firefox.settings.services.mozilla.com/v1/
54.230.111.7200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -mBdMNLKhU6fk809Yzei47xs09CLDvxI0B28icPAQNxXi346Wz2u5g==
Age: 188828
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1273d41c84b2b39f78a8033130d00282
556757697b70e019ed502585fcc888e2403f3229
ee3c03cc0a659fbc43d34feaa79a8ad6627b9c525d675956cdb434c1590db89e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE3C03CC0A659FBC43D34FEAA79A8AD6627B9C525D675956CDB434C1590DB89E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11006
Expires: Fri, 07 Oct 2022 23:17:52 GMT
Date: Fri, 07 Oct 2022 20:14:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5462
Expires: Fri, 07 Oct 2022 21:45:28 GMT
Date: Fri, 07 Oct 2022 20:14:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8bk7V5Jwt46PaVY2z666SQbPk74OKILZWtarkTdaF1gCZYHZvkXGedpIxsusGNSh11FlURL0FO4=
x-amz-request-id: SXZZRGXWV2A1XZSD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 07 Oct 2022 19:31:20 GMT
age: 2586
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:14:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
acadplusvk.in/city.com/
119.18.52.62200 OK 316 kB IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (55779)
Size 316 kB (316105 bytes)
Hash f23a6506e3094e7f6ae3ad2091aa28dc
2a317886666718e140693bbc46878d5893506982
209db3111df8be4b0414ecda1956ec28c519bd0e0d5da80b300e322e082eeef1
Analyzer Verdict Alert openphish Citigroup Inc.
fortinet Phishing
GET /city.com/ HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:25 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c95e2715db953e22a3b5901aff1d679c
c62a4b221c22029c9eb6451f16c03c61475d9d50
2cf54b6a3e05febd291405cc6cf4cdd6fbe4a2aba93a184de61676580f6d85f5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3853
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:27 GMT
Last-Modified: Fri, 07 Oct 2022 19:10:14 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c95e2715db953e22a3b5901aff1d679c
c62a4b221c22029c9eb6451f16c03c61475d9d50
2cf54b6a3e05febd291405cc6cf4cdd6fbe4a2aba93a184de61676580f6d85f5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3853
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:27 GMT
Last-Modified: Fri, 07 Oct 2022 19:10:14 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c95e2715db953e22a3b5901aff1d679c
c62a4b221c22029c9eb6451f16c03c61475d9d50
2cf54b6a3e05febd291405cc6cf4cdd6fbe4a2aba93a184de61676580f6d85f5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3853
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:27 GMT
Last-Modified: Fri, 07 Oct 2022 19:10:14 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
acadplusvk.in/city.com/img/js(1)
119.18.52.62200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(1)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103051 bytes)
Hash 475095d97d2441005dfdbd85f505a10a
334d9a3458f7edd09d4fca43dd474630439a86c6
008aaa0eebea326ea356339b06467c2eb5f98d4b76759ae45f6eb1f953db28ee
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(1) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:25 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 103051
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/cool-2.1.15.min.js
119.18.52.62200 OK 14 kB URL HTTP/1.1 acadplusvk.in/city.com/img/cool-2.1.15.min.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type C source, ASCII text, with very long lines (585)
Hash 80dd5e3be5152c5c72d552c6a26ef6ff
a019565ce06f5b1c129af9ac0e9cfa82f52dcdea
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cool-2.1.15.min.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:25 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 13891
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/tc.min.js
119.18.52.62200 OK 20 kB URL HTTP/1.1 acadplusvk.in/city.com/img/tc.min.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type C source, ASCII text, with very long lines (19497)
Hash 83c2974d08241a92c3b2dcb8f441271f
424d72cd7dfe7371c647addd7145ab3444a6b121
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/tc.min.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:25 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 19498
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
104.110.29.32200 OK 76 kB URL HTTP/1.1 www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
IP 104.110.29.32:0
File type Web Open Font Format, TrueType, length 75538, version 1.197\012- data
Hash 3d1d3153b04b6ce8a33a20f60df9d723
60e91c7766bdc415134c1111a283ffed3749dbae
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff HTTP/1.1
Host: www.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff
Content-Length: 75538
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Access-Control-Max-Age: 2147483647
Dclocation: GT1DMS
ETag: W/"12712-1832c19c958"
Last-Modified: Sun, 11 Sep 2022 10:30:31 GMT
Nonce: 8763937778443946
Referrer-Policy: no-referrer
Scope: VISITOR
Sid: 71696be0-0755-421a-a6c6-6f1d4e87ae0a
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Uuid: 88db870f-930d-4d65-828f-90fb97d75f90
X-Content-Type-Options: nosniff
X-Vcap-Request-Id: fedf50a2-3b5c-454b-6c32-a721718c94a5
X-Xss-Protection: 1 ; mode=block
X-Akamai-CITISITE: GTDC
Cache-Control: public, no-transform, max-age=21600
Expires: Sat, 08 Oct 2022 02:14:27 GMT
Date: Fri, 07 Oct 2022 20:14:27 GMT
Connection: keep-alive
Set-Cookie: AKMTLTSID=D918F0E56015710CFF695CF9F8D0AF8F; path=/; domain=citi.com; secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff
104.110.29.32200 OK 79 kB URL HTTP/1.1 www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff
IP 104.110.29.32:0
File type Web Open Font Format, TrueType, length 78762, version 1.197\012- data
Hash b1f3eca7de0c2cb35740f32dd0b83823
dffc474081c23fc151265b637a4468e82004ecc8
045cd226594cb32ddf9d4db8ee45611f4d0788675ae50180b68da975e66fe1fe
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Regular.woff HTTP/1.1
Host: www.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff
Content-Length: 78762
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Access-Control-Max-Age: 2147483647
Dclocation: GT1DMS
ETag: W/"133aa-1832c19c958"
Last-Modified: Sun, 11 Sep 2022 10:30:31 GMT
Nonce: 9121593632974370
Referrer-Policy: no-referrer
Scope: VISITOR
Sid: df2866c6-a651-4c8f-9eab-5015e6158000
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Uuid: d7db5394-7f36-4fc2-95c6-2df7667abd32
X-Content-Type-Options: nosniff
X-Vcap-Request-Id: c110a1ed-9a5a-4d44-4a45-61791f52c94c
X-Xss-Protection: 1 ; mode=block
X-Akamai-CITISITE: GTDC
Cache-Control: public, no-transform, max-age=21600
Expires: Sat, 08 Oct 2022 02:14:27 GMT
Date: Fri, 07 Oct 2022 20:14:27 GMT
Connection: keep-alive
Set-Cookie: AKMTLTSID=AE1960759A199ED5FCE0B889530995EC; path=/; domain=citi.com; secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.7200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Fri, 07 Oct 2022 19:29:41 GMT
Cache-Control: max-age=3600
Expires: Fri, 07 Oct 2022 20:21:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kUQCecl9mV7zTvrKe6ihPlIMRUZ337AxMR90DNT9BZzChoD6-g5V7w==
Age: 2686
acadplusvk.in/city.com/img/js(2)
119.18.52.62200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(2)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103187 bytes)
Hash a5857f45dc475f0d0248f0e88b1910fe
801f894e1e1f8f45a002108d6db22b99a86078d3
b6f517c4279c052b89206db39d95274ef20699f4142aaa9e4339790d3228a64f
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(2) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:26 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 103187
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/clarity.js
119.18.52.62200 OK 54 kB URL HTTP/1.1 acadplusvk.in/city.com/img/clarity.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (53819)
Hash bfe7b3387bec83787001dbaff19582c7
e2c99fcf2a90e1d741850f478252bfb8ec557100
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/clarity.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:25 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 53904
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/f.txt
119.18.52.62200 OK 40 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f.txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2165)
Hash ca7e72b78555d2e8c4b16d4bd5257d75
1a8681cdb23a36d15b6fcc3709012e2871089945
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f.txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:25 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 39731
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d6c404502c7987174a84d8f0a3efab23
fc3a3f6d63acab3f659fb3536b65fd8564ec8628
94b5693df873bd923ffbf31f576fff01d2628e5796af4c6b91306a743e27d19b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6426
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:27 GMT
Last-Modified: Fri, 07 Oct 2022 18:27:21 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
acadplusvk.in/city.com/img/js(5)
119.18.52.62200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(5)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103281 bytes)
Hash e20ba53af81eb737de7fad96944aa60b
530cce66fe22697dc035d6881942ff7bb0c409ff
e76caa473d34a77670863ffd51ee0e59b44c4bdc6367aa0e8e698bf6b264919f
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(5) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:26 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 103281
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js
119.18.52.62200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103051 bytes)
Hash cc3f006c0d20688bd4d5760854e6fbfa
86c1c9948bad89d8978f121666970ca75a6041cf
7e035fe791d86c0346cacc50c10ab1cea6941f3dae04a87b7acc0e30ce6436d9
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:25 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 103051
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/bat.js
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/bat.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/bat.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:26 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/js(6)
119.18.52.62200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(6)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103187 bytes)
Hash e1340ee2f64e9f54d9dbb4611f02ff99
b509c86c7c8add2aaef171af708d002a76838fc8
ac3211cc5864f812b2e7fe668137258fe2e2405cc42642d4fbcd07199f3c4028
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(6) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:26 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 103187
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(4)
119.18.52.62200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(4)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103187 bytes)
Hash b09f9c7bee568b4c30c834d7004a8318
c094eb0aa39e9b1fcdbe5f777608e480aa823116
677cec65f2895fca126756615b8f96c2801078d2b59a98bab4aab3ee8a89d645
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(4) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:26 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 103187
Keep-Alive: timeout=15
Connection: Keep-Alive
push.services.mozilla.com/
54.149.83.187101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.83.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hocx9D+ohNY2kdKkuIMVKQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pq1CKt3hdRIR2IjlGKb2/Yvv+HI=
acadplusvk.in/city.com/img/js(3)
119.18.52.62200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(3)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103051 bytes)
Hash a838afd9a56c8f89018f10bd09cc6421
84ee9b65a3192f5e64141e640a2ee6dc276204b0
0e8665d56063213d42b3650b1325534735f0fefe09ee48a7f734f83b5e4bfdfe
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(3) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:26 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 103051
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(8)
119.18.52.62200 OK 103 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(8)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Size 103 kB (103165 bytes)
Hash 150f0f4c807995a977803d2ff092f3eb
53586f85f91df62000e9951a676153cd93435e9b
efcb0e09a533713a54d617f43991909e46d6430c9c1531787ea15492a15b9e86
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(8) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:26 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 103165
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(12)
119.18.52.62200 OK 93 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(12)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash 79c8eea8898418116e2341640f0ec400
7c123217fd21ddd24fa8cb33674b185e5616793d
5a2aa8a1ce876434e8f0912c3be63026f79d0b0f24ea591e5379d9186fae451f
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(12) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:26 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 92863
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/dpm_pixel_min.js
119.18.52.62200 OK 105 kB URL HTTP/1.1 acadplusvk.in/city.com/img/dpm_pixel_min.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (60150)
Size 105 kB (105110 bytes)
Hash 08e770c8a17bf087d50cec01af0892c2
15f6bd70687eeff26cd6e72f647b80894b855e7f
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/dpm_pixel_min.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:26 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 105110
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/js(10)
119.18.52.62200 OK 93 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(10)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash e8027c272fc8b146d2d67687166dcbf6
79ffac5d6ce9debd2fd3fefd927d4e8ad6e09cfa
e83c9c5a686b6460be3df5f34ddbe456588d4f575083e74045a00c4ff2be7db0
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(10) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:26 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 92863
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(11)
119.18.52.62200 OK 93 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(11)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash 1d3e9d76d4f76b08cb4ceb30652535dc
b42727daec4a0e7f8e2665283c31be654a3f4e80
0264c5423e565a05bcc16d1abdfec999c4e92fd5ea90146251a8549cb93773f6
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(11) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:26 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 92863
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(13)
119.18.52.62200 OK 93 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(13)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash 351f91dc956821f77df4a3df9e488a4f
1c13fa31eff0e9d7d500650ae9f7d006ac40c4b9
8a13175818c1064520ce05abb77e35d1c88111dcf0cd991d5227a55ff196a7e3
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(13) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:26 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 92841
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/js(9)
119.18.52.62200 OK 93 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(9)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash dc97114eb2971a8778934dd712c1b0de
90927dda01826d8403a55c598c2e825e87811622
c9c84a02bd7802730402506e08933a2bf019ce78600f266189b86a2d53c0bdd6
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(9) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:26 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 92863
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/3fac67bbed26d3e121bb84cefe395515.js
119.18.52.62200 OK 4.1 kB URL HTTP/1.1 acadplusvk.in/city.com/img/3fac67bbed26d3e121bb84cefe395515.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (518)
Hash 8840936aaa3f823ad4c7d6c5c5b0476c
a45a46442eaab1ae98c39dfe5e8bc53027a70b91
6a4572cbce614543d10ffc2276b91140ecb0b0b9e2de0b9a87d4bc4016051f17
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/3fac67bbed26d3e121bb84cefe395515.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:26 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 4069
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/8e31a20960f50a1c34f7ccb1cd9737ec.js
119.18.52.62200 OK 340 B URL HTTP/1.1 acadplusvk.in/city.com/img/8e31a20960f50a1c34f7ccb1cd9737ec.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (340), with no line terminators
Hash bdff6eff8de1b3545ba53c6de66e07f4
ed4dc87caeb969487a561460686dd1aeee154d47
84129e02573a4f7ca911b6b37f7129a748efdae9decea2efe415ffeabf1a66bb
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/8e31a20960f50a1c34f7ccb1cd9737ec.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:26 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 340
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/d77cad342c2e126c752063748cd63d48.js
119.18.52.62200 OK 31 kB URL HTTP/1.1 acadplusvk.in/city.com/img/d77cad342c2e126c752063748cd63d48.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (571)
Hash 130b85fd120b6086edd93dc081411f3b
fe858f5c6cd1408944353ea478dd1d6b04956944
21201ecc3c1f81d2725b4f6b81c4dfa208edabe6a023711d6b48933b7acabf84
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/d77cad342c2e126c752063748cd63d48.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:26 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 30873
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/js(14)
119.18.52.62200 OK 93 kB URL HTTP/1.1 acadplusvk.in/city.com/img/js(14)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash 07d6e770baf6cef24f751f89e0450919
d04a2ee8a5cf36e2b5ed43789f9e1f1974642b08
02e871a789bf3801140ce6b9d8a205d308ca81bce448e87fb6bdd60ee98cafc1
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(14) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:26 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 92841
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplusvk.in/city.com/img/51aba9f62787efbaa13e53a8d1ae3892.js
119.18.52.62200 OK 1.3 kB URL HTTP/1.1 acadplusvk.in/city.com/img/51aba9f62787efbaa13e53a8d1ae3892.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (524)
Hash 4d37444c012a76a0557182615bf5cdd3
1ba1932dcc6dff6035c37a14de9852606de28329
bf8892a953595eb96b9ca68c5756849d404115dcf2ee9bf87e8b4e7b3cf8e650
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/51aba9f62787efbaa13e53a8d1ae3892.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:27 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1322
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/468b3e37a21c4198f4939c8aaca98066.js
119.18.52.62200 OK 1.5 kB URL HTTP/1.1 acadplusvk.in/city.com/img/468b3e37a21c4198f4939c8aaca98066.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (528)
Hash 1134fb1ba0ea9f4c07cb7b8e5391014e
a41047baee806c32a43c3c42b524b65e03a82bef
61e01b4da87624c5972c4f051d92695a76fa8491c2c1512342b714b9f5db2008
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/468b3e37a21c4198f4939c8aaca98066.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:27 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1477
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/9d552101ccdbc20ef239307e0ace1356.js
119.18.52.62200 OK 160 kB URL HTTP/1.1 acadplusvk.in/city.com/img/9d552101ccdbc20ef239307e0ace1356.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (573)
Size 160 kB (159835 bytes)
Hash 6089906788dab761a1717f00e49f6d47
afea4afa3858165eb7b2023a697829a7470e28c7
53c561089a7987d29afa32543f9d7585b9a4f565b0b6c54b703e802f2f52d386
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/9d552101ccdbc20ef239307e0ace1356.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:27 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 159835
