173657313&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/?random=1665173657313&cv=9&fst=1665173657313&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2386), with no line terminators
Hash 50329277dca45cff9f137b7d07897019
9e021e50078cadf5954ec717dcd58d33964735f0
885a608dca5f3129ab1da6fd9d368a6251a468830f32dace3f193bd9dcd53b80
GET /pagead/viewthroughconversion/916451471/?random=1665173657313&cv=9&fst=1665173657313&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1078
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-Oct-2022 20:29:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ja=34303d2624613d32247a353224663f3332383078313830342661663d313038307a33323030247b78793f307830266472723f332c313238322c313030362c33303a3024313232322e333230322e39313b2c3132383024333032342c302c32267361663f32362464683d6a7474707325314127304625324663636164726e757174692e616e273046616b74712c616f6f273246656d61616e616464726573712e706a722464703f2e68683f66636230383231333b32636130663864636766323263323630303b66346761342e68716f3f4e696e7578266271623d46697265646f7827303239342462736f773d4c696e757a26687162753d466b7265666d7a266c6a613d393624767a663f555c41246d637668723d32383134623838633037676261366664613a60693861343931396436616363303031633534653138306330633b66393c616336343266333c3634623764343930267035726c7567696e5f646c61716a27354764696c736721706c75676b6e5d75696e646f75735f6d676669635d726c6979677025374766696e716523726c7567696e5763646f62655f6161726f6063762537476e616c716521706c7565696c5d717569636974696d6727354764636c7b6523726c776569665d71686d616b776176652d374566616c736523706c77656b6e5d706d616c726c6179657227354764616c736523706c75656b6e5d746e6357706e63796770253d4764616e716521706c756f6b6e5f646576616e767227374766636e7b6521726c7567696e5d7374655f76696575657225374766636e716529706e77676b6c5f6263746127374566616c736d246363643d333036353031&jb=3b352e6c733f4d6d7869646e63253044352e302532382a5831312533422732304e6b6c757a273a30783a365f3634253142273030727625314139362c3229273032476d63696d253044323833323033323125323046617065666f7825324439362c32
204 204 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ja=34303d2624613d32247a353224663f3332383078313830342661663d313038307a33323030247b78793f307830266472723f332c313238322c313030362c33303a3024313232322e333230322e39313b2c3132383024333032342c302c32267361663f32362464683d6a7474707325314127304625324663636164726e757174692e616e273046616b74712c616f6f273246656d61616e616464726573712e706a722464703f2e68683f66636230383231333b32636130663864636766323263323630303b66346761342e68716f3f4e696e7578266271623d46697265646f7827303239342462736f773d4c696e757a26687162753d466b7265666d7a266c6a613d393624767a663f555c41246d637668723d32383134623838633037676261366664613a60693861343931396436616363303031633534653138306330633b66393c616336343266333c3634623764343930267035726c7567696e5f646c61716a27354764696c736721706c75676b6e5d75696e646f75735f6d676669635d726c6979677025374766696e716523726c7567696e5763646f62655f6161726f6063762537476e616c716521706c7565696c5d717569636974696d6727354764636c7b6523726c776569665d71686d616b776176652d374566616c736523706c77656b6e5d706d616c726c6179657227354764616c736523706c75656b6e5d746e6357706e63796770253d4764616e716521706c756f6b6e5f646576616e767227374766636e7b6521726c7567696e5d7374655f76696575657225374766636e716529706e77676b6c5f6263746127374566616c736d246363643d333036353031&jb=3b352e6c733f4d6d7869646e63253044352e302532382a5831312533422732304e6b6c757a273a30783a365f3634253142273030727625314139362c3229273032476d63696d253044323833323033323125323046617065666f7825324439362c32
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ja=34303d2624613d32247a353224663f3332383078313830342661663d313038307a33323030247b78793f307830266472723f332c313238322c313030362c33303a3024313232322e333230322e39313b2c3132383024333032342c302c32267361663f32362464683d6a7474707325314127304625324663636164726e757174692e616e273046616b74712c616f6f273246656d61616e616464726573712e706a722464703f2e68683f66636230383231333b32636130663864636766323263323630303b66346761342e68716f3f4e696e7578266271623d46697265646f7827303239342462736f773d4c696e757a26687162753d466b7265666d7a266c6a613d393624767a663f555c41246d637668723d32383134623838633037676261366664613a60693861343931396436616363303031633534653138306330633b66393c616336343266333c3634623764343930267035726c7567696e5f646c61716a27354764696c736721706c75676b6e5d75696e646f75735f6d676669635d726c6979677025374766696e716523726c7567696e5763646f62655f6161726f6063762537476e616c716521706c7565696c5d717569636974696d6727354764636c7b6523726c776569665d71686d616b776176652d374566616c736523706c77656b6e5d706d616c726c6179657227354764616c736523706c75656b6e5d746e6357706e63796770253d4764616e716521706c756f6b6e5f646576616e767227374766636e7b6521726c7567696e5d7374655f76696575657225374766636e716529706e77676b6c5f6263746127374566616c736d246363643d333036353031&jb=3b352e6c733f4d6d7869646e63253044352e302532382a5831312533422732304e6b6c757a273a30783a365f3634253142273030727625314139362c3229273032476d63696d253044323833323033323125323046617065666f7825324439362c32 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Fri, 07 Oct 2022 20:14:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=94
