firefox.settings.services.mozilla.com/v1/
54.230.111.118200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: K6J73gKlGAOARO3oRvjEmLRvUV9LojlA0dJ-wd9G7NEMFTNKQYcO_g==
Age: 11240
acadplus.in/city.com/
119.18.52.62301 Moved Permanently 237 B IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 90fe368525f10759a4c911f5a5175c79
13f85dbac617962858ade58aee9519fbf964d1d5
92bb066955385f5288192b0ca66cbd1f8b01fc6757b4da147e49e56846e11350
Analyzer Verdict Alert openphish Generic/Spear Phishing
fortinet Phishing
GET /city.com/ HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 05 Oct 2022 18:54:37 GMT
Server: Apache
Location: https://acadplus.in/city.com/
Content-Length: 237
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5626
Expires: Wed, 05 Oct 2022 20:28:25 GMT
Date: Wed, 05 Oct 2022 18:54:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ab7d8709d334de0e46dcb86aabfbff1
f221138a8ad9d0bfa3c054370dcdb363a67dc310
b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7763
Expires: Wed, 05 Oct 2022 21:04:02 GMT
Date: Wed, 05 Oct 2022 18:54:39 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: NILnrWn2Ykl1cGppRHoFnXox5r3Ee0SOw/Jts5gCZ3z8mThPQK/DXiWgIuEHCFaQ71J06/H2VBk=
x-amz-request-id: YE5KPBHNYER3W4TY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 05 Oct 2022 17:58:23 GMT
age: 3376
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:54:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.118200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Wed, 05 Oct 2022 18:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 05 Oct 2022 18:46:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hn0IUwH-Daphoi_vWlSJo5GCWGLFTZPoJlGuwhuxSPf4KTx8Ns_bFA==
Age: 1506
acadplus.in/city.com/
119.18.52.62200 OK 53 kB IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (55779)
Hash 595fe907bc1dae1a9923bde5a202b1e9
55c670872571a4d970b0e846e8525be57c08231b
918b0e0f819455014c1bfec80ede5d2f60862f3d0e65b80ea10e98318ef3efc5
Analyzer Verdict Alert openphish Generic/Spear Phishing
fortinet Phishing
GET /city.com/ HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:37 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplus.in/city.com/img/js(1)
119.18.52.62200 OK 40 kB URL HTTP/1.1 acadplus.in/city.com/img/js(1)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Hash 3cfcb4d4c31a061960283514f90e5130
3ec4450227f130102a543cb0caadc66400a599bc
8cbdcfe372053681318359e27f8c9e0068b4bbfd33bef8f65edd61e408bd6eea
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(1) HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:38 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 39772
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplus.in/city.com/img/cool-2.1.15.min.js
119.18.52.62200 OK 5.2 kB URL HTTP/1.1 acadplus.in/city.com/img/cool-2.1.15.min.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type C source, ASCII text, with very long lines (585)
Hash a8a8316559534b9784a92826ab49b9f2
3836a3dbc421106117da4a97871aed09eedbdf0c
b11175156d2ff85a9f749c78ab961597cc0034db4df0295f2e57335e94f61b1e
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cool-2.1.15.min.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:38 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5197
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplus.in/city.com/img/tc.min.js
119.18.52.62200 OK 6.2 kB URL HTTP/1.1 acadplus.in/city.com/img/tc.min.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type C source, ASCII text, with very long lines (19497)
Hash a8f94d5105fd6d5fcbdb6435bab6ff43
e5bc21e369a0c149e12dcb854644568dd3963a11
dd136d20bbeb1aefa56500b77bb9008f9292677935bd59ffc5549a5b8e507600
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/tc.min.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:38 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6162
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4890
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:40 GMT
Last-Modified: Wed, 05 Oct 2022 17:33:10 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
acadplus.in/city.com/img/js(2)
119.18.52.62200 OK 40 kB URL HTTP/1.1 acadplus.in/city.com/img/js(2)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Hash 8c40befd946045cb6f5673c71f958f82
f5e93048f326cef620147131ea8d2d7cb010ebdd
cc856e7ee21af5e9bc49dc8c87e168711d0d6c92f94d68f902ca7becfc62a7e7
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(2) HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:38 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 39803
Keep-Alive: timeout=15
Connection: Keep-Alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 22f32e56d88950c28fd571b38e662c4a
ef88f732e7abbcd43b195d11f06290fdee585011
5465aab2394bec34632058e6a7a943e0028cf307dbdb1ed1a63d92983a351234
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4146
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:40 GMT