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/6c8ea0384518f24fa6367b97cbf3fd9d.js
119.18.52.62200 OK 131 kB URL HTTP/1.1 acadplusvk.in/city.com/img/6c8ea0384518f24fa6367b97cbf3fd9d.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (614)
Size 131 kB (130786 bytes)
Hash cc5856a5888308a00d5e9db804679222
e3b5f525808ae6a09bfb1ce791f7688f32889be3
dfb30742c209a6119b53853df43d609166ce3b72e09c0f6d7bafaac8a4f1bd00
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/6c8ea0384518f24fa6367b97cbf3fd9d.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:26 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 130786
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 29f977a36a78c156e453a55d86eb0c82
a84cb3c6c89aad5590ab89ca14c3616e4157d6a7
d47dbc200efffb39b01d339c449845021c591c8dde619a8418a78fdb88b06393
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 07 Oct 2022 20:14:28 GMT
Last-Modified: Fri, 07 Oct 2022 18:38:28 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZG17HBlAjew2lz0oPNg9xIHX7sGROeVYORv07zexvt2SU82tT4GsOw==
Age: 5760
acadplusvk.in/city.com/img/d90ce1a791ada193ee0ca4e9ce66632d.js
119.18.52.62200 OK 4.8 kB URL HTTP/1.1 acadplusvk.in/city.com/img/d90ce1a791ada193ee0ca4e9ce66632d.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1194)
Hash f858f498c16f3fcb99e48c58f276fda5
6ed0863603eb27999945bf50bf80cac0c3617100
c1b3f3803c42132039b21ce8921335c9cb785a58d513fdc04b0350434bec8e29
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/d90ce1a791ada193ee0ca4e9ce66632d.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:27 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 4849
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/42d4d669434e7d621371bd59ca097dbf.js
119.18.52.62200 OK 4.8 kB URL HTTP/1.1 acadplusvk.in/city.com/img/42d4d669434e7d621371bd59ca097dbf.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (532)
Hash 573342e8c2bbcc33e1da4ee9293cbbac
c631b62c4bc3c757e7619c8e6650bbddf7aa7b8e
76b3e3ecb44a3b1216be2633c4736dc6fbef5a83a7058b7919dcb1489b5b211b
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/42d4d669434e7d621371bd59ca097dbf.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:27 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 4796
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/fdf45a7c15c1cee06bb71e10dac4e26e.js
119.18.52.62200 OK 989 B URL HTTP/1.1 acadplusvk.in/city.com/img/fdf45a7c15c1cee06bb71e10dac4e26e.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (524)
Hash a88ee16d6636b998b8a6bb0eedf3a3bb
84b7338657d33ace2048bf6b6e3b8b3fa649548a
7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/fdf45a7c15c1cee06bb71e10dac4e26e.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:27 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 989
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/serverComponent.php
119.18.52.62200 OK 2.0 kB URL HTTP/1.1 acadplusvk.in/city.com/img/serverComponent.php
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2006)
Hash 1fb82a059a748b9c4d9edf55fc111f7d
d994b755c90d3dcb0ade573d8eef086bc3232cf1
1a6193c0936ec29f4350799172f83ad78a95112799ea30c662e80f25b418361c
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/serverComponent.php HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:27 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
3.233.129.60200 OK 0 B URL HTTP/2 p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
IP 3.233.129.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: p.tvpixel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://acadplusvk.in/
Origin: https://acadplusvk.in
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 20:14:28 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://acadplusvk.in
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
X-Firefox-Spdy: h2
p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
3.233.129.60200 OK 2 B URL HTTP/2 p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
IP 3.233.129.60:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: p.tvpixel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1598
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 20:14:28 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=2f55d25e-e2d5-4ba0-a8ca-111e3054255a; Expires=Sat, 07 Oct 2023 20:14:28 GMT; Domain=tvpixel.com; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://acadplusvk.in
access-control-allow-credentials: true
X-Firefox-Spdy: h2
acadplusvk.in/city.com/img/6c8322c7341eac98645c10e3d1d3c7ae.js
119.18.52.62200 OK 239 kB URL HTTP/1.1 acadplusvk.in/city.com/img/6c8322c7341eac98645c10e3d1d3c7ae.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65536), with no line terminators
Size 239 kB (238837 bytes)
Hash 9c5a73216a34c42f3974a08a8080ce22
ce94b2f85d3629b84964e6be3dc1849361836996
93a2bf9c16a92eea122a84d246579a50fb89c3b269c78c080588cee14129b2c7
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/6c8322c7341eac98645c10e3d1d3c7ae.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:27 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 238837
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/557566dc60916e3de69e006bef252459.js
119.18.52.62200 OK 2.2 kB URL HTTP/1.1 acadplusvk.in/city.com/img/557566dc60916e3de69e006bef252459.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1964)
Hash c12999fcad47ab9cba1967b8c736048d
cd62dba28e44aceb5f26c5757f24f59f4f79dc95
31b00ff4929696dfca06885da68e58c3e09f6ecb4ae0fe1ae287e99a3fd1f716
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/557566dc60916e3de69e006bef252459.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:27 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 2183
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/banner.min.js
119.18.52.62200 OK 16 kB URL HTTP/1.1 acadplusvk.in/city.com/img/banner.min.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15581), with no line terminators
Hash 58864702922ad7456667ccfa2f212a7b
f46a0697469863fc711f07b85a5327fdcfa8a839
66e0a4b3019f0e19c99a314095a7e13932cd8afcb82a236475abf3f8723ea69d
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/banner.min.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:27 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 15581
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/Bootstrap.js
119.18.52.62200 OK 234 kB URL HTTP/1.1 acadplusvk.in/city.com/img/Bootstrap.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (579)
Size 234 kB (234403 bytes)
Hash 49a3c4174ffd09053b1dca60cf732391
3fb3ecbbe6d35c0e45d5118c05a86423ba473798
b4d7c52d0920ce3ce14dd5f198df3fb2e9bf39ff31e209a92cf146c86de4ce62
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/Bootstrap.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:27 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 234403
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/logo.js
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/logo.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/logo.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:27 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/96e0eb995483e83e7b3f71968eedeed1.js
119.18.52.62200 OK 406 kB URL HTTP/1.1 acadplusvk.in/city.com/img/96e0eb995483e83e7b3f71968eedeed1.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (965)
Size 406 kB (405607 bytes)
Hash d33c3e72339d9cf9815514de159bf650
39dd5c8f75063350b0e58cfe95bba2c0aeb1f0c1
d9181c42b463ba85677421a93ae1ba80ae774c9bf8af67200ed78a419bd067a0
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/96e0eb995483e83e7b3f71968eedeed1.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:26 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 405607
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 54a8c6f45c6a0f3a5c0199d65ca880c6
173104e5386bb24b90f2d7350d008490555e635f
036b47cef15d692924142d169d5f859b5273cc83f6adf61b4e6de9d693313abe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2345
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:28 GMT
Last-Modified: Fri, 07 Oct 2022 19:35:23 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1665173668719
52.211.12.99302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1665173668719
IP 52.211.12.99:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1665173668719 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://acadplusvk.in
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v044-03c2552b2.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1665173668719
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=37224368842798729822216645292192925641; Max-Age=15552000; Expires=Wed, 05 Apr 2023 20:14:28 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: am7mqyoiSRs=
Content-Length: 0
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10903
Expires: Fri, 07 Oct 2022 23:16:11 GMT
Date: Fri, 07 Oct 2022 20:14:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10903
Expires: Fri, 07 Oct 2022 23:16:11 GMT
Date: Fri, 07 Oct 2022 20:14:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10903
Expires: Fri, 07 Oct 2022 23:16:11 GMT
Date: Fri, 07 Oct 2022 20:14:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53b7ffdc3799e0ac7a225145242579ef
c47f0525fe5354ee13fe63c0ec31f0f826a58005
4bb518afc9b3e7bfb976d343e46b306155834adbe71fa35b0d6f509959f78aca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10987
x-amzn-requestid: c2ab1012-1afd-4d74-8114-97977b43da24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZgCHwGdGoAMFvyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633cb097-3237927a0c1e081d22c902f7;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 22:15:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: JYDg0-KelCPr__4bKtpARLrwiE1CHGICcFI6I9_TFCMcmESbykNhXQ==
via: 1.1 3dde68f1f52282c9e1ee336d97233b0a.cloudfront.net (CloudFront), 1.1 27f6faf9790b5a2877fb528fa31f7922.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:50 GMT
age: 79538
etag: "c47f0525fe5354ee13fe63c0ec31f0f826a58005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10903
Expires: Fri, 07 Oct 2022 23:16:11 GMT
Date: Fri, 07 Oct 2022 20:14:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg
34.120.237.76200 OK 2.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17df62c3e2ed48ba9c788f5e1b3b702f
854c326016059d67fae42cc34905d0feb58cb6fc
d0bee7a7e629f6594a79bad563bb91c71a17768c2f347fd4a366f7f0daf94fda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2478
x-amzn-requestid: ed2a2dca-5367-42c1-b982-07a39762063e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmigWFvGIAMF9CQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4ace-6fabb7845e4d04613897a866;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: GFxAiO1AQfV1-pVy0NBmc9VoQoxBuBeOWsbPkVpOuT06D8Tw_YuZfA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:18:30 GMT
age: 78958
etag: "854c326016059d67fae42cc34905d0feb58cb6fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4572451a09430ca7a9203f14ddc035ba
46e17c44fba23988d7a9d9832c411ba2810136c3
fa54e73c4b32d8e109504ebcd46e4316de8143f44b7eae20a44ba63d14a6f24b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8445
x-amzn-requestid: 7d295b3b-29d6-4b2e-8314-c9055d1def80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmju5FxwoAMFeQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4cc5-3f58c18b1159ad512c60422b;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:46:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: DC1ECXhkAhfdrU8ZyMhhDdwydsq4PQfzzGOPd-REjCkCsDbXQLnLiA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:57 GMT
etag: "46e17c44fba23988d7a9d9832c411ba2810136c3"
content-type: image/jpeg
age: 79531
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
acadplusvk.in/city.com/img/embed.js
119.18.52.62200 OK 1.6 kB URL HTTP/1.1 acadplusvk.in/city.com/img/embed.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (449)
Hash f18dcd577f0deae68783ef9243454a0c
15e181c5b5dbfc2766d046944c3ccd5527837ad2
7ce1ab6d7d544d02fdbfd070df6d6290a630944648f78629bccf6b7c426254ff
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/embed.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:27 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1573
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/tags.js
119.18.52.62200 OK 82 kB URL HTTP/1.1 acadplusvk.in/city.com/img/tags.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15031)
Hash a2fe0ddd8b16afaa6b95b0fc8b038546
63eff196885a0e292a9138f48556297b8ee034c4
a1012b65a2ec44d9f1a2e3a11f74e644e505cb6544e3717b4442cb9aa73452b0
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/tags.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:27 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 82417
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 16339989f5c6c229a3dcc0ed1e52032f
a1ea26d6e4eb4a72cc8c87100b40035dab69d285
16703f888ee6f974bb89e1c4c16a75186b31b64130abcd1a3bcd3741159d912c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13437
x-amzn-requestid: ec801fbc-c339-46ce-ac5f-18d064e5ef21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_HdeoAMFyOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-02b52b770e6e76cf52b26e47;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Iesqk_XbGiZE-n3mTa1_1WtlXiyEqz-4qfyt3_609O1eujdLcFu3zA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:47:25 GMT
age: 80823
etag: "a1ea26d6e4eb4a72cc8c87100b40035dab69d285"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e30ca5022768294665070cafc9d489c
c6ebf53c21206cfcf8e70279d3ae43f0170ade3a
6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: Vy9jQu1a8BGypY4C4u_9gao5wPEkVHgArhG2zMNdH8KfBS0lfmyHBA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57bd3a2d9e0e4cbf89d9eb3d7dfb916e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:43:40 GMT
age: 81048
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1665173668719
52.211.12.99200 OK 124 B URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1665173668719
IP 52.211.12.99:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
GET /id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1665173668719 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplusvk.in
Content-Type: application/x-www-form-urlencoded
Referer: https://acadplusvk.in/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://acadplusvk.in
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v044-0ebe57a1e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: VfTNiOnHQCE=
Content-Length: 124
Connection: keep-alive
acadplusvk.in/city.com/img/tags.js(2).download
119.18.52.62200 OK 82 kB URL HTTP/1.1 acadplusvk.in/city.com/img/tags.js(2).download
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15031)
Hash fe50cab64bcc9f5c84a2a6dae5ddb851
fd34b1022666c559a6db812aaba4b6932118ecfa
7c61e941b642ce421086c40e8edd357d643de75763ebe83073d329f2693f6786
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/tags.js(2).download HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:27 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 82417
Keep-Alive: timeout=15
Connection: Keep-Alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb8451a42aabd3cfbe241b305b704d64
a3877c21f13dbb472e051d459e4656fc46690275
5fd79754e671af8953c110c346508d6c893165bf98b272533c209bf259384662
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4979
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:29 GMT
Last-Modified: Fri, 07 Oct 2022 18:51:31 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
acadplusvk.in/city.com/img/16003743.js
119.18.52.62200 OK 0 B URL HTTP/1.1 acadplusvk.in/city.com/img/16003743.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/16003743.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:27 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/16001692.js
119.18.52.62200 OK 685 B URL HTTP/1.1 acadplusvk.in/city.com/img/16001692.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (683), with CRLF line terminators
Hash bc3635963138a424c4fd59cf3318d19e
9f3286f6098730e4a38c6e9983dbb794ee25c840
fbfbcd5ac1839093e7f7fed9f57af9bdca51c799c591af25b624ebc421fdd052
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/16001692.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:27 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 685
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f50d2e650cf68984c27d915f82232d43
52f23655ea0c90f5544eccd2ce845a752d5a578e
f34b126fadf6c7c51516cb94e23371f2dc46d9dfce8a3fb34033ce0621e32db8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6493
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:29 GMT
Last-Modified: Fri, 07 Oct 2022 18:26:17 GMT
Server: ECS (amb/6B9E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10903
Expires: Fri, 07 Oct 2022 23:16:11 GMT
Date: Fri, 07 Oct 2022 20:14:28 GMT
Connection: keep-alive
metrics1.citi.com/id?d_visid_ver=3.1.2&d_fieldgroup=MC&mcorgid=61834D9B5228A7430A490D45%40AdobeOrg&ts=1665173668976
15.188.95.229200 OK 89 B URL HTTP/2 metrics1.citi.com/id?d_visid_ver=3.1.2&d_fieldgroup=MC&mcorgid=61834D9B5228A7430A490D45%40AdobeOrg&ts=1665173668976
IP 15.188.95.229:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 702d98cd9fa5985391e0e51c68c9873b
67221d180f5f669144329ff8b3b53fefaf54902a
6f0b91c1c1996b107521834af24a6ea11d33ef32299e0a4446def43a12a00129
GET /id?d_visid_ver=3.1.2&d_fieldgroup=MC&mcorgid=61834D9B5228A7430A490D45%40AdobeOrg&ts=1665173668976 HTTP/1.1
Host: metrics1.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://acadplusvk.in
access-control-allow-credentials: true
date: Fri, 07 Oct 2022 20:14:29 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; Path=/; Domain=citi.com; Max-Age=63072000; Expires=Sun, 06 Oct 2024 20:14:14 GMT; SameSite=None; Secure
AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; Path=/; Domain=citi.com; Max-Age=63072000; Expires=Sun, 06 Oct 2024 20:14:14 GMT; SameSite=None; Secure
s_ecid=MCMID%7C62449068483450838070420606296839161004; Path=/; Domain=citi.com; Max-Age=63072000; Expires=Sun, 06 Oct 2024 20:14:14 GMT; SameSite=None; Secure
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 89
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed3fa86bbe319c9a2f81ff625e677cb0
e3d5210207f6ff922bc28e328285059c19a523a4
5919694bd942a4f25d5b7ffc3f8aee1af6cdb8461d4ba3dba9a2e72cf19164c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7261
x-amzn-requestid: e1bdf299-b29e-4f58-9c8a-33f5dacdb081
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmirBELYoAMFfgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b13-1969b32c6f4f7e5749e7caa0;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: FO5iGJFmDfdklhzIVOxp4x3AV7ltFqBDDlYBz39Zzx99t7oykNR2WQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 a4479a6315f90864adc6175b280f8f44.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:43:40 GMT
age: 81049
etag: "e3d5210207f6ff922bc28e328285059c19a523a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
acadplusvk.in/city.com/img/f(1).txt
119.18.52.62200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(1).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1707), with no line terminators
Hash a3c474b77891aeaaef198d1181db85b7
c2c52aa65260562ce3bed6232dfab67b202d65dc
60efe6c61d482a9ad16c13a430e4f9b230d4a7667873a043327afadd372bef6d
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(1).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:28 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1707
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&d_mid=62449068483450838070420606296839161004&d_cid_ic=AVID%0131A04452FB4C1F35-600004ECA70002F9&ts=1665173669132
52.211.12.99200 OK 300 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&d_mid=62449068483450838070420606296839161004&d_cid_ic=AVID%0131A04452FB4C1F35-600004ECA70002F9&ts=1665173669132