Connection: Keep-Alive
content22.online.citi.com/fp/top_fp.html;CIS3SID=0AC2DD197F3981BD870D01E0998EE1C1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
200 OK 14 kB URL HTTP/1.1 content22.online.citi.com/fp/top_fp.html;CIS3SID=0AC2DD197F3981BD870D01E0998EE1C1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash 011752c9e7da2f95357aeb670d2e1696
e5746b4fb39d5aa7aefed740aca9b21695c068cc
6e7fa4cbbbd91894312eaf5a4a73cfcbb0611c773aa70b47a5788a3f7a1f3bf4
GET /fp/top_fp.html;CIS3SID=0AC2DD197F3981BD870D01E0998EE1C1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 23be53f0796c8e41706dcd00284560fc
9608740dde2b8801081f68b9aa0afe9ae048e3fb
08efc4c1977aef68123a25c191e9af752bf3ffc9d9c3a1790ae3ec350a239206
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
89oebq5ke4nv7d4lu5o7uz5ykg5teccehmspyww56b89f78c1aa12a6cam1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&di=yes
200 OK 81 B URL HTTP/1.1 89oebq5ke4nv7d4lu5o7uz5ykg5teccehmspyww56b89f78c1aa12a6cam1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&di=yes
IP
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&di=yes HTTP/1.1
Host: 89oebq5ke4nv7d4lu5o7uz5ykg5teccehmspyww56b89f78c1aa12a6cam1.e.aa.online-metrix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81
Content-Type: image/png
89oebq5kczg3ghvfhl4btlj7hqcgbmpe5jomxzqk31f079b47db06ff4am1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&di=yes
200 OK 81 B URL HTTP/1.1 89oebq5kczg3ghvfhl4btlj7hqcgbmpe5jomxzqk31f079b47db06ff4am1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&di=yes
IP
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&di=yes HTTP/1.1
Host: 89oebq5kczg3ghvfhl4btlj7hqcgbmpe5jomxzqk31f079b47db06ff4am1.e.aa.online-metrix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81
Content-Type: image/png
ocsps.ssl.com/
200 OK 1.8 kB IP
Hash 01bc0ed6986e8fc5f3cdd1508a9ac55c
ca3c2d715f0d93b0edcf65313b91f0ec9c577005
a363d120ab5d7e9f85e6fbb753b0c790c2c274db434ceb7812b77b97985c6676
POST / HTTP/1.1
Host: ocsps.ssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 20:14:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1810
Connection: keep-alive
Expires: Fri, 14 Oct 2022 14:15:37 GMT
Cache-Control: max-age=86400,public,no-transform,must-revalidate
ETag: "ca3c2d715f0d93b0edcf65313b91f0ec9c577005"
Last-Modified: Fri, 07 Oct 2022 14:15:38 GMT
X-Proxy-Cache: HIT
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMS4xNSIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY1MTczNjU3MzQ3IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODNiNDE1OTcwMTRkMy0wZDJlMGY1MDcxZGM5Zi0zMDZkNDY0YS0xNDAwMDAtMTgzYjQxNTk3MDI0MjEiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtY2l0aSIsImFjY291bnRJZCI6IDQ5LCJ1cmwiOiAiaHR0cHM6Ly9hY2FkcGx1c3ZrLmluL2NpdHkuY29tL2VtYWlsYWRkcmVzcy5waHAiLCJ3ZWJzaXRlSWQiOiA1MCwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiYTlmNi0wMDY5LTgxMTItNjAyMi0wMDIwLWM1NDItNmI2NC02ZTIwIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NjUxNzM2NTY1NjUiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogMTAyNywia2FtcHlsZV92ZXJzaW9uIjogIjIuNDIuMSIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDIuMSIsImhpc3RvcnlfbGVuZ3RoIjogMSwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY2NTE3MzY1NjU2NiwicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsImZlZWRiYWNrX2NvcnJlbGF0aW9uX3V1aWQiOiBudWxsfQpdfQ==
200 OK 0 B URL HTTP/2 udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMS4xNSIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY1MTczNjU3MzQ3IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODNiNDE1OTcwMTRkMy0wZDJlMGY1MDcxZGM5Zi0zMDZkNDY0YS0xNDAwMDAtMTgzYjQxNTk3MDI0MjEiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtY2l0aSIsImFjY291bnRJZCI6IDQ5LCJ1cmwiOiAiaHR0cHM6Ly9hY2FkcGx1c3ZrLmluL2NpdHkuY29tL2VtYWlsYWRkcmVzcy5waHAiLCJ3ZWJzaXRlSWQiOiA1MCwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiYTlmNi0wMDY5LTgxMTItNjAyMi0wMDIwLWM1NDItNmI2NC02ZTIwIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NjUxNzM2NTY1NjUiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogMTAyNywia2FtcHlsZV92ZXJzaW9uIjogIjIuNDIuMSIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDIuMSIsImhpc3RvcnlfbGVuZ3RoIjogMSwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY2NTE3MzY1NjU2NiwicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsImZlZWRiYWNrX2NvcnJlbGF0aW9uX3V1aWQiOiBudWxsfQpdfQ==