Last-Modified: Wed, 05 Oct 2022 17:45:34 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 22f32e56d88950c28fd571b38e662c4a
ef88f732e7abbcd43b195d11f06290fdee585011
5465aab2394bec34632058e6a7a943e0028cf307dbdb1ed1a63d92983a351234
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4146
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:40 GMT
Last-Modified: Wed, 05 Oct 2022 17:45:34 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 22f32e56d88950c28fd571b38e662c4a
ef88f732e7abbcd43b195d11f06290fdee585011
5465aab2394bec34632058e6a7a943e0028cf307dbdb1ed1a63d92983a351234
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4146
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:40 GMT
Last-Modified: Wed, 05 Oct 2022 17:45:34 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
acadplus.in/city.com/img/clarity.js
119.18.52.62200 OK 19 kB URL HTTP/1.1 acadplus.in/city.com/img/clarity.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (53819)
Hash 1df44579a11164ddfcdce4e95874010f
7f52b8ef17db7b67c3357274b8ba92f33b5679fb
b19f8a7d2025ca7994af38b345c9311d599d5483230f7bc400af1beefb30bf59
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/clarity.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:38 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 18821
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplus.in/city.com/img/f.txt
119.18.52.62200 OK 15 kB URL HTTP/1.1 acadplus.in/city.com/img/f.txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2165)
Hash 143a9342a09f8cafd071a4acd011ade6
828a2d4c58ea2847ef1bd595ac5193525c33f5db
96e8085b21c91627b12b2520b518314ff4609be36770c7868fe5b9f96b2e7abe
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f.txt HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:38 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 14886
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplus.in/city.com/img/js(5)
119.18.52.62200 OK 40 kB URL HTTP/1.1 acadplus.in/city.com/img/js(5)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Hash 857d4e7297f79dd15ddee9597aa86893
89c4888a0bf915c598b0a1efc2ce270221a5aaad
06605731a3dd6ff63a540296e67eaf6b4a328bffa68b2ce9817e3a4340babdc3
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(5) HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:38 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 39832
Keep-Alive: timeout=15
Connection: Keep-Alive
push.services.mozilla.com/
35.82.48.240101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.48.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: y/XnjtigSm+R4zYDwGZu9A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pNZm618y5OJ6eQC2/Y//1INTAhw=
acadplus.in/city.com/img/js(3)
119.18.52.62200 OK 40 kB URL HTTP/1.1 acadplus.in/city.com/img/js(3)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Hash 7f0e8e2e63c0c611fcec89ff2979c0f8
ab69e01a75b13c7ae863283ca37d65715488b322
a32fcbba5db0da7831bbaa0de685ab5380f861006c6cef50af5ef048f0422764
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(3) HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:38 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 39772
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplus.in/city.com/img/bat.js
119.18.52.62404 Not Found 36 B URL HTTP/1.1 acadplus.in/city.com/img/bat.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 6a83fd075b3bf9a252aec307795c05b4
993d53f565edcb12f46eaa6a9e8b4c1639ef7185
4722dc6df5613dc5eaf3fb32338c0aa8b2d4f811b926453790272c1a0a117e26
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/bat.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 18:54:38 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 36
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
acadplus.in/city.com/img/js
119.18.52.62200 OK 40 kB URL HTTP/1.1 acadplus.in/city.com/img/js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Hash 818f3b4b535225d162b570dc175fc722
dea13edf80fa27615383ed6ca066b0438989417f
2af3cd69b03ff143359a7ed1338a2e4a4666009f5f2f515509572434f6955de2
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:38 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 39776
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplus.in/city.com/img/js(6)
119.18.52.62200 OK 40 kB URL HTTP/1.1 acadplus.in/city.com/img/js(6)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Hash 35d2d6b80b6ffdca451312faac4f5a11
dc045da464500ec6e15dfc5e6663d8f8d4f9f405
169a66b2646a20fc1412b332e467d0ef06aaf1a72f3aaef4ab315376f2e36242
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(6) HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:38 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 39808
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplus.in/city.com/img/dpm_pixel_min.js
119.18.52.62200 OK 32 kB URL HTTP/1.1 acadplus.in/city.com/img/dpm_pixel_min.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (60150)
Hash a13c13bfc8e3a6eed56db40635dcfed8