IP 52.211.12.99:0
File type JSON data\012- , ASCII text, with very long lines (358), with no line terminators
Hash 0afad122b5119903efd4dacf582967e7
6ac8ba38768226091896669e3ebf92641b5ae852
de250d94ad2cdb60cf5c23549cf1883e613f5cf3ed9173baecf84ef833c8b70c
GET /id?d_visid_ver=3.1.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&d_mid=62449068483450838070420606296839161004&d_cid_ic=AVID%0131A04452FB4C1F35-600004ECA70002F9&ts=1665173669132 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://acadplusvk.in
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v044-0cc10ed06.edge-irl1.demdex.com 5 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=68482240982187679320897853547834391823; Max-Age=15552000; Expires=Wed, 05 Apr 2023 20:14:29 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: W4maK3QtQHY=
Content-Length: 300
Connection: keep-alive
acadplusvk.in/city.com/img/f(2).txt
119.18.52.62200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(2).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash 105e05de24c950e870a5e43f18e1aa49
8b7b2a758921116bb3a7a213df81cc7a95ab2f18
0ed87b4fd56a4ea6f91e90ec9227281332adcb6d90c16871ddd93a8b0769fa24
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(2).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:28 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1687
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplusvk.in/city.com/img/f(3).txt
119.18.52.62200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(3).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash 59183bb0c357bdb97de4dc8b213a65d5
3d367827bdca980d192662f3a111f0e305298c2d
76fb126ee024dcf4a093ac4d3614448b9281355f1033a422fc929298e88fa877
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(3).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:28 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1687
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplusvk.in/city.com/img/f(4).txt
119.18.52.62200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(4).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash 0fd5231876c22268722a1e7165491c79
58c83e84250ac336d464a3dd3259f4bcf0abe847
6bb0c1eaae6f6770f889c139ca441c1c21ab76ba7cd86cb28600955f3ee15302
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(4).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:28 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1687
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplusvk.in/city.com/img/f(5).txt
119.18.52.62200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(5).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash aee303a04ab673a2672eb1f03d5948eb
e4815a021bb7f559a74f06af7d4bbb15f412c34f
2c3e0f1421ec0c865caf07a6fee834c43eb456613a9d1aee3a3db0c463c9d340
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(5).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:28 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1687
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplusvk.in/city.com/img/f(6).txt
119.18.52.62200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(6).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash 4de224726a52a4e597299903c0bb3e8d
3cf73c8bdaac20bd12ce5e1988eaad5360477cf7
85272ec3d43640c29bdc41f4f2f7c2942b2f96d76254e8b2802006eab8bc44fa
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(6).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:28 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1687
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplusvk.in/city.com/img/f(7).txt
119.18.52.62200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(7).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1706), with no line terminators
Hash 23d55fab0c56bb20c76f5581cdf86690
3252edaef11fb2fddbb4a8afdb691a6bcaa5751c
441dbbcac58f504c76ab5ff91afa232a4f7734790a9fd2345cad297f00537aa0
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(7).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:28 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1706
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplusvk.in/city.com/img/f(8).txt
119.18.52.62200 OK 1.7 kB URL HTTP/1.1 acadplusvk.in/city.com/img/f(8).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash 9b2c364e9da0124e5ab850764f97c6f7
9e3ba6ab87fc565c26c8a228e21ae56c93499a54
ec92c710f2d67faf40a7c39947630493ffd75ca46a82cfadde25e8eb05e53bf3
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(8).txt HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:28 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1687
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplusvk.in/city.com/img/bat.js
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/bat.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/bat.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:28 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
119.18.52.62200 OK 1.3 MB URL HTTP/1.1 acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (65017), with no line terminators
Size 1.3 MB (1263457 bytes)
Hash 05bc274118a209ed92dda2b6f1f3513c
8a1d98b811afa6ce31973058f405791def19488d
c49f7ec632ced66bfd8ac1ed0cc98a6c8e583f7b36e1faccf190a04955d39c01
GET /city.com/img/styles.a4a9307b7b034ca614a7.css HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:27 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1263457
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/css
acadplusvk.in/city.com/img/cedric.js
119.18.52.62200 OK 617 kB URL HTTP/1.1 acadplusvk.in/city.com/img/cedric.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (63761)
Size 617 kB (616835 bytes)
Hash f8f92080b98bd0fc50db4648e713e634
86897ee3830af2faf33ee5a7f742f25a291011c8
48451bef935eba4b7a149a7b6dc16cc7183e75cb2887d571a3382ae3f155686a
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cedric.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:27 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 616835
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/1-es2015.e6099f56b51f44414444.js
119.18.52.62200 OK 764 kB URL HTTP/1.1 acadplusvk.in/city.com/img/1-es2015.e6099f56b51f44414444.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65536), with no line terminators
Size 764 kB (763890 bytes)
Hash de7f2d520bd1683950d46b2c7fc79646
d9e8fe6842dd1937e46304d4811c10f8d538a184
6f56350d404b7363262ab1a2331f6ee082822c230c2dda9061439acb0ee2ea29
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/1-es2015.e6099f56b51f44414444.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:27 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 763890
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplusvk.in/city.com/img/citilogoredesign.png
119.18.52.62200 OK 1.8 kB URL HTTP/1.1 acadplusvk.in/city.com/img/citilogoredesign.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 89 x 89, 8-bit/color RGBA, non-interlaced\012- data
Hash b8c9db53b866a0120618cd396e1513f1
5cfe9732c78e4eb7365681834cdd682b977a0232
102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed
GET /city.com/img/citilogoredesign.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1799
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/social-media_youtube@3x.png
119.18.52.62200 OK 1.2 kB URL HTTP/1.1 acadplusvk.in/city.com/img/social-media_youtube@3x.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 72 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 3541c5442b1b90b4efe20ab4b2802323
ad778d35efc7b9950d2158d800b61966204b75d8
be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8
GET /city.com/img/social-media_youtube@3x.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1175
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/laptop-and-phone-pairing.png
119.18.52.62200 OK 3.0 kB URL HTTP/1.1 acadplusvk.in/city.com/img/laptop-and-phone-pairing.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 132 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash b046a1c58205ebfbee7886df2de485b5
05a4dd6b988a6c55afa3225780e341e5db52a787
a9a43473908fb995ecdc6bd80d80fd42d3e43bf31687aff0978d7389de2573aa
GET /city.com/img/laptop-and-phone-pairing.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 3044
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/social-media_twitter@3x.png
119.18.52.62200 OK 1.3 kB URL HTTP/1.1 acadplusvk.in/city.com/img/social-media_twitter@3x.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 66 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 60b0fec951727b4762fabc2570a1317f
56f9ed9699233f4cef1317a9a2c83179070b5e8a
5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837
GET /city.com/img/social-media_twitter@3x.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1277
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/googlePlay@3x.png
119.18.52.62200 OK 25 kB URL HTTP/1.1 acadplusvk.in/city.com/img/googlePlay@3x.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 390 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 27b0482f8ebba1e3cc92d2eee497497e
379e9e2ed883250c02736c151a47d38248285572
a079bb0d5590826bcc664715122004dff51e76c79608bc29f586c9388b623b77
GET /city.com/img/googlePlay@3x.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 25077
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/logo.js
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/logo.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/logo.js HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=7d10110b-3c9d-4d1f-bcfd-23b8f27f20f3.1665173668.1.1665173668.1665173668.7702b2e8-9c7d-4666-a3cc-bac30997e8e7; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C62449068483450838070420606296839161004%7CMCAID%7C31A04452FB4C1F35-600004ECA70002F9%7CMCOPTOUT-1665180869s%7CNONE%7CMCAAMLH-1665778469%7C6%7CMCAAMB-1665778469%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; _cls_v=e0857509-2bd0-48d0-baf5-81bbea0e23cc; _cls_s=54bc83aa-d1ef-4d37-bbf7-17b157937de9:0; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/phone.png
119.18.52.62200 OK 9.9 kB URL HTTP/1.1 acadplusvk.in/city.com/img/phone.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 396 x 270, 8-bit/color RGBA, non-interlaced\012- data
Hash 448436abd4bc903abc9a9c53cdd2fe5e
1f3731747ded20c04b25009d3a570d1164ddf1ed
5df469ee4da2bc124065cb8df0e24173c5cbc8b9e0c807960fc39c93ffb640c8
GET /city.com/img/phone.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 9873
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/icon_globe_med-grey@2x.svg
119.18.52.62200 OK 3.5 kB URL HTTP/1.1 acadplusvk.in/city.com/img/icon_globe_med-grey@2x.svg
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (2189)
Hash 8409dd31d1b13d560ad4b9ae144054f7
37114f6c37aa187f5bdc360547678f22eaa9d9c6
a593628f2d5ba814f37fbcd3963162f094c2764d4b15d82464c2d1aef92f150f
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/icon_globe_med-grey@2x.svg HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 3523
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/svg+xml
acadplusvk.in/city.com/img/050-location@2x.svg
119.18.52.62200 OK 1.8 kB URL HTTP/1.1 acadplusvk.in/city.com/img/050-location@2x.svg
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (785)
Hash 2a7528b41a09c242728c2805a6c37219
44f73d9270a82962219bb314894d5b5624c55631
6336ae7b60dff18e0a37721a3a19fd5e18568577a64faa662969d35966dbf72b
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/050-location@2x.svg HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1752
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/svg+xml
acadplusvk.in/city.com/img/social-media_facebook@3x.png
119.18.52.62200 OK 445 B URL HTTP/1.1 acadplusvk.in/city.com/img/social-media_facebook@3x.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 27 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f627e41e84a3b87f57c9de2e3a722d0
a7d350d9d267149f60b46a454f021920f89df877
695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b
GET /city.com/img/social-media_facebook@3x.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 445
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/appStore@3x.png
119.18.52.62200 OK 20 kB URL HTTP/1.1 acadplusvk.in/city.com/img/appStore@3x.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 351 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash d461f4d2e32e339372869b3f4be72007
d8e3a847a7d18c3948617f75622f6cd27bd4cd54
87c763c6b05015e55915d0a1e6647e4e5d0b996e78d79e1afe228dd33b68e65b
GET /city.com/img/appStore@3x.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 20047
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/laptop-and-phone-success.png
119.18.52.62200 OK 2.5 kB URL HTTP/1.1 acadplusvk.in/city.com/img/laptop-and-phone-success.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 132 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash d63ac8356aa91fa9f070d79dadaed88f
7990f46b70c992de92c29e2361ddf9f0bf369869
e5c725c5a6510cd7323ff66fa032e69cfe7aec1dd042911cae0607d071670eec
GET /city.com/img/laptop-and-phone-success.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 2544
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/EqualHousing.png
119.18.52.62200 OK 1.6 kB URL HTTP/1.1 acadplusvk.in/city.com/img/EqualHousing.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 29 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash 83a5bb8d054fc7b4adab0615c487dc25
8a26d8e39da754c8f63d2a3122ed87a6e4a7f369
f23485e8b9c368f28f18a0bb110573df79c00ac3a2ca71d68017db100207639d
GET /city.com/img/EqualHousing.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1606
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplusvk.in/city.com/img/qrsignon.png
119.18.52.62200 OK 741 B URL HTTP/1.1 acadplusvk.in/city.com/img/qrsignon.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash a5ee9c25c190474a2efe66a609a2ca19
890832b6a7115abd51f480dce8e74206f06a428a
dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683
GET /city.com/img/qrsignon.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 741
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
online.citi.com/nga-lite-signon/LSO_4959.jpg
23.13.42.166200 OK 108 kB URL HTTP/2 online.citi.com/nga-lite-signon/LSO_4959.jpg
IP 23.13.42.166:0
File type JPEG image data, progressive, precision 8, 2160x600, components 3\012- data
Size 108 kB (108233 bytes)
Hash 7dd9aa1bc81d1bf0e77e3e08de814096
0e251835579aa147fd88c76b85b74359856c6de9
dbdebfcc2ed9932006edcfc7f8190ca5c9a04ff737e990645712ccc33e5ce070
GET /nga-lite-signon/LSO_4959.jpg HTTP/1.1
Host: online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 13:54:04 GMT
accept-ranges: bytes
content-length: 108233
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-type: image/jpeg
date: Fri, 07 Oct 2022 20:14:30 GMT
set-cookie: AKMTLTSID=17CB6F5CD31675551690D3B468029483; path=/; domain=citi.com; secure
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-Firefox-Spdy: h2
acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=7d10110b-3c9d-4d1f-bcfd-23b8f27f20f3.1665173668.1.1665173668.1665173668.7702b2e8-9c7d-4666-a3cc-bac30997e8e7; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C62449068483450838070420606296839161004%7CMCAID%7C31A04452FB4C1F35-600004ECA70002F9%7CMCOPTOUT-1665180869s%7CNONE%7CMCAAMLH-1665778469%7C6%7CMCAAMB-1665778469%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; _cls_v=e0857509-2bd0-48d0-baf5-81bbea0e23cc; _cls_s=54bc83aa-d1ef-4d37-bbf7-17b157937de9:0; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173670398-B754C849-3273-43DF-9BB5-C6C81006BE14
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=7d10110b-3c9d-4d1f-bcfd-23b8f27f20f3.1665173668.1.1665173668.1665173668.7702b2e8-9c7d-4666-a3cc-bac30997e8e7; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C62449068483450838070420606296839161004%7CMCAID%7C31A04452FB4C1F35-600004ECA70002F9%7CMCOPTOUT-1665180869s%7CNONE%7CMCAAMLH-1665778469%7C6%7CMCAAMB-1665778469%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; _cls_v=e0857509-2bd0-48d0-baf5-81bbea0e23cc; _cls_s=54bc83aa-d1ef-4d37-bbf7-17b157937de9:0; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173670398-B754C849-3273-43DF-9BB5-C6C81006BE14
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=7d10110b-3c9d-4d1f-bcfd-23b8f27f20f3.1665173668.1.1665173668.1665173668.7702b2e8-9c7d-4666-a3cc-bac30997e8e7; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C62449068483450838070420606296839161004%7CMCAID%7C31A04452FB4C1F35-600004ECA70002F9%7CMCOPTOUT-1665180869s%7CNONE%7CMCAAMLH-1665778469%7C6%7CMCAAMB-1665778469%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; _cls_v=e0857509-2bd0-48d0-baf5-81bbea0e23cc; _cls_s=54bc83aa-d1ef-4d37-bbf7-17b157937de9:0; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173670398-B754C849-3273-43DF-9BB5-C6C81006BE14
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/cbol-pre-login-static-assets/assets/partner-login/qr/images/qrsignon-1.png
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/cbol-pre-login-static-assets/assets/partner-login/qr/images/qrsignon-1.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /cbol-pre-login-static-assets/assets/partner-login/qr/images/qrsignon-1.png HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=7d10110b-3c9d-4d1f-bcfd-23b8f27f20f3.1665173668.1.1665173668.1665173668.7702b2e8-9c7d-4666-a3cc-bac30997e8e7; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C62449068483450838070420606296839161004%7CMCAID%7C31A04452FB4C1F35-600004ECA70002F9%7CMCOPTOUT-1665180869s%7CNONE%7CMCAAMLH-1665778469%7C6%7CMCAAMB-1665778469%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; _cls_v=e0857509-2bd0-48d0-baf5-81bbea0e23cc; _cls_s=54bc83aa-d1ef-4d37-bbf7-17b157937de9:0; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173670398-B754C849-3273-43DF-9BB5-C6C81006BE14
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=7d10110b-3c9d-4d1f-bcfd-23b8f27f20f3.1665173668.1.1665173668.1665173668.7702b2e8-9c7d-4666-a3cc-bac30997e8e7; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C62449068483450838070420606296839161004%7CMCAID%7C31A04452FB4C1F35-600004ECA70002F9%7CMCOPTOUT-1665180869s%7CNONE%7CMCAAMLH-1665778469%7C6%7CMCAAMB-1665778469%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; _cls_v=e0857509-2bd0-48d0-baf5-81bbea0e23cc; _cls_s=54bc83aa-d1ef-4d37-bbf7-17b157937de9:0; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173670398-B754C849-3273-43DF-9BB5-C6C81006BE14
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=7d10110b-3c9d-4d1f-bcfd-23b8f27f20f3.1665173668.1.1665173668.1665173668.7702b2e8-9c7d-4666-a3cc-bac30997e8e7; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C62449068483450838070420606296839161004%7CMCAID%7C31A04452FB4C1F35-600004ECA70002F9%7CMCOPTOUT-1665180869s%7CNONE%7CMCAAMLH-1665778469%7C6%7CMCAAMB-1665778469%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; _cls_v=e0857509-2bd0-48d0-baf5-81bbea0e23cc; _cls_s=54bc83aa-d1ef-4d37-bbf7-17b157937de9:0; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173670398-B754C849-3273-43DF-9BB5-C6C81006BE14
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=7d10110b-3c9d-4d1f-bcfd-23b8f27f20f3.1665173668.1.1665173668.1665173668.7702b2e8-9c7d-4666-a3cc-bac30997e8e7; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C62449068483450838070420606296839161004%7CMCAID%7C31A04452FB4C1F35-600004ECA70002F9%7CMCOPTOUT-1665180869s%7CNONE%7CMCAAMLH-1665778469%7C6%7CMCAAMB-1665778469%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; _cls_v=e0857509-2bd0-48d0-baf5-81bbea0e23cc; _cls_s=54bc83aa-d1ef-4d37-bbf7-17b157937de9:0; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173670398-B754C849-3273-43DF-9BB5-C6C81006BE14
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