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMS4xNSIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY1MTczNjU3MzQ3IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODNiNDE1OTcwMTRkMy0wZDJlMGY1MDcxZGM5Zi0zMDZkNDY0YS0xNDAwMDAtMTgzYjQxNTk3MDI0MjEiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtY2l0aSIsImFjY291bnRJZCI6IDQ5LCJ1cmwiOiAiaHR0cHM6Ly9hY2FkcGx1c3ZrLmluL2NpdHkuY29tL2VtYWlsYWRkcmVzcy5waHAiLCJ3ZWJzaXRlSWQiOiA1MCwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiYTlmNi0wMDY5LTgxMTItNjAyMi0wMDIwLWM1NDItNmI2NC02ZTIwIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NjUxNzM2NTY1NjUiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogMTAyNywia2FtcHlsZV92ZXJzaW9uIjogIjIuNDIuMSIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDIuMSIsImhpc3RvcnlfbGVuZ3RoIjogMSwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY2NTE3MzY1NjU2NiwicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsImZlZWRiYWNrX2NvcnJlbGF0aW9uX3V1aWQiOiBudWxsfQpdfQ== HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 20:14:17 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
x-me: prod-instance-gatewayservice-blue-b9x0
x-application-context: application:9090
content-type: image/gif; charset=UTF-8
content-length: 0
server: Jetty(9.2.11.v20150529)
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
200 OK 538 B URL HTTP/2 contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (538), with no line terminators
Hash f2363690519596180b1e70313bd3406e
99cc6cabb344d87ed7564de9f374e4a81a331e0d
8985f2cdace6173e909b426a906eff70a50a97d833f1d97a61cd209e4fcbf8de
POST /client/v3.1/web/wup?cid=cedric HTTP/1.1
Host: contents2.00110.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2422
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 538
date: Fri, 07 Oct 2022 20:14:16 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: 9e0284a7-d51b-45e3-a25d-dcf256059f3d
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da5f54e2d234b159e435039798b4f58c
115cbe08795735df780e8d1a5fb31141187c074e
20fefe2ac7fcd44ae4d6714ff2148b54810a8e7b7f66103e4bbe9c0156b7b2fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da5f54e2d234b159e435039798b4f58c
115cbe08795735df780e8d1a5fb31141187c074e
20fefe2ac7fcd44ae4d6714ff2148b54810a8e7b7f66103e4bbe9c0156b7b2fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da5f54e2d234b159e435039798b4f58c
115cbe08795735df780e8d1a5fb31141187c074e
20fefe2ac7fcd44ae4d6714ff2148b54810a8e7b7f66103e4bbe9c0156b7b2fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da5f54e2d234b159e435039798b4f58c
115cbe08795735df780e8d1a5fb31141187c074e
20fefe2ac7fcd44ae4d6714ff2148b54810a8e7b7f66103e4bbe9c0156b7b2fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da5f54e2d234b159e435039798b4f58c
115cbe08795735df780e8d1a5fb31141187c074e
20fefe2ac7fcd44ae4d6714ff2148b54810a8e7b7f66103e4bbe9c0156b7b2fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jf=3b34266e73603536646167643264623661613734346462383334616135326636653a6533653264
204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jf=3b34266e73603536646167643264623661613734346462383334616135326636653a6533653264
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jf=3b34266e73603536646167643264623661613734346462383334616135326636653a6533653264 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=39DDB22A2A941BD8E1E401BF4108121F?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=93
Connection: Keep-Alive
Content-Type: text/javascript
www.google.no/pagead/1p-user-list/916451471/?random=1665173657313&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=3710877853&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/916451471/?random=1665173657313&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=3710877853&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/916451471/?random=1665173657313&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=3710877853&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/695231162/?random=1665173657341&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=471010816&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/695231162/?random=1665173657341&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=471010816&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/695231162/?random=1665173657341&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=471010816&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/830907969/?random=1665173657325&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=4085239570&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/830907969/?random=1665173657325&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=4085239570&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/830907969/?random=1665173657325&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=4085239570&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/960621875/?random=1665173657329&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=584634418&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/960621875/?random=1665173657329&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=584634418&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/960621875/?random=1665173657329&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=584634418&