8f7d95d999e8324bfa118d7a496df5f5f5c6e5f0
8e604cadc25d40a2ae050c1d6f15f273dd875f780411686b576284148cc697ad
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/dpm_pixel_min.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:38 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 31914
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplus.in/city.com/img/js(7)
119.18.52.62200 OK 40 kB URL HTTP/1.1 acadplus.in/city.com/img/js(7)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Hash 29b6798795bc812e566e7f3fa2e662c2
600ab77f6144c2acc49503d5567527b45a8cc9ae
23ef01d92372b4f054bb6c97211bd18ae7158e69953ffe28f8cc363deefd6a3c
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(7) HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:38 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 39802
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplus.in/city.com/img/js(8)
119.18.52.62200 OK 40 kB URL HTTP/1.1 acadplus.in/city.com/img/js(8)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1640)
Hash f63472c7dba48d843716502b2fe37503
ca23ebc513fd573036d6703c424866852c36fb9f
51f1f0c3f1dfbb2cb9a66c2295774f4519da9919886dca9400295153cd744a53
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(8) HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:38 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 39791
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplus.in/city.com/img/js(9)
119.18.52.62200 OK 36 kB URL HTTP/1.1 acadplus.in/city.com/img/js(9)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash b8ce9db51584537e2a3c24c4f122f6ef
e46d9a3cc46607f92955f6d0cc755e3792f74c0f
e854dbda156456eda3a2865be6d287bf3ef4d3ada5eeb21df5a493fbfe83d7a9
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(9) HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:38 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 36168
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplus.in/city.com/img/js(10)
119.18.52.62200 OK 36 kB URL HTTP/1.1 acadplus.in/city.com/img/js(10)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash 065a753713ea40b6327eef9130fb1758
471ce4504d91066d36532d5b83d0f37b14fccd47
3dfb7da8dd26b606200607b104f0f9afede1e2dfabaa181b70c4f340d1364371
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(10) HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:38 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 36167
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplus.in/city.com/img/js(11)
119.18.52.62200 OK 36 kB URL HTTP/1.1 acadplus.in/city.com/img/js(11)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash dde2d459eecdfb430afa144fdcfb9118
bee45ce32319dee3d8d092ca42d60c6f3bba823f
ed90984015bb009ffed394a032e68cd5fc3b6d8a867424ffdb3ca016e315ee54
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(11) HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 36164
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplus.in/city.com/img/js(12)
119.18.52.62200 OK 36 kB URL HTTP/1.1 acadplus.in/city.com/img/js(12)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash 170cdeb35b0c26ee3a74b8cdf22bf8e6
c4cb99e1cf3a8fa142a10e85f7fea547bb2a3014
199040c36390032d1747fbbadda30c211efd5ad870afea7056db590613581c01
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(12) HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 36166
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplus.in/city.com/img/js(13)
119.18.52.62200 OK 36 kB URL HTTP/1.1 acadplus.in/city.com/img/js(13)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash 356c054c8d28bc3e0b09a0c3a5c25e42
1991da15314fddbe19b46f077d5c7399933820b6
30ea83f9f2ce35112b57cab9b1baf62266c49609e34475a0287b0ac8ed84f49d
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(13) HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 36158
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplus.in/city.com/img/3fac67bbed26d3e121bb84cefe395515.js
119.18.52.62200 OK 894 B URL HTTP/1.1 acadplus.in/city.com/img/3fac67bbed26d3e121bb84cefe395515.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (518)
Hash 00a79177ffbf1161d3039c2f0f8541b6
4253bd5ea9a5bccd6f105677d90cbb77c3a2b139
feba39ed1bc19f5dc8733c76421db6294a9d9d868ca128551664fb623ba9c3d1
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/3fac67bbed26d3e121bb84cefe395515.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 894
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplus.in/city.com/img/js(14)
119.18.52.62200 OK 36 kB URL HTTP/1.1 acadplus.in/city.com/img/js(14)
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1567)
Hash 49cc4ebfd06b64d2a1a73f2e86ae2fa5
d5c0f254ce3e1d11d2d1b9ab74ea00ab3f6dbd7a
b7d90088f74158f27464ad2d793a80b9dde41765f00cb0408bf66a0e26d1cd1d
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/js(14) HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 36160