citi.demdex.net/dest5.html?d_nsid=0
34.242.155.96200 OK 2.8 kB URL HTTP/1.1 citi.demdex.net/dest5.html?d_nsid=0
IP 34.242.155.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: citi.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Fri, 7 Oct 2022 20:14:30 GMT
DCS: dcs-prod-irl1-1-v044-027b6770c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 29 Sep 2022 16:23:21 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: edmx4VngQuU=
Content-Length: 2791
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f1dd147f2fb2aa13c04d6a302fc3ac17
019b0340f20c582cb07049c1f637d3c1cc2b3de9
699482ac85d20d0a396a62cf1712b4d32c7bde9024f2beed84272c818283d718
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6499
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:30 GMT
Last-Modified: Fri, 07 Oct 2022 18:26:11 GMT
Server: ECS (amb/6B9E)
X-Cache: HIT
Content-Length: 471
acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Light.woff
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Light.woff
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Light.woff HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=7d10110b-3c9d-4d1f-bcfd-23b8f27f20f3.1665173668.1.1665173668.1665173668.7702b2e8-9c7d-4666-a3cc-bac30997e8e7; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C62449068483450838070420606296839161004%7CMCAID%7C31A04452FB4C1F35-600004ECA70002F9%7CMCOPTOUT-1665180869s%7CNONE%7CMCAAMLH-1665778469%7C6%7CMCAAMB-1665778469%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; _cls_v=e0857509-2bd0-48d0-baf5-81bbea0e23cc; _cls_s=54bc83aa-d1ef-4d37-bbf7-17b157937de9:0; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173670398-B754C849-3273-43DF-9BB5-C6C81006BE14
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=7d10110b-3c9d-4d1f-bcfd-23b8f27f20f3.1665173668.1.1665173668.1665173668.7702b2e8-9c7d-4666-a3cc-bac30997e8e7; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C62449068483450838070420606296839161004%7CMCAID%7C31A04452FB4C1F35-600004ECA70002F9%7CMCOPTOUT-1665180869s%7CNONE%7CMCAAMLH-1665778469%7C6%7CMCAAMB-1665778469%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; _cls_v=e0857509-2bd0-48d0-baf5-81bbea0e23cc; _cls_s=54bc83aa-d1ef-4d37-bbf7-17b157937de9:0; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173670398-B754C849-3273-43DF-9BB5-C6C81006BE14
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.woff
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.woff
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.woff HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=7d10110b-3c9d-4d1f-bcfd-23b8f27f20f3.1665173668.1.1665173668.1665173668.7702b2e8-9c7d-4666-a3cc-bac30997e8e7; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C62449068483450838070420606296839161004%7CMCAID%7C31A04452FB4C1F35-600004ECA70002F9%7CMCOPTOUT-1665180869s%7CNONE%7CMCAAMLH-1665778469%7C6%7CMCAAMB-1665778469%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; _cls_v=e0857509-2bd0-48d0-baf5-81bbea0e23cc; _cls_s=54bc83aa-d1ef-4d37-bbf7-17b157937de9:0; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173670398-B754C849-3273-43DF-9BB5-C6C81006BE14
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
52.154.174.214200 OK 1.3 kB URL HTTP/2 contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
IP 52.154.174.214:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (1317), with no line terminators
Hash 3cba39f6a04d29b53f3b5c557136cd4d
d51e99adbdb778d9a04ffa03b04ec9cd1800225f
df56adb352b6b78fbe08d7d62e42249a94402c3b756b29de2a752adb55bc3b60
POST /client/v3.1/web/wup?cid=cedric HTTP/1.1
Host: contents2.00110.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 172
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 1317
date: Fri, 07 Oct 2022 20:14:30 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: 5960dab2-0335-4fb3-b463-060a52d6e27b
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Light.ttf
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Light.ttf
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Light.ttf HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=7d10110b-3c9d-4d1f-bcfd-23b8f27f20f3.1665173668.1.1665173668.1665173668.7702b2e8-9c7d-4666-a3cc-bac30997e8e7; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C62449068483450838070420606296839161004%7CMCAID%7C31A04452FB4C1F35-600004ECA70002F9%7CMCOPTOUT-1665180869s%7CNONE%7CMCAAMLH-1665778469%7C6%7CMCAAMB-1665778469%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; _cls_v=e0857509-2bd0-48d0-baf5-81bbea0e23cc; _cls_s=54bc83aa-d1ef-4d37-bbf7-17b157937de9:0; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173670398-B754C849-3273-43DF-9BB5-C6C81006BE14
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=7d10110b-3c9d-4d1f-bcfd-23b8f27f20f3.1665173668.1.1665173668.1665173668.7702b2e8-9c7d-4666-a3cc-bac30997e8e7; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C62449068483450838070420606296839161004%7CMCAID%7C31A04452FB4C1F35-600004ECA70002F9%7CMCOPTOUT-1665180869s%7CNONE%7CMCAAMLH-1665778469%7C6%7CMCAAMB-1665778469%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; _cls_v=e0857509-2bd0-48d0-baf5-81bbea0e23cc; _cls_s=54bc83aa-d1ef-4d37-bbf7-17b157937de9:0; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173670398-B754C849-3273-43DF-9BB5-C6C81006BE14
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:29 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplusvk.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.ttf
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.ttf
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.ttf HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=7d10110b-3c9d-4d1f-bcfd-23b8f27f20f3.1665173668.1.1665173668.1665173668.7702b2e8-9c7d-4666-a3cc-bac30997e8e7; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C62449068483450838070420606296839161004%7CMCAID%7C31A04452FB4C1F35-600004ECA70002F9%7CMCOPTOUT-1665180869s%7CNONE%7CMCAAMLH-1665778469%7C6%7CMCAAMB-1665778469%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; _cls_v=e0857509-2bd0-48d0-baf5-81bbea0e23cc; _cls_s=54bc83aa-d1ef-4d37-bbf7-17b157937de9:0; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173670398-B754C849-3273-43DF-9BB5-C6C81006BE14
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:30 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 12935dcd89c3ab7d9c78083be1767d01
42b657e22ebb717fd456ade4fb281f82dc6aae05
0c0a0968e628d03d05cad813929b75b6ddf4a51f98336ca60720c058b965e9c5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 23:15:45 GMT
Expires: Thu, 13 Oct 2022 23:15:44 GMT
Etag: "42b657e22ebb717fd456ade4fb281f82dc6aae05"
Cache-Control: max-age=528672,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75694db4bd8db505-OSL
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
54.230.111.12200 OK 221 B URL HTTP/2 1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
IP 54.230.111.12:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 221
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 07 Oct 2022 10:05:30 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BgxN0gpXOJEh0bkHz0p1Jey2wbBBoKCeXuSBs7vc69gaEBsJiXZWCA==
age: 36542
X-Firefox-Spdy: h2
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
54.230.111.12200 OK 3.2 kB URL HTTP/2 1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP 54.230.111.12:0
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 07 Oct 2022 12:14:43 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OPFOSQv15Ka-_1nea_CLeGe94oOYq_6_2Xby_DFWpj3y_35FABZYNw==
age: 28789
X-Firefox-Spdy: h2
acadplusvk.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Light.woff
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Light.woff
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/commonui-assets/fonts/interstate/Interstate-Light.woff HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=7d10110b-3c9d-4d1f-bcfd-23b8f27f20f3.1665173668.1.1665173668.1665173668.7702b2e8-9c7d-4666-a3cc-bac30997e8e7; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C62449068483450838070420606296839161004%7CMCAID%7C31A04452FB4C1F35-600004ECA70002F9%7CMCOPTOUT-1665180869s%7CNONE%7CMCAAMLH-1665778469%7C6%7CMCAAMB-1665778469%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; _cls_v=e0857509-2bd0-48d0-baf5-81bbea0e23cc; _cls_s=54bc83aa-d1ef-4d37-bbf7-17b157937de9:0; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173670398-B754C849-3273-43DF-9BB5-C6C81006BE14; cdSNum=1665173671018-sjn0000825-711880b1-87e9-4796-a95e-657b40c6bd12
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:30 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash eaa32bc70d58ee3e9cefd05cb9e45209
b4a2ddb3627b993cc0207e945257777a8ef9c4ff
d2bc78bf694beade4f35a9a1622d7ff5062e6308c3ea49d14e0ee638f2100fa6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:31 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 12:17:23 GMT
Expires: Wed, 12 Oct 2022 12:17:22 GMT
Etag: "b4a2ddb3627b993cc0207e945257777a8ef9c4ff"
Cache-Control: max-age=402770,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75694db4b8d31c0a-OSL
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
54.230.111.57200 OK 221 B URL HTTP/2 1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
IP 54.230.111.57:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 221
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Thu, 06 Oct 2022 20:41:29 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rIKr0XQ7afpET5Q1DIdV3ShYvgSZKhcaYyRzzmEfxtLeqjmOFoEHlQ==
age: 84783
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 17bd1690c05397decb295426d69e3b46
d3a4f786efca24dfec8cc4ce8de2a467cdb90517
89d33e33c3b5ac0e3e943be0740c8e756ba40a97dc0a99ab0492c9cd4e07084f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:31 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 07 Oct 2022 18:00:08 GMT
Expires: Fri, 14 Oct 2022 18:00:07 GMT
Etag: "d3a4f786efca24dfec8cc4ce8de2a467cdb90517"
Cache-Control: max-age=596135,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75694db4bc0cb512-OSL
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
54.230.111.64200 OK 221 B URL HTTP/2 1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
IP 54.230.111.64:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.c81358859121583b7adf2ace89cb39f44.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 221
date: Fri, 07 Oct 2022 13:29:27 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wmxs4pvJIAEhOmFsGG8q4KpoVvH9CrihIyJAvkZWPrBWDpktTMawsQ==
age: 24305
X-Firefox-Spdy: h2
acadplusvk.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Light.ttf
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplusvk.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Light.ttf
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/commonui-assets/fonts/interstate/Interstate-Light.ttf HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.a87c=*; _dpm_id.a87c=7d10110b-3c9d-4d1f-bcfd-23b8f27f20f3.1665173668.1.1665173668.1665173668.7702b2e8-9c7d-4666-a3cc-bac30997e8e7; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19273%7CMCMID%7C62449068483450838070420606296839161004%7CMCAID%7C31A04452FB4C1F35-600004ECA70002F9%7CMCOPTOUT-1665180869s%7CNONE%7CMCAAMLH-1665778469%7C6%7CMCAAMB-1665778469%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; _cls_v=e0857509-2bd0-48d0-baf5-81bbea0e23cc; _cls_s=54bc83aa-d1ef-4d37-bbf7-17b157937de9:0; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1; cdContextId=1; bmuid=1665173670398-B754C849-3273-43DF-9BB5-C6C81006BE14; cdSNum=1665173671018-sjn0000825-711880b1-87e9-4796-a95e-657b40c6bd12
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 07 Oct 2022 20:14:30 GMT
Server: Apache
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
54.230.111.57200 OK 3.2 kB URL HTTP/2 1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP 54.230.111.57:0
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
date: Thu, 06 Oct 2022 21:57:01 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2NeTnU2HOxmQ3Fk7BR2JXf61M-7NN_rcjB6RaF3-kxJPaccpt81X6A==
age: 80251
X-Firefox-Spdy: h2
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
54.230.111.64200 OK 3.2 kB URL HTTP/2 1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP 54.230.111.64:0
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.c81358859121583b7adf2ace89cb39f44.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
date: Fri, 07 Oct 2022 08:21:50 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LGE_uTuV_wXQRogMWZuS6VbGj_y_zzs72BppM1P-0hMZnvyLpgFTXQ==
age: 42762
X-Firefox-Spdy: h2
nexus.ensighten.com/error/e.gif?msg=_dl%20is%20not%20defined&lnn=481&fn=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Fimg%2FBootstrap.js&cid=1129&client=citi&publishPath=na_prod&rid=3092996&did=622672&errorName=ReferenceError
54.230.111.35204 No Content 0 B URL HTTP/2 nexus.ensighten.com/error/e.gif?msg=_dl%20is%20not%20defined&lnn=481&fn=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Fimg%2FBootstrap.js&cid=1129&client=citi&publishPath=na_prod&rid=3092996&did=622672&errorName=ReferenceError
IP 54.230.111.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /error/e.gif?msg=_dl%20is%20not%20defined&lnn=481&fn=https%3A%2F%2Facadplusvk.in%2Fcity.com%2Fimg%2FBootstrap.js&cid=1129&client=citi&publishPath=na_prod&rid=3092996&did=622672&errorName=ReferenceError HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: CloudFront
date: Fri, 07 Oct 2022 01:05:19 GMT
cache-control: no-cache, no-store
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MFCi53VoPRvG7RDcXBO5yhdyouvCSN7C_YcgyThq2ED34nzJCeicug==
age: 68952
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 579e733097a7260db68f6ab5fc4ab3c9
bcee618650f7eb1595974812db6995d7ee0e9764
c025aa32afae5edb4c793bcc3076c86ae945438c7d2e96f7847054aeb1ed690b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 579e733097a7260db68f6ab5fc4ab3c9
bcee618650f7eb1595974812db6995d7ee0e9764
c025aa32afae5edb4c793bcc3076c86ae945438c7d2e96f7847054aeb1ed690b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 38c8ed81c69d2af0003394c9fb9274c5
a71c6fb6d685275f8a8c7d9d87860df08a450038
fdff30d374603ecd62c6d244a1175731787725dba48777122802055969be28f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 579e733097a7260db68f6ab5fc4ab3c9
bcee618650f7eb1595974812db6995d7ee0e9764
c025aa32afae5edb4c793bcc3076c86ae945438c7d2e96f7847054aeb1ed690b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 03ea6d00987a7103101ce9cfe249e8bd
fb4341ca68ae858b8ba2900e3440ac08285a9ac9
de7708ce0488e96aaf2f1121edc18de8dbaab64ce7ecb2867bf3183d1ce181d7
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 07 Oct 2022 20:14:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 06 Oct 2022 23:19:07 GMT
Expires: Fri, 07 Oct 2022 23:19:07 GMT
ETag: "fb4341ca68ae858b8ba2900e3440ac08285a9ac9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.citi.com/cbol-pre-login-static-assets/assets/favicon.ico
104.110.29.32200 OK 8.1 kB URL HTTP/1.1 www.citi.com/cbol-pre-login-static-assets/assets/favicon.ico
IP 104.110.29.32:0
File type PNG image data, 367 x 367, 8-bit/color RGBA, non-interlaced\012- data
Hash 7408f1858b7d67263a001f84022b33a4
89161c6255a5559cc1282c5a9c7d4d84623bd12f
0cffb7ed99266581c5b90b6b2d8c758232f6746f9784ead6ae85725806691eb6
GET /cbol-pre-login-static-assets/assets/favicon.ico HTTP/1.1
Host: www.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/x-icon
Accept-Ranges: bytes
Access-Control-Max-Age: 2147483647
Content-Encoding: gzip
Dclocation: GT1DMS
ETag: W/"222b-1832c19c958"
Last-Modified: Sun, 11 Sep 2022 10:30:31 GMT
Nonce: 5832969664633891
Referrer-Policy: no-referrer
Scope: VISITOR
Sid: 45ec3dcf-f728-4c78-9d83-e2a95904a15d
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Uuid: c7341cab-3099-4279-bbd9-6dfa6fca7504
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Vcap-Request-Id: 796e9db3-5c1e-4b72-4e3e-b0a772dd8e02
X-Xss-Protection: 1 ; mode=block
X-Akamai-CITISITE: GTDC
Content-Length: 8116
Cache-Control: public, no-transform, max-age=21600
Expires: Sat, 08 Oct 2022 02:14:31 GMT
Date: Fri, 07 Oct 2022 20:14:31 GMT
Connection: keep-alive
Set-Cookie: AKMTLTSID=48D5CFD6F09BB2400053CFB9FB6DE9B1; path=/; domain=citi.com; secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
www.google.com/pagead/1p-user-list/916451471/?random=1645199688127&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1013547421&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/916451471/?random=1645199688127&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1013547421&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/916451471/?random=1645199688127&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1013547421&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/819500023/?random=1645199688162&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=934572699&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/819500023/?random=1645199688162&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=934572699&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/819500023/?random=1645199688162&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=934572699&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/959299794/?random=1645199688176&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2969722864&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/959299794/?random=1645199688176&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2969722864&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/959299794/?random=1645199688176&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2969722864&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/695231162/?random=1645199688136&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2490011135&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/695231162/?random=1645199688136&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2490011135&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/695231162/?random=1645199688136&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2490011135&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/644574043/?random=1645199688142&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3716761758&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/644574043/?random=1645199688142&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3716761758&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/644574043/?random=1645199688142&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3716761758&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/830907969/?random=1645199688154&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3929776891&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/830907969/?random=1645199688154&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3929776891&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/830907969/?random=1645199688154&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3929776891&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/960621875/?random=1645199688150&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3640341865&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/960621875/?random=1645199688150&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3640341865&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/960621875/?random=1645199688150&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3640341865&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/975701947/?random=1645199688158&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3742915801&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/975701947/?random=1645199688158&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3742915801&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/975701947/?random=1645199688158&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3742915801&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 74b63831a0a449c3e37b584db0009072