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/644574043/?random=1665173657319&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=1833550397&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/644574043/?random=1665173657319&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=1833550397&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/644574043/?random=1665173657319&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=1833550397&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/975701947/?random=1665173657334&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=2264993103&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/975701947/?random=1665173657334&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=2264993103&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/975701947/?random=1665173657334&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php&tiba=let%27s%20verify%20Your%20Citi%20Account%20Email%20Address-%20Citibank&async=1&fmt=3&is_vtc=1&random=2264993103&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da5f54e2d234b159e435039798b4f58c
115cbe08795735df780e8d1a5fb31141187c074e
20fefe2ac7fcd44ae4d6714ff2148b54810a8e7b7f66103e4bbe9c0156b7b2fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jf=3136246c71623d36666167663a666236616b3734346c6030333661633f3064366730673165306c
204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jf=3136246c71623d36666167663a666236616b3734346c6030333661633f3064366730673165306c
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jf=3136246c71623d36666167663a666236616b3734346c6030333661633f3064366730673165306c HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=C07EFD2EE16301BEB28ED3A919365D6B?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:18 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=92
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jf=31362e6c71603d3464616d643064603461633534346c603831366163373264366730673367306c
204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jf=31362e6c71603d3464616d643064603461633534346c603831366163373264366730673367306c
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jf=31362e6c71603d3464616d643064603461633534346c603831366163373264366730673367306c HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=0AC2DD197F3981BD870D01E0998EE1C1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:18 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=91
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/clear1.png;CIS3SID=39DDB22A2A941BD8E1E401BF4108121F?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jf=3c333824736b6c5f706e663f7464725f365455323741436f446771356141606b267b69645f646174673d31343e3531353136373526716b665d767170653f77676a386561647169267169665d6b65793d33323739333031333234303530633a36343063653364303232313034383832633a36363a6367316632313831303530313c30303230363a64363963606463303861303236613137323331643235363135303d303561376534633232633e66313a32343a3b3132306431316b346361393a3e37316163343e62323330676434663133333137303635336036333a3a353634326c363636663639333737673a62356630343b63623632333a616d37306139336b346360663b2e736b645d7169673d3330363430323231303263373033633065313c363132343437346137343d663163313866346537306164343d31663732353f36366435316e32373536316130333061636337666462623632323033323238313c6537633931373036353a6a61316432333063336631363b673164633635663866393161613e393b64603b3963653132663b6139343739366735363a673426736166723d30
204 204 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear1.png;CIS3SID=39DDB22A2A941BD8E1E401BF4108121F?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jf=3c333824736b6c5f706e663f7464725f365455323741436f446771356141606b267b69645f646174673d31343e3531353136373526716b665d767170653f77676a386561647169267169665d6b65793d33323739333031333234303530633a36343063653364303232313034383832633a36363a6367316632313831303530313c30303230363a64363963606463303861303236613137323331643235363135303d303561376534633232633e66313a32343a3b3132306431316b346361393a3e37316163343e62323330676434663133333137303635336036333a3a353634326c363636663639333737673a62356630343b63623632333a616d37306139336b346360663b2e736b645d7169673d3330363430323231303263373033633065313c363132343437346137343d663163313866346537306164343d31663732353f36366435316e32373536316130333061636337666462623632323033323238313c6537633931373036353a6a61316432333063336631363b673164633635663866393161613e393b64603b3963653132663b6139343739366735363a673426736166723d30