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplus.in/city.com/img/8e31a20960f50a1c34f7ccb1cd9737ec.js
119.18.52.62200 OK 250 B URL HTTP/1.1 acadplus.in/city.com/img/8e31a20960f50a1c34f7ccb1cd9737ec.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (340), with no line terminators
Hash 588fcac72b049bfc02ab7e13f3b8aad1
ba9f376b983c31182cbfe9685b384fcafeed1bbc
4b0345e4841f9aaa14740b503c5f41fae2c6d6f57ff96607ee77d4425e4b15f9
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/8e31a20960f50a1c34f7ccb1cd9737ec.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 250
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplus.in/city.com/img/d77cad342c2e126c752063748cd63d48.js
119.18.52.62200 OK 7.4 kB URL HTTP/1.1 acadplus.in/city.com/img/d77cad342c2e126c752063748cd63d48.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (571)
Hash 8d7d1a07a42f1829164c181a86d4a5ce
15df732664fc173a68e640a70be122a88d5ae64e
2225e983ca98645af9de8be31506fccdfdf8f68317bd6837bdd7b8ddec50ab55
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/d77cad342c2e126c752063748cd63d48.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7391
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplus.in/city.com/img/6c8ea0384518f24fa6367b97cbf3fd9d.js
119.18.52.62200 OK 36 kB URL HTTP/1.1 acadplus.in/city.com/img/6c8ea0384518f24fa6367b97cbf3fd9d.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (614)
Hash 75978b9a0d65859315b8804798e21d1b
bd5729b9691e7c0135272b3a7110296c79ef8638
155d20b32a7244c1e8544abb772cba5f797d6287f3b250aa7b20a199f5d5f3f7
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/6c8ea0384518f24fa6367b97cbf3fd9d.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 36095
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplus.in/city.com/img/51aba9f62787efbaa13e53a8d1ae3892.js
119.18.52.62200 OK 649 B URL HTTP/1.1 acadplus.in/city.com/img/51aba9f62787efbaa13e53a8d1ae3892.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (524)
Hash 980e52a2c9e28fdf32301b6716d81b73
4d161c3ab8796be6fcdf86d92ffce216acf5209c
2542302ed836267987c3491480930774754864cbd24cfd2b6c8684da02ea91b5
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/51aba9f62787efbaa13e53a8d1ae3892.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 649
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplus.in/city.com/img/9d552101ccdbc20ef239307e0ace1356.js
119.18.52.62200 OK 34 kB URL HTTP/1.1 acadplus.in/city.com/img/9d552101ccdbc20ef239307e0ace1356.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (573)
Hash bea764b82d812efd4dbf1a14c053bcf1
781b620451e19e8ed72b400f0e28af3ddbf43a44
3d4d45f928036ac102ef92f25607cac07ce29c7e39168466d31bf39e70d2fc11
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/9d552101ccdbc20ef239307e0ace1356.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 34355
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplus.in/city.com/img/96e0eb995483e83e7b3f71968eedeed1.js
119.18.52.62200 OK 122 kB URL HTTP/1.1 acadplus.in/city.com/img/96e0eb995483e83e7b3f71968eedeed1.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (965)
Size 122 kB (122344 bytes)
Hash ca6fd7e47ea777f9526a4ad8babe5d29
f618c7b67c26a3928ae4f09244ad1b82fce65a7f
dbeecb1f966b92798a152c6f918ad42cb67652f8ee6908f3c8f1f7ca4ee0eaa4
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/96e0eb995483e83e7b3f71968eedeed1.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 20d0fdb597d45a29946e5d6921b5edf9
793a46dcb175840f543dadaf9e59e517ef748940
1fa5ab5b7ff8858365f8886178e485659bdbcdbe3f7780e6008266b6609d69c9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 18:54:40 GMT
Last-Modified: Wed, 05 Oct 2022 17:27:05 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5PLXjCRkG_eyyzzczDMlBUPvsDRcpC0Krm8Nwt44bVX5slWaNW-D_Q==
Age: 5255
acadplus.in/city.com/img/d74f82b561a6aa5d9247eaf72394131a.js
119.18.52.62200 OK 663 B URL HTTP/1.1 acadplus.in/city.com/img/d74f82b561a6aa5d9247eaf72394131a.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (549)
Hash 6bde9e19d3aed7b919afc44ac0b8822e
7561ce9117a75bc19c10b06dea84636e6e3e5b9b
0bd0e1ec976540cbfafa53e7fa4e90041e747e456f01a4dd5165703c937ff9f1
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/d74f82b561a6aa5d9247eaf72394131a.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 663
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplus.in/city.com/img/557566dc60916e3de69e006bef252459.js
119.18.52.62200 OK 763 B URL HTTP/1.1 acadplus.in/city.com/img/557566dc60916e3de69e006bef252459.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1964)
Hash 317da12924228063a155ef6c18f54170
fecd1e51b4925ccda28b428e512ef25cb65b34ea
2ef1ab0033be93a4c92819bf929938a96738d6ee544bc5b4bdd9fe6eb4aa00ae
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/557566dc60916e3de69e006bef252459.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 763
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplus.in/city.com/img/42d4d669434e7d621371bd59ca097dbf.js