929f9f036c4a6a078c51c3b3dc2a7f902c9ee9ac
686845b4cf9a67078f03cb221ce13175a72074f6aa3804ba4fa06623ab856bae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=6A047B8197004E81A37D569BF0D2F4D6&RedC=c.clarity.ms&MXFR=091576C24EBB65E73CA664F44ABB6B0A
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=091576C24EBB65E73CA664F44ABB6B0A; domain=.clarity.ms; expires=Wed, 01-Nov-2023 20:14:31 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Fri, 07 Oct 2022 20:14:31 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash ab2b7d996f9349fc41869dd032af9539
30763523f8aec56dd406c6b1750484662d14e60f
cee36007cd227e85bc6f1d3c0901a5cbcb9f52a8a7563d90b697cb2b67c42e47
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 07 Oct 2022 20:14:31 GMT
Last-Modified: Fri, 07 Oct 2022 19:00:30 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SjWqmwXygJlSYb2Hn-VVhq5yP5MQkqU9NweEG97qyfHD3GMQaqoWHg==
Age: 4441
cm.everesttech.net/cm/dd?d_uuid=68482240982187679320897853547834391823
34.251.26.3302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=68482240982187679320897853547834391823
IP 34.251.26.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=68482240982187679320897853547834391823 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Fri, 07 Oct 2022 20:14:31 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y0CIpwAAAHmKOQNn; Domain=.everesttech.net; Expires=Sat, 07-Oct-2023 20:14:31 GMT; Path=/
everest_session_v2=Y0CIpwAAAHmKOgNn; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y0CIpwAAAHmKOQNn
Server: AMO-cookiemap/1.1
nexus.ensighten.com/citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963
54.230.111.35200 OK 989 B URL HTTP/2 nexus.ensighten.com/citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963
IP 54.230.111.35:0
File type ASCII text, with very long lines (524)
Hash a88ee16d6636b998b8a6bb0eedf3a3bb
84b7338657d33ace2048bf6b6e3b8b3fa649548a
7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110
GET /citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 989
date: Fri, 22 Jul 2022 05:10:06 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Jul 2021 20:01:14 GMT
etag: "a88ee16d6636b998b8a6bb0eedf3a3bb"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: .wEMJ82rme0Ajy8MXYWYMqCLOS4zdOlx
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kQONYG8yoixdM6Ayl_jBMkK4YCc7zUYN1E9Z2Q7APF52tDFBdeo_kQ==
age: 6707066
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=411&dpuuid=Y0CIpwAAAHmKOQNn
52.211.12.99302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y0CIpwAAAHmKOQNn
IP 52.211.12.99:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y0CIpwAAAHmKOQNn HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acadplusvk.in/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v044-0deb8e9c6.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y0CIpwAAAHmKOQNn
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=46213281759972088143595104616780938950; Max-Age=15552000; Expires=Wed, 05 Apr 2023 20:14:31 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: nKMsKlzNS8w=
Content-Length: 0
Connection: keep-alive
c1.rfihub.net/js/tc.min.js
54.230.111.62200 OK 6.2 kB URL HTTP/2 c1.rfihub.net/js/tc.min.js
IP 54.230.111.62:0
File type C source, ASCII text, with very long lines (19497)
Hash ab5a2e3f2414c0a2b622e48c0b6da2fd
1a894787bde6cbf9b58d47b8f4245607420112ad
a5ef19cf7ca85f760c462ed2f228430c8d0a6d9daf3aa34894a5c42113cfdb8f
GET /js/tc.min.js HTTP/1.1
Host: c1.rfihub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6162
date: Fri, 07 Oct 2022 19:29:40 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
expires: Fri, 07 Oct 2022 20:29:40 GMT
last-modified: Fri, 07 Oct 2022 19:29:30 GMT
content-encoding: gzip
server: Jetty(9.3.29.v20201019)
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oiXynxkgeJjmA3hzuK96P2CAzlJtIC3gj2czRQzf5TzAqBigol060Q==
age: 2692
X-Firefox-Spdy: h2
nexus.ensighten.com/citi/na_prod/code/50e387a65c7b171989d0eec776cc168f.js?conditionId0=421908
54.230.111.35200 OK 32 kB URL HTTP/2 nexus.ensighten.com/citi/na_prod/code/50e387a65c7b171989d0eec776cc168f.js?conditionId0=421908
IP 54.230.111.35:0
File type ASCII text, with very long lines (557)
Hash c792b6fc6f71b1134f16b73dc83fdb46
01eceb468299b9070cb8c44fc0d7d88c408e3685
4abe7f970aa65e2f3a39dcd3e0325165ab80435caef83c018b772937220cd513
GET /citi/na_prod/code/50e387a65c7b171989d0eec776cc168f.js?conditionId0=421908 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 07 Oct 2022 17:08:31 GMT
x-amz-replication-status: PENDING
last-modified: Fri, 07 Oct 2022 17:08:18 GMT
etag: W/"864252f00f6077facba2ffdca7069e58"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: U6QBn4XOxjM.RiW.AaE5YkaRGWVR.wjC
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zz_4UGnOQ8SGEOx2-ITmdv8f48zxEcUOVD-UwI9qpr-Ehy7vNsB5IA==
age: 11161
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 00776157dc98913405595c4b126e9ee2
8ee3950fa60340b03e0c53c8e5e07d18321a69f0
daa313ad6f0cb705d8a4fdb55aa65ffd6c1695326409c2ccf378e3c7e36de35c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nexus.ensighten.com/citi/na_prod/code/2fec4c7c6dc69d561844935cdcfc1d5c.js?conditionId0=467299
54.230.111.35200 OK 53 kB URL HTTP/2 nexus.ensighten.com/citi/na_prod/code/2fec4c7c6dc69d561844935cdcfc1d5c.js?conditionId0=467299
IP 54.230.111.35:0
File type ASCII text, with very long lines (615)
Hash 9b2df469435d55dff0e9ff9d12b1bc61
583144db4bc56c06dea3a8b42772fe166d556807
c57766be69d10dcd83a06e916f85d72fd0b96cb775a3c33fb4f42b4a4a9b6b70
GET /citi/na_prod/code/2fec4c7c6dc69d561844935cdcfc1d5c.js?conditionId0=467299 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 16 Aug 2022 21:43:10 GMT
x-amz-replication-status: PENDING
last-modified: Tue, 16 Aug 2022 21:43:05 GMT
etag: W/"6ee8c75c11d701bd85d6e3c25093c469"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: jza8GqxZGhVz18cCFAItH4ZpiQFQqNOt
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: quE85E7Hj3buXG2Swoxrbu_76ae5mJLQYATA3J6meXEKiVA-V1SJ5w==
age: 4487482
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 00776157dc98913405595c4b126e9ee2
8ee3950fa60340b03e0c53c8e5e07d18321a69f0
daa313ad6f0cb705d8a4fdb55aa65ffd6c1695326409c2ccf378e3c7e36de35c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.clarity.ms/c.gif?CtsSyncId=6A047B8197004E81A37D569BF0D2F4D6&MUID=186009118E7567BA0DB01B278F226686
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=6A047B8197004E81A37D569BF0D2F4D6&MUID=186009118E7567BA0DB01B278F226686
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=6A047B8197004E81A37D569BF0D2F4D6&MUID=186009118E7567BA0DB01B278F226686 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acadplusvk.in/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Fri, 07-Oct-2022 20:24:32 GMT; path=/; SameSite=None; Secure;
date: Fri, 07 Oct 2022 20:14:32 GMT
content-length: 42
X-Firefox-Spdy: h2
contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
52.154.174.214200 OK 558 B URL HTTP/2 contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
IP 52.154.174.214:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (558), with no line terminators
Hash 937c48d51e5d9bc6631e0b06a85dc434
dded4a3036805a1eedeabb629bd0cdba5a45b861
4e580e24be32d079c3d0e6d0d74990456c3f7a99a016ddf7b51f0789db0a2195
POST /client/v3.1/web/wup?cid=cedric HTTP/1.1
Host: contents2.00110.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2658
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 558
date: Fri, 07 Oct 2022 20:14:31 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: 75a7fcb4-f771-47ba-aa9e-599b6fc6585e
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y0CIpwAAAHmKOQNn
52.211.12.99200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y0CIpwAAAHmKOQNn
IP 52.211.12.99:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y0CIpwAAAHmKOQNn HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acadplusvk.in/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v044-027b6770c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: HLYVXW3rRjI=
Content-Length: 59
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4a3537782727d0cd620456d32a8cfe81
3dcf889c6b528df6edbc76942729d6ee23d40bd6
dbeca37bb01f7549e346005a57f8887fe161c10ea813fbe54fffbe17c68a4994
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 02:15:46 GMT
Expires: Wed, 12 Oct 2022 02:15:45 GMT
Etag: "3dcf889c6b528df6edbc76942729d6ee23d40bd6"
Cache-Control: max-age=366672,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75694dba8ed31c0a-OSL
nexus.ensighten.com/citi/na_prod/code/557566dc60916e3de69e006bef252459.js?conditionId0=4837456
54.230.111.35200 OK 778 B URL HTTP/2 nexus.ensighten.com/citi/na_prod/code/557566dc60916e3de69e006bef252459.js?conditionId0=4837456
IP 54.230.111.35:0
File type ASCII text, with very long lines (1964)
Hash dfcbb9de0921be2bf9c2c3e61ad2f322
f148b87376da4c033f81c9e2b3efc3762c54397f
9275dda5f43baa78553da048e931dc0dc6bd26468fc3820f7e09d719f79a3881
GET /citi/na_prod/code/557566dc60916e3de69e006bef252459.js?conditionId0=4837456 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 22 Jul 2022 04:43:02 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Jul 2021 20:01:09 GMT
etag: W/"c12999fcad47ab9cba1967b8c736048d"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: nE2jchQRxt_gtDKDOvHRLQGyp_MKp2PL
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: y7OPbq-NZrdUQPOCQqU458ZG9bKJOLtSAagbFgPn7hSJSpIj34R3-A==
age: 6708690
X-Firefox-Spdy: h2
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/embed.js
151.101.85.230200 OK 531 B URL HTTP/2 resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/embed.js
IP 151.101.85.230:0
File type ASCII text, with very long lines (592)
Hash 163d0bd34ff8cd5d5d8c376ff4fa5448
49290a53b47fe11dd527ed41db0876da97afc365
6b05ff7c0159529870ef88073983b50eee80d938ffbd55d5c9aebb0dab4d772a
GET /wdcusciti/50/onsite/embed.js HTTP/1.1
Host: resources.digital-cloud-citi.medallia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 2aA23+/FTZdxpQ34HQzWIl1OrSThhnkFgxh90mliTGHGDA6XkLcPWhHmpm8fftHZAJpmWTN+954=
x-amz-request-id: SVVR1VEX72BWA9EC
last-modified: Mon, 29 Aug 2022 07:49:45 GMT
etag: "c1db4c234cf539e2bfab42c09c1ca05d"
x-amz-version-id: eKMfkf17jnOEK1NZY3.0vSO_D.gj7xc9
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
content-encoding: gzip
accept-ranges: bytes
date: Fri, 07 Oct 2022 20:14:32 GMT
via: 1.1 varnish
age: 258339
x-served-by: cache-bma1677-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1665173672.414018,VS0,VE3
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 531
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash da760bd41ef8ff9370254bfa22f58538
d2913d670acf488ba2460758095e8238c1d47966
92af768a29358479e72788fbbb20cfd27aad26588b07a3218968710da11a2d37
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 13:42:54 GMT
Expires: Wed, 12 Oct 2022 13:42:53 GMT
Etag: "d2913d670acf488ba2460758095e8238c1d47966"
Cache-Control: max-age=407900,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75694dbc8f54b512-OSL
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1642556755234.js
151.101.85.230200 OK 89 kB URL HTTP/2 resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1642556755234.js
IP 151.101.85.230:0
File type Unicode text, UTF-8 text, with very long lines (53734)
Hash 0910c09f371905190d92a517f6664582
82015ba51fdafebdc71f17b7c2650025bfba0770
25707832992c14c98b3e72d17579ba9a4e082de9f544750d8576a84d3e3b4bbb
GET /wdcusciti/50/onsite/generic1642556755234.js HTTP/1.1
Host: resources.digital-cloud-citi.medallia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: BCwZ+cDcanB29+BIrIjunK0dcPElBR1vbfl7mt31+KPJClzhOrG0x4PRt1pSmRTPehz6jLE8X8E=
x-amz-request-id: R1SSFTZN4WDYR195
last-modified: Wed, 19 Jan 2022 01:45:56 GMT
etag: "23e4d609fe08b7a8c3e4f1da77c7f96c"
x-amz-version-id: rSjn3UrYpUyqzJwJI83SrWd_Yi2yQGv5
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Fri, 07 Oct 2022 20:14:32 GMT
via: 1.1 varnish
age: 252193
x-served-by: cache-bma1677-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1665173672.421389,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 89391
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 933aabad69ddcf07300ed74eea530752
934ee8c356480a34e0ac375a65aac14fc1d51d34
836bfb7c4f428ff7eb49ac130e91bd27a8f66c53da1ce2adcc39615888d3b25a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4690
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:32 GMT
Last-Modified: Fri, 07 Oct 2022 18:56:22 GMT
Server: ECS (amb/6B9E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 933aabad69ddcf07300ed74eea530752
934ee8c356480a34e0ac375a65aac14fc1d51d34
836bfb7c4f428ff7eb49ac130e91bd27a8f66c53da1ce2adcc39615888d3b25a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5762
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:32 GMT
Etag: "633fa734-1d7"
Last-Modified: Fri, 07 Oct 2022 18:38:30 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 933aabad69ddcf07300ed74eea530752
934ee8c356480a34e0ac375a65aac14fc1d51d34
836bfb7c4f428ff7eb49ac130e91bd27a8f66c53da1ce2adcc39615888d3b25a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4690
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:32 GMT
Last-Modified: Fri, 07 Oct 2022 18:56:22 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 933aabad69ddcf07300ed74eea530752
934ee8c356480a34e0ac375a65aac14fc1d51d34
836bfb7c4f428ff7eb49ac130e91bd27a8f66c53da1ce2adcc39615888d3b25a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5985
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:32 GMT
Last-Modified: Fri, 07 Oct 2022 18:34:47 GMT
Server: ECS (amb/6B9B)
X-Cache: HIT
Content-Length: 471
sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
35.190.60.146451 Unavailable For Legal Reasons 0 B URL HTTP/2 sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
IP 35.190.60.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709 HTTP/1.1
Host: sr.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 451 Unavailable For Legal Reasons
date: Fri, 07 Oct 2022 20:14:32 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 933aabad69ddcf07300ed74eea530752
934ee8c356480a34e0ac375a65aac14fc1d51d34
836bfb7c4f428ff7eb49ac130e91bd27a8f66c53da1ce2adcc39615888d3b25a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2895
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:32 GMT
Last-Modified: Fri, 07 Oct 2022 19:26:17 GMT
Server: ECS (amb/6B81)
X-Cache: HIT
Content-Length: 471
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ck=0&m=2
91.235.133.67200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ck=0&m=2
IP 91.235.133.67:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ck=0&m=2 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:32 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ck=0&m=1
91.235.133.67200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ck=0&m=1
IP 91.235.133.67:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ck=0&m=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:32 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ck=0&m=2
91.235.133.67200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ck=0&m=2
IP 91.235.133.67:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ck=0&m=2 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:32 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ck=0&m=1
91.235.133.67200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ck=0&m=1
IP 91.235.133.67:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ck=0&m=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:32 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ck=0&m=1
91.235.133.67200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ck=0&m=1
IP 91.235.133.67:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ck=0&m=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:32 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
content22.online.citi.com/fp/check.js;CIS3SID=46224D2C1EE73E9471744854588FFD2B?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jb=3d3326246a7167753f4c6b6c7578266a736d3f4c696e757824687360773f4469726d666f78266a73603d466b7a65666d7a2530323934
91.235.133.67200 OK 79 kB URL HTTP/1.1 content22.online.citi.com/fp/check.js;CIS3SID=46224D2C1EE73E9471744854588FFD2B?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jb=3d3326246a7167753f4c6b6c7578266a736d3f4c696e757824687360773f4469726d666f78266a73603d466b7a65666d7a2530323934
IP 91.235.133.67:0
File type ASCII text, with very long lines (5590)
Hash 67920606af5224cc37dc8738d215ecd2
79b301ca863881938a5ad36bd444b55fe71b19eb
719adb019847f7ec5405b0164322c062d3e872019476a55a86de643dfdf967d0
GET /fp/check.js;CIS3SID=46224D2C1EE73E9471744854588FFD2B?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jb=3d3326246a7167753f4c6b6c7578266a736d3f4c696e757824687360773f4469726d666f78266a73603d466b7a65666d7a2530323934 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:32 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 5527618d41f91b6a
Set-Cookie: thx_guid=d96e9479b924024b3de51d92b766aafa; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure;
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
content22.online.citi.com/fp/check.js;CIS3SID=69915BADAB241B2E060746F35B8AB099?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jb=37312e2668716f773f4c616c77782468736f3d4c69667778266a7362753f46697067646f7a246273623f46697265666d782730303936
91.235.133.67200 OK 80 kB URL HTTP/1.1 content22.online.citi.com/fp/check.js;CIS3SID=69915BADAB241B2E060746F35B8AB099?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jb=37312e2668716f773f4c616c77782468736f3d4c69667778266a7362753f46697067646f7a246273623f46697265666d782730303936
IP 91.235.133.67:0
File type ASCII text, with very long lines (15506)
Hash 32f6e7fb3ec24a7a62d9e9c97dc008b3
4ca98ca397308daff69725d9ca7c26db523f7b69
937871261807953ad5f5d34feff5b95f645404c16cbee60e1e16f875b91e7e65
GET /fp/check.js;CIS3SID=69915BADAB241B2E060746F35B8AB099?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jb=37312e2668716f773f4c616c77782468736f3d4c69667778266a7362753f46697067646f7a246273623f46697265666d782730303936 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:32 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 31f079b47db06ff4
Set-Cookie: thx_guid=2928c5ca9e289d05841f979bbdee4730; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure;
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
content22.online.citi.com/fp/check.js;CIS3SID=69B4B09FD8A728BF2EE7FCB11A1B9673?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jb=3731242668736f753d4c6b6e7d7a266a73673f4c69667770246a73627d3d46697067646d78246273623d46697265646f782530303b34
91.235.133.67200 OK 79 kB URL HTTP/1.1 content22.online.citi.com/fp/check.js;CIS3SID=69B4B09FD8A728BF2EE7FCB11A1B9673?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jb=3731242668736f753d4c6b6e7d7a266a73673f4c69667770246a73627d3d46697067646d78246273623d46697265646f782530303b34
IP 91.235.133.67:0
File type ASCII text, with very long lines (5725)
Hash abad988f395af6c474e91da407bc3f23
bb609a87a964ce0ce9b5828baedafc33c6828dbd
512d56a04760c388756dcc65c11bb04059667569cb1d33a0c4c430384d3c12da
GET /fp/check.js;CIS3SID=69B4B09FD8A728BF2EE7FCB11A1B9673?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jb=3731242668736f753d4c6b6e7d7a266a73673f4c69667770246a73627d3d46697067646d78246273623d46697265646f782530303b34 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:32 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 6b89f78c1aa12a6c