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear1.png;CIS3SID=39DDB22A2A941BD8E1E401BF4108121F?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jf=3c333824736b6c5f706e663f7464725f365455323741436f446771356141606b267b69645f646174673d31343e3531353136373526716b665d767170653f77676a386561647169267169665d6b65793d33323739333031333234303530633a36343063653364303232313034383832633a36363a6367316632313831303530313c30303230363a64363963606463303861303236613137323331643235363135303d303561376534633232633e66313a32343a3b3132306431316b346361393a3e37316163343e62323330676434663133333137303635336036333a3a353634326c363636663639333737673a62356630343b63623632333a616d37306139336b346360663b2e736b645d7169673d3330363430323231303263373033633065313c363132343437346137343d663163313866346537306164343d31663732353f36366435316e32373536316130333061636337666462623632323033323238313c6537633931373036353a6a61316432333063336631363b673164633635663866393161613e393b64603b3963653132663b6139343739366735363a673426736166723d30 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Fri, 07 Oct 2022 20:14:18 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: image/png;charset=UTF-8
Keep-Alive: timeout=2, max=90
content22.online.citi.com/fp/clear1.png;CIS3SID=C07EFD2EE16301BEB28ED3A919365D6B?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jf=363134267169645f726e663d7c66725f494361544d41377b6079465361706d3624716b665f666974653d3136363533373336373724716b6657747970653d7567603a6763667361267369665f6367793d333837393338333b323630373a613836363a616733663832303130363038306138363638616731663833303130373231363232303234613464643b653e646135633f603766393b6c64303138696531353661353665613f326432626239656730323033336634673239363264653035366731666360323633323467303f356436633b3362306c343c613637626e3033363a32663b66603c35633865343761606336303639666167346961383865656667606635363035267369645d7361653d33303c3730323a323e6764643638373135363b326366663b6465346631653237633063633935633a373a326231653037633a36616432373833666537316d646337633137336530613830323130386336613036323363313961613335666539373365643465353337606d6535643939323667343232306338623033666330306334656a3762643d303d673032326c26736964703f32
204 204 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear1.png;CIS3SID=C07EFD2EE16301BEB28ED3A919365D6B?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jf=363134267169645f726e663d7c66725f494361544d41377b6079465361706d3624716b665f666974653d3136363533373336373724716b6657747970653d7567603a6763667361267369665f6367793d333837393338333b323630373a613836363a616733663832303130363038306138363638616731663833303130373231363232303234613464643b653e646135633f603766393b6c64303138696531353661353665613f326432626239656730323033336634673239363264653035366731666360323633323467303f356436633b3362306c343c613637626e3033363a32663b66603c35633865343761606336303639666167346961383865656667606635363035267369645d7361653d33303c3730323a323e6764643638373135363b326366663b6465346631653237633063633935633a373a326231653037633a36616432373833666537316d646337633137336530613830323130386336613036323363313961613335666539373365643465353337606d6535643939323667343232306338623033666330306334656a3762643d303d673032326c26736964703f32
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear1.png;CIS3SID=C07EFD2EE16301BEB28ED3A919365D6B?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jf=363134267169645f726e663d7c66725f494361544d41377b6079465361706d3624716b665f666974653d3136363533373336373724716b6657747970653d7567603a6763667361267369665f6367793d333837393338333b323630373a613836363a616733663832303130363038306138363638616731663833303130373231363232303234613464643b653e646135633f603766393b6c64303138696531353661353665613f326432626239656730323033336634673239363264653035366731666360323633323467303f356436633b3362306c343c613637626e3033363a32663b66603c35633865343761606336303639666167346961383865656667606635363035267369645d7361653d33303c3730323a323e6764643638373135363b326366663b6465346631653237633063633935633a373a326231653037633a36616432373833666537316d646337633137336530613830323130386336613036323363313961613335666539373365643465353337606d6535643939323667343232306338623033666330306334656a3762643d303d673032326c26736964703f32 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Fri, 07 Oct 2022 20:14:18 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: image/png;charset=UTF-8
Keep-Alive: timeout=2, max=89
content22.online.citi.com/fp/clear1.png;CIS3SID=0AC2DD197F3981BD870D01E0998EE1C1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jf=36313e26716b645d706e6c3f7664705d796f4d4f443b6d6664516e4f6261524924716b645d666974653f31363635313533343737267369665f747972673d7567603a6d636671612471696c5d69657b3f33303539333833333036303732633836363a616531663832303330363038326338343638636533663033303332373231363238303236663364336a3635663b6639393566626b3a3862303130386733356733663763333832386765623564393630616634346566303938313b3066363b37666c3233663766603939603b3936366262633132696633313237653233346335336662343b3c3730633061303663663431333861643631633238606131613461646d37633526716b6457716b673f3130343530323a323331323766303b3838373133353b336d38646433613563613a313335643634633131316436666667323a6169316435663031663d363130303064626338636a643032323130303a36373731353560356930313436626438363b3033646336343267383134363665643036613a383735393a63313b606065633a61353937373e6736376336616224736964703f30
204 204 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear1.png;CIS3SID=0AC2DD197F3981BD870D01E0998EE1C1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jf=36313e26716b645d706e6c3f7664705d796f4d4f443b6d6664516e4f6261524924716b645d666974653f31363635313533343737267369665f747972673d7567603a6d636671612471696c5d69657b3f33303539333833333036303732633836363a616531663832303330363038326338343638636533663033303332373231363238303236663364336a3635663b6639393566626b3a3862303130386733356733663763333832386765623564393630616634346566303938313b3066363b37666c3233663766603939603b3936366262633132696633313237653233346335336662343b3c3730633061303663663431333861643631633238606131613461646d37633526716b6457716b673f3130343530323a323331323766303b3838373133353b336d38646433613563613a313335643634633131316436666667323a6169316435663031663d363130303064626338636a643032323130303a36373731353560356930313436626438363b3033646336343267383134363665643036613a383735393a63313b606065633a61353937373e6736376336616224736964703f30
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear1.png;CIS3SID=0AC2DD197F3981BD870D01E0998EE1C1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jf=36313e26716b645d706e6c3f7664705d796f4d4f443b6d6664516e4f6261524924716b645d666974653f31363635313533343737267369665f747972673d7567603a6d636671612471696c5d69657b3f33303539333833333036303732633836363a616531663832303330363038326338343638636533663033303332373231363238303236663364336a3635663b6639393566626b3a3862303130386733356733663763333832386765623564393630616634346566303938313b3066363b37666c3233663766603939603b3936366262633132696633313237653233346335336662343b3c3730633061303663663431333861643631633238606131613461646d37633526716b6457716b673f3130343530323a323331323766303b3838373133353b336d38646433613563613a313335643634633131316436666667323a6169316435663031663d363130303064626338636a643032323130303a36373731353560356930313436626438363b3033646336343267383134363665643036613a383735393a63313b606065633a61353937373e6736376336616224736964703f30 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Fri, 07 Oct 2022 20:14:18 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: image/png;charset=UTF-8
Keep-Alive: timeout=2, max=94
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jac=1&je=3332392624726d3f6c6f2e6377646a3f64663534623d363038303535636635656034323961616d646363353637323667633733303663363a3536323a61653b6632393f393434333336303a3133646630266578333d6c643638656637623237383a63643460353166623a66626562656733643761616363663339363632
204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jac=1&je=3332392624726d3f6c6f2e6377646a3f64663534623d363038303535636635656034323961616d646363353637323667633733303663363a3536323a61653b6632393f393434333336303a3133646630266578333d6c643638656637623237383a63643460353166623a66626562656733643761616363663339363632
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jac=1&je=3332392624726d3f6c6f2e6377646a3f64663534623d363038303535636635656034323961616d646363353637323667633733303663363a3536323a61653b6632393f393434333336303a3133646630266578333d6c643638656637623237383a63643460353166623a66626562656733643761616363663339363632 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:18 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=88
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jac=1&je=3332332624706d3d6e6f24617d66683d646e3734623d36383a3035356b6435656034323b63616d646361353637323465633533303461343a3d36323863653b6632393539343633313430303339666432266d7a333d6c643e3a6566376a3037383a63643662353166623866626562676533663761636161663b39363430
204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jac=1&je=3332332624706d3d6e6f24617d66683d646e3734623d36383a3035356b6435656034323b63616d646361353637323465633533303461343a3d36323863653b6632393539343633313430303339666432266d7a333d6c643e3a6566376a3037383a63643662353166623866626562676533663761636161663b39363430
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jac=1&je=3332332624706d3d6e6f24617d66683d646e3734623d36383a3035356b6435656034323b63616d646361353637323465633533303461343a3d36323863653b6632393539343633313430303339666432266d7a333d6c643e3a6566376a3037383a63643662353166623866626562676533663761636161663b39363430 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:18 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jac=1&je=393031242672653d6c6f24637564683d64643734623534303a32353761663765623e303963636564616135343f323667613533323661343a37343a3863673966383b373b36343b31363030313164643226677a333d6466363a676635603235383869663462373966603866606d6265673166376361616166313b3e3430
204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jac=1&je=393031242672653d6c6f24637564683d64643734623534303a32353761663765623e303963636564616135343f323667613533323661343a37343a3863673966383b373b36343b31363030313164643226677a333d6466363a676635603235383869663462373966603866606d6265673166376361616166313b3e3430