Set-Cookie: thx_guid=27f5bf9af357b3e2d5b0c092785fd781; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure;
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
151.101.85.175200 OK 5.2 kB URL HTTP/2 nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
IP 151.101.85.175:0
File type C source, ASCII text, with very long lines (585)
Hash a8a8316559534b9784a92826ab49b9f2
3836a3dbc421106117da4a97871aed09eedbdf0c
b11175156d2ff85a9f749c78ab961597cc0034db4df0295f2e57335e94f61b1e
GET /resources/onsite/js/cool-2.1.15.min.js HTTP/1.1
Host: nebula-cdn.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5DsDii/Q4DH7ELXaSSQk8LthmRPPyf53c8AfqU+DuRMLCwyO0c2GhS45Jvn2u1AAXM+COlEdWaw=
x-amz-request-id: N94HBZ7MFH62Q62Y
last-modified: Sun, 24 Jan 2021 11:03:10 GMT
etag: "80dd5e3be5152c5c72d552c6a26ef6ff"
x-amz-version-id: 9HCXbKZTbCJZkS8s9IuB.pE0JEvI0TGW
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Fri, 07 Oct 2022 20:14:32 GMT
via: 1.1 varnish
age: 1000159
x-served-by: cache-bma1647-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1665173673.782226,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 5197
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash da760bd41ef8ff9370254bfa22f58538
d2913d670acf488ba2460758095e8238c1d47966
92af768a29358479e72788fbbb20cfd27aad26588b07a3218968710da11a2d37
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 13:42:54 GMT
Expires: Wed, 12 Oct 2022 13:42:53 GMT
Etag: "d2913d670acf488ba2460758095e8238c1d47966"
Cache-Control: max-age=407900,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75694dbe0aa31c0a-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1d8a8f0cedd72b8486f5e790a081e890
c351f5f30ac70bd7f935115fac38fe8627a10e99
b085d254bfd8de10428c04ed22b987269044041e44b51adebb9d2cd0ac533491
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:32 GMT
Server: ECS (amb/6B9D)
Content-Length: 471
nexus.ensighten.com/citi/na_prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citi/na_prod/code/&publishedOn=Thu%20Feb%2017%2015:16:12%20GMT%202022&ClientID=1129&PageID=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F
54.230.111.35200 OK 60 kB URL HTTP/2 nexus.ensighten.com/citi/na_prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citi/na_prod/code/&publishedOn=Thu%20Feb%2017%2015:16:12%20GMT%202022&ClientID=1129&PageID=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F
IP 54.230.111.35:0
Hash a52465851147235f984112a09d25324e
d6262bc270870fde48cdbeabeefe6c57f6a8779f
d67d5953d23125cdc5bfafc6280fe4773307c7a14c6e3b4332da3f3ac6457708
GET /citi/na_prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citi/na_prod/code/&publishedOn=Thu%20Feb%2017%2015:16:12%20GMT%202022&ClientID=1129&PageID=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
server: nginx
date: Fri, 07 Oct 2022 20:14:31 GMT
expires: Fri, 07 Oct 2022 20:14:30 GMT
cache-control: no-cache, no-store
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XiN6luAt3C0JzQkLBIPnWIFiK-gwrSOu4FC9YKsfoKV2RWIfqwV_6w==
X-Firefox-Spdy: h2
content22.online.citi.com/fp/ls_fp.html;CIS3SID=892F918497D3F175EDF2F065753754B8?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
91.235.133.67200 OK 13 kB URL HTTP/1.1 content22.online.citi.com/fp/ls_fp.html;CIS3SID=892F918497D3F175EDF2F065753754B8?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
IP 91.235.133.67:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash 691fc29208a1980217d5583343bb1b7b
1cb2c95d6cfacd7a42150c388311db8e181f6c83
f80b38ca2a0ecdb4889479c29236e29d2ae73990981b9f561789e1a89191ea37
GET /fp/ls_fp.html;CIS3SID=892F918497D3F175EDF2F065753754B8?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:32 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jb=3b34266e73633535306160363337306634616134643762613535343664333262663f6636373633
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jb=3b34266e73633535306160363337306634616134643762613535343664333262663f6636373633
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jb=3b34266e73633535306160363337306634616134643762613535343664333262663f6636373633 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:32 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jd=3d3726246a64663d35266864683d386431603637613865363234653733606437653f326161316637603838316d65266864746c3f3038373a3835
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jd=3d3726246a64663d35266864683d386431603637613865363234653733606437653f326161316637603838316d65266864746c3f3038373a3835
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jd=3d3726246a64663d35266864683d386431603637613865363234653733606437653f326161316637603838316d65266864746c3f3038373a3835 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:33 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/top_fp.html;CIS3SID=892F918497D3F175EDF2F065753754B8?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
91.235.133.67200 OK 13 kB URL HTTP/1.1 content22.online.citi.com/fp/top_fp.html;CIS3SID=892F918497D3F175EDF2F065753754B8?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
IP 91.235.133.67:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash 74084a08ab28ab91511bfad08abf1b24
a241bd07d8c0523a6041e4c38a9fb3d1c9e7f113
afdab831944bb71c78a59edbfd15e47929c4bce5824f9b4bd94d71cc04149fa5
GET /fp/top_fp.html;CIS3SID=892F918497D3F175EDF2F065753754B8?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:33 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked
content22.online.citi.com/fp/clear.png
91.235.133.67200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png
IP 91.235.133.67:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*, 89oebq5k/5527618d41f91b6a9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:33 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 07 Oct 2022 20:14:33 GMT
Expires: Wed, 06 Oct 2027 20:14:33 GMT
Etag: de7b54fdd765447bb87eee2f103ab125
Cache-Control: private, must-revalidate, max-age=0
Access-Control-Allow-Origin: https://acadplusvk.in
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ja=3d3a392426613530247a3f3226663d31323a3278313032342463663f33303a3078393030322673787b3d307a38266472703d332e31303a322e333832342e313030322c3330323a2c33323a322c3933392c333038302c313030362c322e322473636c3d3234266c683f68747678732531432530442530446361636c706c777374632c696c25304e636b747b2c636f6d2532442464723d26686a3f363066336666663a366438356330616266633e636361326537366361373b36302e6a736d3d4e616c757a26687b623f466b7065666f782530323936266a736d773d4e6b6c777826627362753d46697065666d70266e6a613d3334267678663f575c43266f617660703d30383b3e623a386132376562613466646138626138633439333b6634636369323031633536673138306930613b663936636136363266313c34366035643c3b3024703f786c77676b6c5f666c61736a27354566616c716721726e7765696e5777696e646f77715f6d676c69615d726c637b657027374764696c736721726477676b6e5d69646d62675d6163726f62637625354566616e716523726e776769665f717569636b76696d672d354564636c716721726e77656b665f736a6f616375617465273d4564616e716521706c75656b6e5f7265616e726c637b677025354d66616c736521726c7565616e5f746e635d726c637b6770273d4566636c716d23706e7565616e5d646774616c767225374766616c736523726c77656b6c5f737e675f76696577677225374d66616e716523726c77656b6c5d6261766325374d64616e73672e6361643f333734373738&jb=3137266e713f456f78696e6e61253246352c32253230285833332531402730304c616e75782532307a38365d3e3425314025303272742731433b3e2e302b2530384565616b6d2d3244323233303031303127303046697265646d782730443b362e38
91.235.133.67204 204 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ja=3d3a392426613530247a3f3226663d31323a3278313032342463663f33303a3078393030322673787b3d307a38266472703d332e31303a322e333832342e313030322c3330323a2c33323a322c3933392c333038302c313030362c322e322473636c3d3234266c683f68747678732531432530442530446361636c706c777374632c696c25304e636b747b2c636f6d2532442464723d26686a3f363066336666663a366438356330616266633e636361326537366361373b36302e6a736d3d4e616c757a26687b623f466b7065666f782530323936266a736d773d4e6b6c777826627362753d46697065666d70266e6a613d3334267678663f575c43266f617660703d30383b3e623a386132376562613466646138626138633439333b6634636369323031633536673138306930613b663936636136363266313c34366035643c3b3024703f786c77676b6c5f666c61736a27354566616c716721726e7765696e5777696e646f77715f6d676c69615d726c637b657027374764696c736721726477676b6e5d69646d62675d6163726f62637625354566616e716523726e776769665f717569636b76696d672d354564636c716721726e77656b665f736a6f616375617465273d4564616e716521706c75656b6e5f7265616e726c637b677025354d66616c736521726c7565616e5f746e635d726c637b6770273d4566636c716d23706e7565616e5d646774616c767225374766616c736523726c77656b6c5f737e675f76696577677225374d66616e716523726c77656b6c5d6261766325374d64616e73672e6361643f333734373738&jb=3137266e713f456f78696e6e61253246352c32253230285833332531402730304c616e75782532307a38365d3e3425314025303272742731433b3e2e302b2530384565616b6d2d3244323233303031303127303046697265646d782730443b362e38
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ja=3d3a392426613530247a3f3226663d31323a3278313032342463663f33303a3078393030322673787b3d307a38266472703d332e31303a322e333832342e313030322c3330323a2c33323a322c3933392c333038302c313030362c322e322473636c3d3234266c683f68747678732531432530442530446361636c706c777374632c696c25304e636b747b2c636f6d2532442464723d26686a3f363066336666663a366438356330616266633e636361326537366361373b36302e6a736d3d4e616c757a26687b623f466b7065666f782530323936266a736d773d4e6b6c777826627362753d46697065666d70266e6a613d3334267678663f575c43266f617660703d30383b3e623a386132376562613466646138626138633439333b6634636369323031633536673138306930613b663936636136363266313c34366035643c3b3024703f786c77676b6c5f666c61736a27354566616c716721726e7765696e5777696e646f77715f6d676c69615d726c637b657027374764696c736721726477676b6e5d69646d62675d6163726f62637625354566616e716523726e776769665f717569636b76696d672d354564636c716721726e77656b665f736a6f616375617465273d4564616e716521706c75656b6e5f7265616e726c637b677025354d66616c736521726c7565616e5f746e635d726c637b6770273d4566636c716d23706e7565616e5d646774616c767225374766616c736523726c77656b6c5f737e675f76696577677225374d66616e716523726c77656b6c5d6261766325374d64616e73672e6361643f333734373738&jb=3137266e713f456f78696e6e61253246352c32253230285833332531402730304c616e75782532307a38365d3e3425314025303272742731433b3e2e302b2530384565616b6d2d3244323233303031303127303046697265646d782730443b362e38 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Fri, 07 Oct 2022 20:14:33 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
cdn.pbbl.co/r/1560.js
54.230.111.59403 Forbidden 986 B IP 54.230.111.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 471426f27e6ca3530e449f61e016dc31
92a082576c2236db4c0bf20a227b9ead90121030
0e2a2f97e48842364c5b2166fc5bfe07871fb45d18e25e954f8b7245550271c8
GET /r/1560.js HTTP/1.1
Host: cdn.pbbl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: CloudFront
date: Fri, 07 Oct 2022 20:14:33 GMT
content-type: text/html
content-length: 986
x-cache: Error from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -hx3k8ezDrQaizcJId9EThrWLPgvwZuTGhXI841OpSUWRUoVxUaEJg==
vary: Origin
X-Firefox-Spdy: h2
content22.online.citi.com/fp/clear.png
91.235.133.67304 Not Modified 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*, 89oebq5k/31f079b47db06ff46a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 07 Oct 2022 20:14:33 GMT
If-None-Match: de7b54fdd765447bb87eee2f103ab125
HTTP/1.1 304 Not Modified
Date: Fri, 07 Oct 2022 20:14:33 GMT
Access-Control-Allow-Origin: *
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jb=31362e6c71633d3730616a363137326434636334643f606137373434663330626435643635343b
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jb=31362e6c71633d3730616a363137326434636334643f606137373434663330626435643635343b
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jb=31362e6c71633d3730616a363137326434636334643f606137373434663330626435643635343b HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:33 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/ls_fp.html;CIS3SID=A7C182827D811179AE2C83CB359AF4E1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
91.235.133.67200 OK 13 kB URL HTTP/1.1 content22.online.citi.com/fp/ls_fp.html;CIS3SID=A7C182827D811179AE2C83CB359AF4E1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
IP 91.235.133.67:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash d5b0f41d67aebfa5382dd0e8b35d724b
bdc79797b9284f4946f7db95bb35e2e738c9e95d
44a8f81ae068ed24169f6a594267ed3475d99137ee594a7d123f40fc1e8d444c
GET /fp/ls_fp.html;CIS3SID=A7C182827D811179AE2C83CB359AF4E1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:33 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=96
Transfer-Encoding: chunked
nexus.ensighten.com/citi/na_prod/code/74cc1efe8c7595da53e7ab20e00a12ab.js?conditionId0=486757
54.230.111.35200 OK 44 kB URL HTTP/2 nexus.ensighten.com/citi/na_prod/code/74cc1efe8c7595da53e7ab20e00a12ab.js?conditionId0=486757
IP 54.230.111.35:0
File type ASCII text, with very long lines (586)
Hash 42011cf824e8a7c8c4f6fdc6ddf3b841
dc00c5e7a4f81fed14237c9992a1bf81684a7c4c
1bf781d21afbf2b6eaf5cb13583294497051d1e9e125a4e0eb27272d85d78d31
GET /citi/na_prod/code/74cc1efe8c7595da53e7ab20e00a12ab.js?conditionId0=486757 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 04 Oct 2022 17:38:58 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 04 Oct 2022 17:38:26 GMT
etag: W/"3ede326e87ee2b8f7af776b4c4ad35f7"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: LjMYQmiQy7kOs5o7pU54PuDyr5b_DNtO
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: z18nPsHeIypas6B44mA59UpYgN3eGoUt1PutlUTpnV67afTppJWgpQ==
age: 268534
X-Firefox-Spdy: h2
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jd=37352e2668646e3f352662646a3d3a66316234376130673630366535316066376735306163336e37623a38336565266866766c3d303a31363a37
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jd=37352e2668646e3f352662646a3d3a66316234376130673630366535316066376735306163336e37623a38336565266866766c3d303a31363a37
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jd=37352e2668646e3f352662646a3d3a66316234376130673630366535316066376735306163336e37623a38336565266866766c3d303a31363a37 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:33 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/top_fp.html;CIS3SID=A7C182827D811179AE2C83CB359AF4E1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
91.235.133.67200 OK 14 kB URL HTTP/1.1 content22.online.citi.com/fp/top_fp.html;CIS3SID=A7C182827D811179AE2C83CB359AF4E1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
IP 91.235.133.67:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash 6fe1349c78f1bc81c16bc57c6cd15414
41bd4ba8641b9a12e65068d9d94df023a8a8fe30
bff6ec1bd2056e7bbef135190ffad3f38411f98c9b241d30313dd00f8e5ab7bf
GET /fp/top_fp.html;CIS3SID=A7C182827D811179AE2C83CB359AF4E1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:33 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=95
Transfer-Encoding: chunked
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ja=3738312624613d32247a353224663f3332383078313830342661663d313038307a33323030247b78793f307830266472723f332c313238322c313030362c33303a3024313232322e333230322e39313b2c3132383024333032342c302c32267361663f32362464683d6a7474707325314127304625324663636164726e757174692e616e273046616b74712c616f6f273246266472352468683d66636232383033333b3261633864386663656432306330343a303964346763342668716f3f4e6b6e7d78246873603f46617067666d7a25323039362e68736f753d4c696c757824687162773f4e697267666f78266e6a633f333626747a663d555441246d63766a7235323a3b36603a386b323565606334646661386a633861363931396636636163303033613d36653338326130613b643b366161343432643334363462376436393826723f706e7767616c5d666e6373682535456e636c736521706c7767696c5d75696c666777735d6d656469615d706e6379657225374566616e716523726e756f696c5d61666d626d5d6363706d62617425354d64616c736521706e75676b6c5d71776b6b6b746b6d6525354564616e716521706c7767696e5d71686d616977697667273547646164716721726e7567696e5f7a67616c706c6179677225374764616e716d21706e7567696e5f746c615d706c6179677225354764616e716721786c7765696c5d646d74636c7470253545666164716521706c75676b6e5f7174655f746b6d77657025354566616e736723706c75676b6e5f6a63746127374766696c71672661616435333a393a3133&jb=3b352e6c733f4d6d7869646e63253044352e302532382a5831312533422732304e6b6c757a273a30783a365f3634253142273030727625314139362c3229273032476d63696d253044323833323033323125323046617065666f7825324439362c32
91.235.133.67204 204 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ja=3738312624613d32247a353224663f3332383078313830342661663d313038307a33323030247b78793f307830266472723f332c313238322c313030362c33303a3024313232322e333230322e39313b2c3132383024333032342c302c32267361663f32362464683d6a7474707325314127304625324663636164726e757174692e616e273046616b74712c616f6f273246266472352468683d66636232383033333b3261633864386663656432306330343a303964346763342668716f3f4e6b6e7d78246873603f46617067666d7a25323039362e68736f753d4c696c757824687162773f4e697267666f78266e6a633f333626747a663d555441246d63766a7235323a3b36603a386b323565606334646661386a633861363931396636636163303033613d36653338326130613b643b366161343432643334363462376436393826723f706e7767616c5d666e6373682535456e636c736521706c7767696c5d75696c666777735d6d656469615d706e6379657225374566616e716523726e756f696c5d61666d626d5d6363706d62617425354d64616c736521706e75676b6c5d71776b6b6b746b6d6525354564616e716521706c7767696e5d71686d616977697667273547646164716721726e7567696e5f7a67616c706c6179677225374764616e716d21706e7567696e5f746c615d706c6179677225354764616e716721786c7765696c5d646d74636c7470253545666164716521706c75676b6e5f7174655f746b6d77657025354566616e736723706c75676b6e5f6a63746127374766696c71672661616435333a393a3133&jb=3b352e6c733f4d6d7869646e63253044352e302532382a5831312533422732304e6b6c757a273a30783a365f3634253142273030727625314139362c3229273032476d63696d253044323833323033323125323046617065666f7825324439362c32
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ja=3738312624613d32247a353224663f3332383078313830342661663d313038307a33323030247b78793f307830266472723f332c313238322c313030362c33303a3024313232322e333230322e39313b2c3132383024333032342c302c32267361663f32362464683d6a7474707325314127304625324663636164726e757174692e616e273046616b74712c616f6f273246266472352468683d66636232383033333b3261633864386663656432306330343a303964346763342668716f3f4e6b6e7d78246873603f46617067666d7a25323039362e68736f753d4c696c757824687162773f4e697267666f78266e6a633f333626747a663d555441246d63766a7235323a3b36603a386b323565606334646661386a633861363931396636636163303033613d36653338326130613b643b366161343432643334363462376436393826723f706e7767616c5d666e6373682535456e636c736521706c7767696c5d75696c666777735d6d656469615d706e6379657225374566616e716523726e756f696c5d61666d626d5d6363706d62617425354d64616c736521706e75676b6c5d71776b6b6b746b6d6525354564616e716521706c7767696e5d71686d616977697667273547646164716721726e7567696e5f7a67616c706c6179677225374764616e716d21706e7567696e5f746c615d706c6179677225354764616e716721786c7765696c5d646d74636c7470253545666164716521706c75676b6e5f7174655f746b6d77657025354566616e736723706c75676b6e5f6a63746127374766696c71672661616435333a393a3133&jb=3b352e6c733f4d6d7869646e63253044352e302532382a5831312533422732304e6b6c757a273a30783a365f3634253142273030727625314139362c3229273032476d63696d253044323833323033323125323046617065666f7825324439362c32 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Fri, 07 Oct 2022 20:14:33 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
ocsp.securetrust.com/
23.36.79.19200 OK 638 B IP 23.36.79.19:0
ASN #20940 Akamai International B.V.