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jac=1&je=393031242672653d6c6f24637564683d64643734623534303a32353761663765623e303963636564616135343f323667613533323661343a37343a3863673966383b373b36343b31363030313164643226677a333d6466363a676635603235383869663462373966603866606d6265673166376361616166313b3e3430 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:18 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=93
Connection: Keep-Alive
Content-Type: text/javascript
contents1.00110.citi.com/api/v1/sendLogs?cid=cedric&cdsnum=1665173655528-sjn0000205-b70f5867-9ae0-42ad-8f4f-c3efde3c04ba&csid=null&ds=js&sdkVer=2.17.2.285.6f55d57
204 No Content 0 B URL HTTP/2 contents1.00110.citi.com/api/v1/sendLogs?cid=cedric&cdsnum=1665173655528-sjn0000205-b70f5867-9ae0-42ad-8f4f-c3efde3c04ba&csid=null&ds=js&sdkVer=2.17.2.285.6f55d57
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v1/sendLogs?cid=cedric&cdsnum=1665173655528-sjn0000205-b70f5867-9ae0-42ad-8f4f-c3efde3c04ba&csid=null&ds=js&sdkVer=2.17.2.285.6f55d57 HTTP/1.1
Host: contents1.00110.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 836
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 07 Oct 2022 20:14:18 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
200 OK 538 B URL HTTP/2 contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (538), with no line terminators
Hash 6a993942353c84b32fb3e2610c0b78d7
6a5bda7f50f545aa30893bfa17496d0c382e5bd2
f5bb6ebcfbf834110f9033ffb3b39dc2e71b4c94516b4a02ca6071b62138f9fd
POST /client/v3.1/web/wup?cid=cedric HTTP/1.1
Host: contents2.00110.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1994
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 538
date: Fri, 07 Oct 2022 20:14:18 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: b9f6b9fb-d905-415f-8645-f7f1a87a3de1
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
200 OK 538 B URL HTTP/2 contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (538), with no line terminators
Hash ddc9f50098e6a145a2d8da968626b17c
acbc48e56efa40c706d288118378e7550c8ba256
c10f1025a55fed3076b93bdb98e53861fbadad592eddbd2bf504d512cab7f276
POST /client/v3.1/web/wup?cid=cedric HTTP/1.1
Host: contents2.00110.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1526
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 538
date: Fri, 07 Oct 2022 20:14:18 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: dc4b985d-19d5-4a1b-bcda-ee9b820ed6e9
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 7
Origin: https://content22.online.citi.com
Connection: keep-alive
Referer: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=39DDB22A2A941BD8E1E401BF4108121F?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:20 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Access-Control-Allow-Origin: https://content22.online.citi.com
Content-Type: text/javascript
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1
204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 7
Origin: https://content22.online.citi.com
Connection: keep-alive
Referer: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=C07EFD2EE16301BEB28ED3A919365D6B?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:20 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Access-Control-Allow-Origin: https://content22.online.citi.com
Content-Type: text/javascript
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 7
Origin: https://content22.online.citi.com
Connection: keep-alive
Referer: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=0AC2DD197F3981BD870D01E0998EE1C1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
Cookie: s_vi=[CS]v1|31A0444B2E65B401-60001B15870166D2[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C88612723193342365602293033654333274497; s_ecid=MCMID%7C88612723193342365602293033654333274497
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:20 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Access-Control-Allow-Origin: https://content22.online.citi.com
Content-Type: text/javascript
acadplusvk.in/city.com/img/dpm_pixel_min.js
200 OK 0 B URL HTTP/1.1 acadplusvk.in/city.com/img/dpm_pixel_min.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/dpm_pixel_min.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:11 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 105110
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/96e0eb995483e83e7b3f71968eedeed1.js
200 OK 0 B URL HTTP/1.1 acadplusvk.in/city.com/img/96e0eb995483e83e7b3f71968eedeed1.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/96e0eb995483e83e7b3f71968eedeed1.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:12 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 405607
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
nexus.ensighten.com/citi/na_prod/code/2fec4c7c6dc69d561844935cdcfc1d5c.js?conditionId0=467299
200 OK 0 B URL HTTP/2 nexus.ensighten.com/citi/na_prod/code/2fec4c7c6dc69d561844935cdcfc1d5c.js?conditionId0=467299
IP
GET /citi/na_prod/code/2fec4c7c6dc69d561844935cdcfc1d5c.js?conditionId0=467299 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 16 Aug 2022 21:43:10 GMT
x-amz-replication-status: PENDING
last-modified: Tue, 16 Aug 2022 21:43:05 GMT
etag: W/"6ee8c75c11d701bd85d6e3c25093c469"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: jza8GqxZGhVz18cCFAItH4ZpiQFQqNOt
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MKXub-ku5znG11pwju8DbMmmoS_4Dg0X9hE45v213uP8CEt5swOaLQ==
age: 4487466
X-Firefox-Spdy: h2
nexus.ensighten.com/citi/na_prod/code/557566dc60916e3de69e006bef252459.js?conditionId0=4837456
200 OK 0 B URL HTTP/2 nexus.ensighten.com/citi/na_prod/code/557566dc60916e3de69e006bef252459.js?conditionId0=4837456
IP
GET /citi/na_prod/code/557566dc60916e3de69e006bef252459.js?conditionId0=4837456 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 01 Sep 2022 03:53:27 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Jul 2021 20:01:09 GMT
etag: W/"c12999fcad47ab9cba1967b8c736048d"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: nE2jchQRxt_gtDKDOvHRLQGyp_MKp2PL
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RrM9dlNBRpfZCb-G92vmPjoNIkaoduZkDGINolKvQU_7WVAiXOsdWw==
age: 3169249
X-Firefox-Spdy: h2
acadplusvk.in/city.com/img/js(4)
200 OK 0 B URL HTTP/1.1 acadplusvk.in/city.com/img/js(4)
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(4) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/emailaddress.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:11 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 103187
Keep-Alive: timeout=15
Connection: Keep-Alive
nexus.ensighten.com/citi/na_prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citi/na_prod/code/&publishedOn=Thu%20Feb%2017%2015:16:12%20GMT%202022&ClientID=1129&PageID=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php
200 OK 0 B URL HTTP/2 nexus.ensighten.com/citi/na_prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citi/na_prod/code/&publishedOn=Thu%20Feb%2017%2015:16:12%20GMT%202022&ClientID=1129&PageID=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php
IP
GET /citi/na_prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citi/na_prod/code/&publishedOn=Thu%20Feb%2017%2015:16:12%20GMT%202022&ClientID=1129&PageID=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Femailaddress.php HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
server: nginx
date: Fri, 07 Oct 2022 20:14:15 GMT
expires: Fri, 07 Oct 2022 20:14:14 GMT
cache-control: no-cache, no-store
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: A2pu2WQ6wVGFh7utPaZl9U7B5V6j91NkZ-Wlxq5aB1MgLW-7iDqu5g==
X-Firefox-Spdy: h2
nexus.ensighten.com/citi/na_prod/code/af3b21070dd01ab22a4f331056324374.js?conditionId0=4897099
200 OK 0 B URL HTTP/2 nexus.ensighten.com/citi/na_prod/code/af3b21070dd01ab22a4f331056324374.js?conditionId0=4897099
IP
GET /citi/na_prod/code/af3b21070dd01ab22a4f331056324374.js?conditionId0=4897099 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 16 Aug 2022 21:43:10 GMT
x-amz-replication-status: PENDING
last-modified: Tue, 16 Aug 2022 21:43:05 GMT
etag: W/"412eb38d6a797c24fd5d7e30e1b9799d"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: QTYOdEvDbSbtudwcv3X6K9qpVGIDVLJs
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UywBVUT0Fv-e-cB9vfbWADfhxYxKcLyjMCqrKjfXb94zn1fgy3C7XQ==
age: 4487466
X-Firefox-Spdy: h2
nexus.ensighten.com/citi/na_prod/code/51aba9f62787efbaa13e53a8d1ae3892.js?conditionId0=4827153
200 OK 0 B URL HTTP/2 nexus.ensighten.com/citi/na_prod/code/51aba9f62787efbaa13e53a8d1ae3892.js?conditionId0=4827153
IP
GET /citi/na_prod/code/51aba9f62787efbaa13e53a8d1ae3892.js?conditionId0=4827153 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 22 Jul 2022 04:58:00 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 31 Aug 2021 17:19:04 GMT
etag: W/"4d37444c012a76a0557182615bf5cdd3"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: wbqnWd5jL63548esNkWLxT1ImQDA0TC0
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: F2HMhY0ZmaS8J7dKfQpIRqGyJ4nHIxVIHdCGNW4kQ7GI9lDSM2RQSQ==
age: 6707775
X-Firefox-Spdy: h2
nexus.ensighten.com/citi/na_prod/code/74cc1efe8c7595da53e7ab20e00a12ab.js?conditionId0=486757
200 OK 0 B URL HTTP/2 nexus.ensighten.com/citi/na_prod/code/74cc1efe8c7595da53e7ab20e00a12ab.js?conditionId0=486757
IP
GET /citi/na_prod/code/74cc1efe8c7595da53e7ab20e00a12ab.js?conditionId0=486757 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 04 Oct 2022 17:38:58 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 04 Oct 2022 17:38:26 GMT
etag: W/"3ede326e87ee2b8f7af776b4c4ad35f7"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: LjMYQmiQy7kOs5o7pU54PuDyr5b_DNtO
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Qz4N-MwfHYtuQrFeeFsT8U4K4ARALrVVZbmbxZ5hw2mQyCghp0snng==
age: 268518
X-Firefox-Spdy: h2
119.18.52.62
34.224.141.61
104.110.29.32
23.13.42.166
52.18.84.5
93.184.220.29
13.36.218.177
104.18.32.68