Hash 0a8ac3d47900b822b2cd58763b0994a2
17504b2a1bc179e55f44ead83c03abfc55d3549d
08442c9fe7c9753d83ab211491da46e231ae25b9cc148ae80583b79e93e3bd6d
POST / HTTP/1.1
Host: ocsp.securetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 638
Date: Fri, 07 Oct 2022 20:14:33 GMT
Connection: keep-alive
89oebq5ka4b25zymnoyrkbsdklbqrknifamjhly35527618d41f91b6aam1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&di=yes
91.235.134.131200 OK 81 B URL HTTP/1.1 89oebq5ka4b25zymnoyrkbsdklbqrknifamjhly35527618d41f91b6aam1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&di=yes
IP 91.235.134.131:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&di=yes HTTP/1.1
Host: 89oebq5ka4b25zymnoyrkbsdklbqrknifamjhly35527618d41f91b6aam1.e.aa.online-metrix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:33 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81
Content-Type: image/png
89oebq5kczg3ghvfhl4btlj7hqcgbmpe5jomxzqk31f079b47db06ff4am1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&di=yes
91.235.134.131200 OK 81 B URL HTTP/1.1 89oebq5kczg3ghvfhl4btlj7hqcgbmpe5jomxzqk31f079b47db06ff4am1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&di=yes
IP 91.235.134.131:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&di=yes HTTP/1.1
Host: 89oebq5kczg3ghvfhl4btlj7hqcgbmpe5jomxzqk31f079b47db06ff4am1.e.aa.online-metrix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:33 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81
Content-Type: image/png
content22.online.citi.com/fp/clear.png
91.235.133.67304 Not Modified 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*, 89oebq5k/6b89f78c1aa12a6cf13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 07 Oct 2022 20:14:33 GMT
If-None-Match: de7b54fdd765447bb87eee2f103ab125
HTTP/1.1 304 Not Modified
Date: Fri, 07 Oct 2022 20:14:33 GMT
Access-Control-Allow-Origin: *
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
52.154.174.214200 OK 558 B URL HTTP/2 contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
IP 52.154.174.214:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (558), with no line terminators
Hash 7881ca42e690a4dd50cac964626f3010
09f909b807ce4d6e9a835777c800cb5b59eff02a
a762a5ae39c1d3f4e2fd3d0ec0627a6c88cccd3c781622e8a10af18fe9074c15
POST /client/v3.1/web/wup?cid=cedric HTTP/1.1
Host: contents2.00110.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2622
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 558
date: Fri, 07 Oct 2022 20:14:32 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: b1e314ed-20cc-41b8-8e19-02c0278964bf
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
content22.online.citi.com/fp/ls_fp.html;CIS3SID=08A8272180F10939DDEE3FDA42ED5535?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1
91.235.133.67200 OK 13 kB URL HTTP/1.1 content22.online.citi.com/fp/ls_fp.html;CIS3SID=08A8272180F10939DDEE3FDA42ED5535?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1
IP 91.235.133.67:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash e908019dfe2ea137bb4340fb0d80b942
aaeaf27505c2cc3f47488f23b500bd83a2075e40
9421e3a1e98187a071f1bcfd4739af43e078b46660b81dff12ff7c92df9ed478
GET /fp/ls_fp.html;CIS3SID=08A8272180F10939DDEE3FDA42ED5535?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:33 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=94
Transfer-Encoding: chunked
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jb=3136246c71613d35326160343b353066346b6134643f6069353734346e3130626435643437343b
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jb=3136246c71613d35326160343b353066346b6134643f6069353734346e3130626435643437343b
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jb=3136246c71613d35326160343b353066346b6134643f6069353734346e3130626435643437343b HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:33 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jd=3735242668666e3d37266866603f3864316a36376130673e32366535396266376735306361336e37623838336565246a66746c3d323833353237
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jd=3735242668666e3d37266866603f3864316a36376130673e32366535396266376735306361336e37623838336565246a66746c3d323833353237
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jd=3735242668666e3d37266866603f3864316a36376130673e32366535396266376735306361336e37623838336565246a66746c3d323833353237 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:33 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ja=31313b2624633d30267a3f302e643d31323032783138303c2461663d393238307a33323232247b78793d307830266670723d332c33303a3224313032342c33303a302e313230322c31323a30243b33392c3930383024333830342c302430267361663f30342464683d6874747073273341253046273044636b6164706c757174692e6b6e2732466369747b2e6b6d6d25324e2464723524606a3d65383a6462353136303238343965646239653536323935353139636635616d32266a736f3f4e6b6e7778246a73623d466b726d646f78253a3239362e687b6d753d4c616e757824687160753f4e697265666f78266c68633d33362476786635555443266d63766a723f323a393662383861303f676261346c6461386a633063363931316436636163303231613d36653138326130633964393661633636326c33343436623764363932&jb=3b35246c733d4d6f7a696e6c692732463526322532382a50333125334a2532304e6b6c7778273a307838365f3634273342253030707427314939362e3029273032476763696f25324632323138323130312d30304661706d646f78253a4639362c32
91.235.133.67204 204 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ja=31313b2624633d30267a3f302e643d31323032783138303c2461663d393238307a33323232247b78793d307830266670723d332c33303a3224313032342c33303a302e313230322c31323a30243b33392c3930383024333830342c302430267361663f30342464683d6874747073273341253046273044636b6164706c757174692e6b6e2732466369747b2e6b6d6d25324e2464723524606a3d65383a6462353136303238343965646239653536323935353139636635616d32266a736f3f4e6b6e7778246a73623d466b726d646f78253a3239362e687b6d753d4c616e757824687160753f4e697265666f78266c68633d33362476786635555443266d63766a723f323a393662383861303f676261346c6461386a633063363931316436636163303231613d36653138326130633964393661633636326c33343436623764363932&jb=3b35246c733d4d6f7a696e6c692732463526322532382a50333125334a2532304e6b6c7778273a307838365f3634273342253030707427314939362e3029273032476763696f25324632323138323130312d30304661706d646f78253a4639362c32
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ja=31313b2624633d30267a3f302e643d31323032783138303c2461663d393238307a33323232247b78793d307830266670723d332c33303a3224313032342c33303a302e313230322c31323a30243b33392c3930383024333830342c302430267361663f30342464683d6874747073273341253046273044636b6164706c757174692e6b6e2732466369747b2e6b6d6d25324e2464723524606a3d65383a6462353136303238343965646239653536323935353139636635616d32266a736f3f4e6b6e7778246a73623d466b726d646f78253a3239362e687b6d753d4c616e757824687160753f4e697265666f78266c68633d33362476786635555443266d63766a723f323a393662383861303f676261346c6461386a633063363931316436636163303231613d36653138326130633964393661633636326c33343436623764363932&jb=3b35246c733d4d6f7a696e6c692732463526322532382a50333125334a2532304e6b6c7778273a307838365f3634273342253030707427314939362e3029273032476763696f25324632323138323130312d30304661706d646f78253a4639362c32 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Fri, 07 Oct 2022 20:14:33 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
ocsps.ssl.com/
100.24.223.135200 OK 1.9 kB IP 100.24.223.135:0
Hash f1d8eb5801e94c2358215f8d60245f0c
88bf0613efba90ab80ea98327e60c542a36edbd6
3af9c2aa48c6d61d29b61f71265b6e5985873d170f01c4e0caeb5665fe690a8e
POST / HTTP/1.1
Host: ocsps.ssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 20:14:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1883
Connection: keep-alive
Expires: Fri, 14 Oct 2022 15:24:23 GMT
Cache-Control: max-age=86400,public,no-transform,must-revalidate
ETag: "88bf0613efba90ab80ea98327e60c542a36edbd6"
Last-Modified: Fri, 07 Oct 2022 15:24:24 GMT
X-Proxy-Cache: HIT
89oebq5ke4nv7d4lu5o7uz5ykg5teccehmspyww56b89f78c1aa12a6cam1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&di=yes
91.235.134.131200 OK 81 B URL HTTP/1.1 89oebq5ke4nv7d4lu5o7uz5ykg5teccehmspyww56b89f78c1aa12a6cam1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&di=yes
IP 91.235.134.131:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&di=yes HTTP/1.1
Host: 89oebq5ke4nv7d4lu5o7uz5ykg5teccehmspyww56b89f78c1aa12a6cam1.e.aa.online-metrix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:33 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81
Content-Type: image/png
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMS4xNSIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY1MTczNjczMTcwIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODNiNDE1ZDRjZDktMGZjOWIwZTk4YmE0YjA4LTMwNmQ0NjRhLTE0MDAwMC0xODNiNDE1ZDRkMTI1MyIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1jaXRpIiwiYWNjb3VudElkIjogNDksInVybCI6ICJodHRwczovL2FjYWRwbHVzdmsuaW4vY2l0eS5jb20vIiwid2Vic2l0ZUlkIjogNTAsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjYzNDctNmQ2NC1iY2I4LWUxMTItZTBhOS0wMGE1LWVkM2EtY2ZlZiIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjY1MTczNjcyNjUzIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDExMzMsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQyLjEiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQyLjEiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NjUxNzM2NzI2NTUsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJmZWVkYmFja19jb3JyZWxhdGlvbl91dWlkIjogbnVsbH0KXX0=
35.241.45.82200 OK 0 B URL HTTP/2 udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMS4xNSIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY1MTczNjczMTcwIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODNiNDE1ZDRjZDktMGZjOWIwZTk4YmE0YjA4LTMwNmQ0NjRhLTE0MDAwMC0xODNiNDE1ZDRkMTI1MyIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1jaXRpIiwiYWNjb3VudElkIjogNDksInVybCI6ICJodHRwczovL2FjYWRwbHVzdmsuaW4vY2l0eS5jb20vIiwid2Vic2l0ZUlkIjogNTAsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjYzNDctNmQ2NC1iY2I4LWUxMTItZTBhOS0wMGE1LWVkM2EtY2ZlZiIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjY1MTczNjcyNjUzIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDExMzMsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQyLjEiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQyLjEiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NjUxNzM2NzI2NTUsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJmZWVkYmFja19jb3JyZWxhdGlvbl91dWlkIjogbnVsbH0KXX0=
IP 35.241.45.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMS4xNSIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY1MTczNjczMTcwIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODNiNDE1ZDRjZDktMGZjOWIwZTk4YmE0YjA4LTMwNmQ0NjRhLTE0MDAwMC0xODNiNDE1ZDRkMTI1MyIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1jaXRpIiwiYWNjb3VudElkIjogNDksInVybCI6ICJodHRwczovL2FjYWRwbHVzdmsuaW4vY2l0eS5jb20vIiwid2Vic2l0ZUlkIjogNTAsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjYzNDctNmQ2NC1iY2I4LWUxMTItZTBhOS0wMGE1LWVkM2EtY2ZlZiIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjY1MTczNjcyNjUzIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDExMzMsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQyLjEiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQyLjEiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NjUxNzM2NzI2NTUsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJmZWVkYmFja19jb3JyZWxhdGlvbl91dWlkIjogbnVsbH0KXX0= HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 20:14:33 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
x-me: prod-instance-gatewayservice-blue-tj2c
x-application-context: application:9090
content-type: image/gif; charset=UTF-8
content-length: 0
server: Jetty(9.2.11.v20150529)
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23be53f0796c8e41706dcd00284560fc
9608740dde2b8801081f68b9aa0afe9ae048e3fb
08efc4c1977aef68123a25c191e9af752bf3ffc9d9c3a1790ae3ec350a239206
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23be53f0796c8e41706dcd00284560fc
9608740dde2b8801081f68b9aa0afe9ae048e3fb
08efc4c1977aef68123a25c191e9af752bf3ffc9d9c3a1790ae3ec350a239206
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23be53f0796c8e41706dcd00284560fc
9608740dde2b8801081f68b9aa0afe9ae048e3fb
08efc4c1977aef68123a25c191e9af752bf3ffc9d9c3a1790ae3ec350a239206
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23be53f0796c8e41706dcd00284560fc
9608740dde2b8801081f68b9aa0afe9ae048e3fb
08efc4c1977aef68123a25c191e9af752bf3ffc9d9c3a1790ae3ec350a239206
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/10955006959/?random=1665173673330&cv=9&fst=1665173673330&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa50&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&auid=1100522625.1665173672&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.211.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10955006959/?random=1665173673330&cv=9&fst=1665173673330&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa50&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&auid=1100522625.1665173672&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2324), with no line terminators
Hash 43d59a5fd27b2429fb69e8a6e09435f1
ba119a1b4bbd891d9146a80b873807cdff3e9c93
12e413261326c7bace6f196fb128e7cdb0c485c53a37a71011fdb29c196f3b03
GET /pagead/viewthroughconversion/10955006959/?random=1665173673330&cv=9&fst=1665173673330&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa50&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&auid=1100522625.1665173672&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1055
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-Oct-2022 20:29:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/?random=1665173673490&cv=9&fst=1665173673490&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.211.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/?random=1665173673490&cv=9&fst=1665173673490&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2320), with no line terminators
Hash 8aa877f2ec592cfcbda8407255fe07b7
7501664fccfd60b90d7779fa1fb71d0a0092ba5e
6a59a73234737bd720243d8f3733275684cdc109271660bfc086df91f0c32293
GET /pagead/viewthroughconversion/695231162/?random=1665173673490&cv=9&fst=1665173673490&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1055
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-Oct-2022 20:29:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/?random=1665173673482&cv=9&fst=1665173673482&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.211.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/?random=1665173673482&cv=9&fst=1665173673482&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2320), with no line terminators
Hash f9d197e877bc1894d3407dadd56bf635
76227a039398b5fe6d2ed0346e3971729a808261
812b423ad7213a1f1e64c8a3d583e6033f75c33597f6e45299462d684e8ba027
GET /pagead/viewthroughconversion/959299794/?random=1665173673482&cv=9&fst=1665173673482&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1056
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-Oct-2022 20:29:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/?random=1665173673494&cv=9&fst=1665173673494&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.211.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/?random=1665173673494&cv=9&fst=1665173673494&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2320), with no line terminators
Hash 0b2fa8944444b25d5a0495f1f955a76b
a584d7e841aaf4d75c2a389c31e7e58ff2df10be
2ab613f7fe24179370209bf801e509255aefca012b97ba788f69f5134b224bb7
GET /pagead/viewthroughconversion/975701947/?random=1665173673494&cv=9&fst=1665173673494&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1056
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-Oct-2022 20:29:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/?random=1665173673455&cv=9&fst=1665173673455&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.211.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/?random=1665173673455&cv=9&fst=1665173673455&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2318), with no line terminators
Hash be3e2f9a716189d503c2509e6fb2760c
fc8853289f7d00d714b76120cf4fd3b9dee64da2
791f42a26f758725b183a299a3a8a5b963562ee77b31f10bc8e1c5f39f2dce03
GET /pagead/viewthroughconversion/960621875/?random=1665173673455&cv=9&fst=1665173673455&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1054
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-Oct-2022 20:29:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/?random=1665173673450&cv=9&fst=1665173673450&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.211.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/?random=1665173673450&cv=9&fst=1665173673450&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2320), with no line terminators
Hash 476b1097dc0ae9a3f11c33cffb59c1fb
3db798571797d337c0617579c963155bfcb33025
6a76874e7720ed4f8cb88cb2d55f096ac9203171d34ae8a3fa544b142e9ad620
GET /pagead/viewthroughconversion/916451471/?random=1665173673450&cv=9&fst=1665173673450&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1054
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-Oct-2022 20:29:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/?random=1665173673461&cv=9&fst=1665173673461&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.211.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/?random=1665173673461&cv=9&fst=1665173673461&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2320), with no line terminators
Hash 14b4a8eda99d649b1b06d726d49740b7
197aac422fd94506251fbf4393a2b2c7a5be9c8b
d8148d988c2d82b1bc8e3792495f3f338eb984345625036dc918c6dad6f40bc4
GET /pagead/viewthroughconversion/830907969/?random=1665173673461&cv=9&fst=1665173673461&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1055
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-Oct-2022 20:29:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/819500023/?random=1665173673467&cv=9&fst=1665173673467&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.211.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/819500023/?random=1665173673467&cv=9&fst=1665173673467&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2320), with no line terminators
Hash 9cafba710667982b3b4532703d6709e8
66b14536b557c8c863906153d44d85e17fb011e1
42d283588fea4abff638158b2337046c9b48be62318249931dd27a0fdeca17a0
GET /pagead/viewthroughconversion/819500023/?random=1665173673467&cv=9&fst=1665173673467&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1055
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-Oct-2022 20:29:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/?random=1665173673473&cv=9&fst=1665173673473&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.211.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/?random=1665173673473&cv=9&fst=1665173673473&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2320), with no line terminators
Hash 5681f03c51a2eef73c67107d9696245f
0d370999777d64df8ed158d334dd921bacdbb271
c31cad104dae61dba00a85dbb7388308ff0389c361480ce96b595679f16fa9e8
GET /pagead/viewthroughconversion/644574043/?random=1665173673473&cv=9&fst=1665173673473&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1053
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-Oct-2022 20:29:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23be53f0796c8e41706dcd00284560fc
9608740dde2b8801081f68b9aa0afe9ae048e3fb
08efc4c1977aef68123a25c191e9af752bf3ffc9d9c3a1790ae3ec350a239206
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jf=3b34266e736035333a613761646561653760303432336562343530603a353330616d3432653434
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jf=3b34266e736035333a613761646561653760303432336562343530603a353330616d3432653434
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jf=3b34266e736035333a613761646561653760303432336562343530603a353330616d3432653434 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=892F918497D3F175EDF2F065753754B8?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:33 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=93
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jf=31362e6c71603d313a613d616665636737623234323b676236373062383531306367363267363c
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jf=31362e6c71603d313a613d616665636737623234323b676236373062383531306367363267363c
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jf=31362e6c71603d313a613d616665636737623234323b676236373062383531306367363267363c HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=A7C182827D811179AE2C83CB359AF4E1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=92
Connection: Keep-Alive
Content-Type: text/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da5f54e2d234b159e435039798b4f58c
115cbe08795735df780e8d1a5fb31141187c074e
20fefe2ac7fcd44ae4d6714ff2148b54810a8e7b7f66103e4bbe9c0156b7b2fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da5f54e2d234b159e435039798b4f58c
115cbe08795735df780e8d1a5fb31141187c074e
20fefe2ac7fcd44ae4d6714ff2148b54810a8e7b7f66103e4bbe9c0156b7b2fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da5f54e2d234b159e435039798b4f58c
115cbe08795735df780e8d1a5fb31141187c074e
20fefe2ac7fcd44ae4d6714ff2148b54810a8e7b7f66103e4bbe9c0156b7b2fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da5f54e2d234b159e435039798b4f58c
115cbe08795735df780e8d1a5fb31141187c074e
20fefe2ac7fcd44ae4d6714ff2148b54810a8e7b7f66103e4bbe9c0156b7b2fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da5f54e2d234b159e435039798b4f58c
115cbe08795735df780e8d1a5fb31141187c074e
20fefe2ac7fcd44ae4d6714ff2148b54810a8e7b7f66103e4bbe9c0156b7b2fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jf=3136246c71623d33386137636c676165376a3034323b676a34373062303731306367363065363c
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jf=3136246c71623d33386137636c676165376a3034323b676a34373062303731306367363065363c
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jf=3136246c71623d33386137636c676165376a3034323b676a34373062303731306367363065363c HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=08A8272180F10939DDEE3FDA42ED5535?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=91
Connection: Keep-Alive
Content-Type: text/javascript
www.google.no/pagead/1p-user-list/916451471/?random=1665173673450&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1805723735&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/916451471/?random=1665173673450&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1805723735&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/916451471/?random=1665173673450&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1805723735&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/959299794/?random=1665173673482&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3813799425&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/959299794/?random=1665173673482&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3813799425&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/959299794/?random=1665173673482&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3813799425&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/695231162/?random=1665173673490&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2090416759&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/695231162/?random=1665173673490&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2090416759&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/695231162/?random=1665173673490&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2090416759&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/10955006959/?random=1665173673330&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa50&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=4290634662&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10955006959/?random=1665173673330&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa50&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=4290634662&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10955006959/?random=1665173673330&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa50&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=4290634662&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/975701947/?random=1665173673494&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1595565874&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/975701947/?random=1665173673494&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1595565874&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/975701947/?random=1665173673494&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1595565874&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/819500023/?random=1665173673467&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3713422582&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/819500023/?random=1665173673467&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3713422582&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/819500023/?random=1665173673467&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3713422582&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/644574043/?random=1665173673473&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2301953864&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/644574043/?random=1665173673473&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2301953864&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/644574043/?random=1665173673473&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2301953864&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/830907969/?random=1665173673461&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3247853166&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/830907969/?random=1665173673461&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3247853166&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/830907969/?random=1665173673461&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3247853166&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/960621875/?random=1665173673455&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=762212008&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/960621875/?random=1665173673455&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=762212008&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/960621875/?random=1665173673455&cv=9&fst=1665172800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplusvk.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=762212008&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 20:14:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:14:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contents1.00110.citi.com/api/v1/sendLogs?cid=cedric&cdsnum=1665173671018-sjn0000825-711880b1-87e9-4796-a95e-657b40c6bd12&csid=null&ds=js&sdkVer=2.17.2.285.6f55d57
13.89.105.232204 No Content 0 B URL HTTP/2 contents1.00110.citi.com/api/v1/sendLogs?cid=cedric&cdsnum=1665173671018-sjn0000825-711880b1-87e9-4796-a95e-657b40c6bd12&csid=null&ds=js&sdkVer=2.17.2.285.6f55d57
IP 13.89.105.232:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v1/sendLogs?cid=cedric&cdsnum=1665173671018-sjn0000825-711880b1-87e9-4796-a95e-657b40c6bd12&csid=null&ds=js&sdkVer=2.17.2.285.6f55d57 HTTP/1.1
Host: contents1.00110.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 800
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 07 Oct 2022 20:14:34 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
content22.online.citi.com/fp/clear1.png;CIS3SID=A7C182827D811179AE2C83CB359AF4E1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jf=36313e26716b645d706e6c3f7664705d7054746b783b346b6c33775973786e5724716b645d666974653f31363635313533343533267369665f747972673d7567603a6d636671612471696c5d69657b3f33303539333833333036303732633836363a61653166383230333036303832633834363863653366303330333237323136323830323639343b3530633738343366333262316c323239343262363b6165306064323a67313462636332663065353536366332373235626263333265333735643d373236346632336b35326167373765633930693436643438383833626432633731613a6d34623762616131333333313363613039313161376667633335603330303b6326716b6457716b673f3130343530323a3234316234366135613031333a3867336c62323539663963663a336137646631623b313132633362373264306e633060343160626a663a373b67656163343231373032323130306034353461673230356a64363132613133383437323062323633373036633131343a3037306c66333665363a3969333265323666356664396c3531333265376124736964703f30
91.235.133.67204 204 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear1.png;CIS3SID=A7C182827D811179AE2C83CB359AF4E1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jf=36313e26716b645d706e6c3f7664705d7054746b783b346b6c33775973786e5724716b645d666974653f31363635313533343533267369665f747972673d7567603a6d636671612471696c5d69657b3f33303539333833333036303732633836363a61653166383230333036303832633834363863653366303330333237323136323830323639343b3530633738343366333262316c323239343262363b6165306064323a67313462636332663065353536366332373235626263333265333735643d373236346632336b35326167373765633930693436643438383833626432633731613a6d34623762616131333333313363613039313161376667633335603330303b6326716b6457716b673f3130343530323a3234316234366135613031333a3867336c62323539663963663a336137646631623b313132633362373264306e633060343160626a663a373b67656163343231373032323130306034353461673230356a64363132613133383437323062323633373036633131343a3037306c66333665363a3969333265323666356664396c3531333265376124736964703f30
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear1.png;CIS3SID=A7C182827D811179AE2C83CB359AF4E1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jf=36313e26716b645d706e6c3f7664705d7054746b783b346b6c33775973786e5724716b645d666974653f31363635313533343533267369665f747972673d7567603a6d636671612471696c5d69657b3f33303539333833333036303732633836363a61653166383230333036303832633834363863653366303330333237323136323830323639343b3530633738343366333262316c323239343262363b6165306064323a67313462636332663065353536366332373235626263333265333735643d373236346632336b35326167373765633930693436643438383833626432633731613a6d34623762616131333333313363613039313161376667633335603330303b6326716b6457716b673f3130343530323a3234316234366135613031333a3867336c62323539663963663a336137646631623b313132633362373264306e633060343160626a663a373b67656163343231373032323130306034353461673230356a64363132613133383437323062323633373036633131343a3037306c66333665363a3969333265323666356664396c3531333265376124736964703f30 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Fri, 07 Oct 2022 20:14:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: image/png;charset=UTF-8
Keep-Alive: timeout=2, max=90
content22.online.citi.com/fp/clear1.png;CIS3SID=892F918497D3F175EDF2F065753754B8?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jf=3c333824736b6c5f706e663f7464725f66326a6c653977434b74423441494d66267b69645f646174673d31343e3531353136353126716b665d767170653f77676a386561647169267169665d6b65793d33323739333031333234303530633a36343063653364303232313034383832633a36363a6367316632313831303530313c30303230366a3063303b6465636365323b6437633562613633663237303031353c346364383466363839663e396430616466363737346466333e66393639343936306730316e376361643739373438383b6734373031363535373132643466333b653362636138336334663c30386734393636326760663a303d37346464303f32303a34322e736b645d7169673d3330363430323231303266393660343231363a653864656263663638666c3938323365373a6661673460613b31323265303861303a39356c39616134646566646130303439323639346332323033323262303a3762656235666733663b696664326133643536613a6661333f32656062373d3b373b64676b65356161363161343465673b383361326363366260343a3326736166723d30
91.235.133.67204 204 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear1.png;CIS3SID=892F918497D3F175EDF2F065753754B8?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jf=3c333824736b6c5f706e663f7464725f66326a6c653977434b74423441494d66267b69645f646174673d31343e3531353136353126716b665d767170653f77676a386561647169267169665d6b65793d33323739333031333234303530633a36343063653364303232313034383832633a36363a6367316632313831303530313c30303230366a3063303b6465636365323b6437633562613633663237303031353c346364383466363839663e396430616466363737346466333e66393639343936306730316e376361643739373438383b6734373031363535373132643466333b653362636138336334663c30386734393636326760663a303d37346464303f32303a34322e736b645d7169673d3330363430323231303266393660343231363a653864656263663638666c3938323365373a6661673460613b31323265303861303a39356c39616134646566646130303439323639346332323033323262303a3762656235666733663b696664326133643536613a6661333f32656062373d3b373b64676b65356161363161343465673b383361326363366260343a3326736166723d30
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear1.png;CIS3SID=892F918497D3F175EDF2F065753754B8?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jf=3c333824736b6c5f706e663f7464725f66326a6c653977434b74423441494d66267b69645f646174673d31343e3531353136353126716b665d767170653f77676a386561647169267169665d6b65793d33323739333031333234303530633a36343063653364303232313034383832633a36363a6367316632313831303530313c30303230366a3063303b6465636365323b6437633562613633663237303031353c346364383466363839663e396430616466363737346466333e66393639343936306730316e376361643739373438383b6734373031363535373132643466333b653362636138336334663c30386734393636326760663a303d37346464303f32303a34322e736b645d7169673d3330363430323231303266393660343231363a653864656263663638666c3938323365373a6661673460613b31323265303861303a39356c39616134646566646130303439323639346332323033323262303a3762656235666733663b696664326133643536613a6661333f32656062373d3b373b64676b65356161363161343465673b383361326363366260343a3326736166723d30 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Fri, 07 Oct 2022 20:14:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: image/png;charset=UTF-8
Keep-Alive: timeout=2, max=89
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jac=1&je=3332332624706d3d6e6f24617d66683d646e3734623d36383a3035356b6435656034323b63616d646361353637323465633533303461343a3d36323863653b6632393539343633313430303339666432266d7a333d6c643e3a6566376a3037383a63643662353166623866626562676533663761636161663b39363430
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jac=1&je=3332332624706d3d6e6f24617d66683d646e3734623d36383a3035356b6435656034323b63616d646361353637323465633533303461343a3d36323863653b6632393539343633313430303339666432266d7a333d6c643e3a6566376a3037383a63643662353166623866626562676533663761636161663b39363430
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jac=1&je=3332332624706d3d6e6f24617d66683d646e3734623d36383a3035356b6435656034323b63616d646361353637323465633533303461343a3d36323863653b6632393539343633313430303339666432266d7a333d6c643e3a6566376a3037383a63643662353166623866626562676533663761636161663b39363430 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=94
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/clear1.png;CIS3SID=08A8272180F10939DDEE3FDA42ED5535?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jf=363134267169645f726e663d7c66725f587851547970545a645946537e63504724716b665f666974653d3136363533373336353324716b6657747970653d7567603a6763667361267369665f6367793d333837393338333b323630373a613836363a61673366383230313036303830613836363861673166383330313037323136323230323439393638603069603736633b3134393a676b376339663e3731623b31613336336c31383837383565616439336661616363353f36613366353463353035326338343038343b653b37626265306334336c323b323239613f36636431666060623a6e633363313165326461323261613a3536643f66626264666460633230626462267369645d7361653d33303c3730323a323c376238616b38316537313b6463303131373065313765323734313762616060673a616562353666313334666164643865373932303d663265633d60313769373830323130386431643360676335376e313438616162623a3135333162333a67366a35613364656063673161623464333031653b6631336335343f3036626a6739336138636b26736964703f32
91.235.133.67204 204 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear1.png;CIS3SID=08A8272180F10939DDEE3FDA42ED5535?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jf=363134267169645f726e663d7c66725f587851547970545a645946537e63504724716b665f666974653d3136363533373336353324716b6657747970653d7567603a6763667361267369665f6367793d333837393338333b323630373a613836363a61673366383230313036303830613836363861673166383330313037323136323230323439393638603069603736633b3134393a676b376339663e3731623b31613336336c31383837383565616439336661616363353f36613366353463353035326338343038343b653b37626265306334336c323b323239613f36636431666060623a6e633363313165326461323261613a3536643f66626264666460633230626462267369645d7361653d33303c3730323a323c376238616b38316537313b6463303131373065313765323734313762616060673a616562353666313334666164643865373932303d663265633d60313769373830323130386431643360676335376e313438616162623a3135333162333a67366a35613364656063673161623464333031653b6631336335343f3036626a6739336138636b26736964703f32
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear1.png;CIS3SID=08A8272180F10939DDEE3FDA42ED5535?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jf=363134267169645f726e663d7c66725f587851547970545a645946537e63504724716b665f666974653d3136363533373336353324716b6657747970653d7567603a6763667361267369665f6367793d333837393338333b323630373a613836363a61673366383230313036303830613836363861673166383330313037323136323230323439393638603069603736633b3134393a676b376339663e3731623b31613336336c31383837383565616439336661616363353f36613366353463353035326338343038343b653b37626265306334336c323b323239613f36636431666060623a6e633363313165326461323261613a3536643f66626264666460633230626462267369645d7361653d33303c3730323a323c376238616b38316537313b6463303131373065313765323734313762616060673a616562353666313334666164643865373932303d663265633d60313769373830323130386431643360676335376e313438616162623a3135333162333a67366a35613364656063673161623464333031653b6631336335343f3036626a6739336138636b26736964703f32 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Fri, 07 Oct 2022 20:14:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: image/png;charset=UTF-8
Keep-Alive: timeout=2, max=97
contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
52.154.174.214200 OK 558 B URL HTTP/2 contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
IP 52.154.174.214:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (558), with no line terminators
Hash e324b13d85495bdc1a702a3a3f8ef188
5a6d3b1a1e86cd93a3bbe782ab69c1418f978ad4
5ba2aa7ac236f53883742af2c4db829cbe7dda19210c6d96f7e5c1b9e7d0c2c2
POST /client/v3.1/web/wup?cid=cedric HTTP/1.1
Host: contents2.00110.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1158
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 558
date: Fri, 07 Oct 2022 20:14:33 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: fc7bb240-575c-460e-9708-d473ad0c20c1
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jac=1&je=393031242672653d6c6f24637564683d64643734623534303a32353761663765623e303963636564616135343f323667613533323661343a37343a3863673966383b373b36343b31363030313164643226677a333d6466363a676635603235383869663462373966603866606d6265673166376361616166313b3e3430
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jac=1&je=393031242672653d6c6f24637564683d64643734623534303a32353761663765623e303963636564616135343f323667613533323661343a37343a3863673966383b373b36343b31363030313164643226677a333d6466363a676635603235383869663462373966603866606d6265673166376361616166313b3e3430
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jac=1&je=393031242672653d6c6f24637564683d64643734623534303a32353761663765623e303963636564616135343f323667613533323661343a37343a3863673966383b373b36343b31363030313164643226677a333d6466363a676635603235383869663462373966603866606d6265673166376361616166313b3e3430 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=88
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jac=1&je=3332392624726d3f6c6f2e6377646a3f64663534623d363038303535636635656034323961616d646363353637323667633733303663363a3536323a61653b6632393f393434333336303a3133646630266578333d6c643638656637623237383a63643460353166623a66626562656733643761616363663339363632
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jac=1&je=3332392624726d3f6c6f2e6377646a3f64663534623d363038303535636635656034323961616d646363353637323667633733303663363a3536323a61653b6632393f393434333336303a3133646630266578333d6c643638656637623237383a63643460353166623a66626562656733643761616363663339363632
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jac=1&je=3332392624726d3f6c6f2e6377646a3f64663534623d363038303535636635656034323961616d646363353637323667633733303663363a3536323a61653b6632393f393434333336303a3133646630266578333d6c643638656637623237383a63643460353166623a66626562656733643761616363663339363632 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 7
Origin: https://content22.online.citi.com
Connection: keep-alive
Referer: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=892F918497D3F175EDF2F065753754B8?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:35 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Access-Control-Allow-Origin: https://content22.online.citi.com
Content-Type: text/javascript
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 7
Origin: https://content22.online.citi.com
Connection: keep-alive
Referer: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=A7C182827D811179AE2C83CB359AF4E1?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
Cookie: s_vi=[CS]v1|31A04452FB4C1F35-600004ECA70002F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C62449068483450838070420606296839161004; s_ecid=MCMID%7C62449068483450838070420606296839161004
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Fri, 07 Oct 2022 20:14:35 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Access-Control-Allow-Origin: https://content22.online.citi.com
Content-Type: text/javascript
www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
104.110.29.32200 OK 0 B URL HTTP/1.1 www.citi.com/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
IP 104.110.29.32:0
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff HTTP/1.1
Host: www.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplusvk.in
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff
Content-Length: 71874
Accept-Ranges: bytes
Access-Control-Allow-Headers: action,challengeType,accesstoken,appVersion,,Content-Type,sid,CCPToken,CFIToken,countryCode,businessCode,channelId,uuid,client_id,environmentId
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,HEAD
Access-Control-Expose-Headers: action,challengeType,bizToken,eventid,Eventid,Eventidexpirytime,eventidexpirytime,accesstoken,Authorization,sid,SessionId,CCPToken,CFIToken
Access-Control-Max-Age: 2147483647
Dclocation: GT1DMS
ETag: W/"118c2-1832c19c958"
Last-Modified: Sun, 11 Sep 2022 10:30:31 GMT
Nonce: 0709743870704434
Referrer-Policy: no-referrer
Scope: VISITOR
Sid: 098d4980-3dc3-48e2-a25c-6c769d9bf22b
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Uuid: 4af483e8-e607-410d-b9e9-551d446f0326
X-Content-Type-Options: nosniff
X-Vcap-Request-Id: b61c5aff-0824-449c-48d6-f99efa07db7a
X-Xss-Protection: 1 ; mode=block
X-Akamai-CITISITE: GTDC
Cache-Control: public, no-transform, max-age=21600
Expires: Sat, 08 Oct 2022 02:14:27 GMT
Date: Fri, 07 Oct 2022 20:14:27 GMT
Connection: keep-alive
Set-Cookie: AKMTLTSID=326B464F953EACA6AC67C3541661D7E2; path=/; domain=citi.com; secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://citimobile.citibankonline.com
acadplusvk.in/city.com/img/js(7)
119.18.52.62200 OK 0 B URL HTTP/1.1 acadplusvk.in/city.com/img/js(7)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(7) HTTP/1.1
Host: acadplusvk.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 20:14:26 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 103187
Keep-Alive: timeout=15
Connection: Keep-Alive
nexus.ensighten.com/citi/na_prod/code/51aba9f62787efbaa13e53a8d1ae3892.js?conditionId0=4827153
54.230.111.35200 OK 0 B URL HTTP/2 nexus.ensighten.com/citi/na_prod/code/51aba9f62787efbaa13e53a8d1ae3892.js?conditionId0=4827153
IP 54.230.111.35:0
GET /citi/na_prod/code/51aba9f62787efbaa13e53a8d1ae3892.js?conditionId0=4827153 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 22 Jul 2022 04:58:00 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 31 Aug 2021 17:19:04 GMT
etag: W/"4d37444c012a76a0557182615bf5cdd3"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: wbqnWd5jL63548esNkWLxT1ImQDA0TC0
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TR6w8XiUsSFZK3w6QffnqUcSDOX2HnaAugt9z11rwlzDGV7s1q3Ngw==
age: 6707791
X-Firefox-Spdy: h2
nexus.ensighten.com/citi/na_prod/code/af3b21070dd01ab22a4f331056324374.js?conditionId0=4897099
54.230.111.35200 OK 0 B URL HTTP/2 nexus.ensighten.com/citi/na_prod/code/af3b21070dd01ab22a4f331056324374.js?conditionId0=4897099
IP 54.230.111.35:0
GET /citi/na_prod/code/af3b21070dd01ab22a4f331056324374.js?conditionId0=4897099 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplusvk.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 16 Aug 2022 21:43:10 GMT
x-amz-replication-status: PENDING
last-modified: Tue, 16 Aug 2022 21:43:05 GMT
etag: W/"412eb38d6a797c24fd5d7e30e1b9799d"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: QTYOdEvDbSbtudwcv3X6K9qpVGIDVLJs
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7SvBYsV57oiaMCZ3xj2OSjKwSKczswWvmc05O41Lx2oetQV4IflVDA==
age: 4487482
X-Firefox-Spdy: h2