119.18.52.62200 OK 1.6 kB URL HTTP/1.1 acadplus.in/city.com/img/42d4d669434e7d621371bd59ca097dbf.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (532)
Hash 230475f73e9749be49930b65b85a6301
c9b51ddb3463ddaee285e45d202114135045ce33
1fee4765de2c66c0bfde9bbbfa65b24fc5996373d7c7791c6337eabeb1f141fb
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/42d4d669434e7d621371bd59ca097dbf.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1570
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplus.in/city.com/img/d90ce1a791ada193ee0ca4e9ce66632d.js
119.18.52.62200 OK 1.2 kB URL HTTP/1.1 acadplus.in/city.com/img/d90ce1a791ada193ee0ca4e9ce66632d.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1194)
Hash ea5eebc93c345cb7ecd508f205e7c399
45eefd66ad099e29c4ebde526de527408a8fb966
64feb844f72ea374cf5addb837ded6badd366b847ab7523b809f4a3903c14aeb
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/d90ce1a791ada193ee0ca4e9ce66632d.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1200
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
52.22.42.247200 OK 0 B URL HTTP/2 p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
IP 52.22.42.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: p.tvpixel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://acadplus.in/
Origin: https://acadplus.in
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:54:40 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://acadplus.in
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
X-Firefox-Spdy: h2
acadplus.in/city.com/img/fdf45a7c15c1cee06bb71e10dac4e26e.js
119.18.52.62200 OK 548 B URL HTTP/1.1 acadplus.in/city.com/img/fdf45a7c15c1cee06bb71e10dac4e26e.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (524)
Hash 38e6a3a3c9a5b9bdbf4c2afa815a0eab
e59ec1f408515c29253192f01d6c445152ed6c7e
44f8d4a027af822df7160def12841736ccb9b39e6431121acae31a8713baf045
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/fdf45a7c15c1cee06bb71e10dac4e26e.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 548
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplus.in/city.com/img/serverComponent.php
119.18.52.62200 OK 751 B URL HTTP/1.1 acadplus.in/city.com/img/serverComponent.php
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2006)
Hash 2569922762a2f5f19123e851e6768d54
b9beebfb91cacd70b63bdc3e105cbd583781f025
98d353b6f63d91a83a3278f8b1db1aebf1c007b15702b90bc5e2a018b6ea3b11
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/serverComponent.php HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 751
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
52.22.42.247200 OK 2 B URL HTTP/2 p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
IP 52.22.42.247:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: p.tvpixel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1596
Origin: https://acadplus.in
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:54:41 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=eff2603b-26bb-4803-9b99-17969265b60a; Expires=Thu, 05 Oct 2023 18:54:41 GMT; Domain=tvpixel.com; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://acadplus.in
access-control-allow-credentials: true
X-Firefox-Spdy: h2
acadplus.in/city.com/img/tagging.min.js
119.18.52.62200 OK 11 kB URL HTTP/1.1 acadplus.in/city.com/img/tagging.min.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (45425), with no line terminators
Hash 88e1054ab6d33e9defe7ec049eb50ba5
1e2712fbcea34c4a4dc6f3a7e38ee72011a336d3
8831d2aa2ab752f277b9c61258b5506bf6ec53b814d9ca88a0d3611709f5eefe
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/tagging.min.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 10566
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplus.in/city.com/img/banner.min.js
119.18.52.62200 OK 4.8 kB URL HTTP/1.1 acadplus.in/city.com/img/banner.min.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15581), with no line terminators
Hash e9b433ff656ba0687ad16bc9071a2a75
2d5a95f59a8c8087e6a2522166db8a16825736ef
5bc864b5da90ce783d3ef0e8d4d0a255966ee1f49671eb157c8d119c5050e186
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/banner.min.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4812
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplus.in/city.com/img/Bootstrap.js
119.18.52.62200 OK 71 kB URL HTTP/1.1 acadplus.in/city.com/img/Bootstrap.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (579)
Hash 6bccff550405fb6227bfa9ed1608f587
1259a5bee3ea2b7b72a2544ea1a8b3ff8da94903
4fbd3bd4726ed8c43b1ee693cd143fb519957b0f7a768e1f9cc2b25fd0de28e0
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/Bootstrap.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
acadplus.in/city.com/img/tags.js
119.18.52.62200 OK 10 kB URL HTTP/1.1 acadplus.in/city.com/img/tags.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15031)
Hash 20fa0088d5e956d4edd38c48b886250e
83e6de0d6037c47f8bcff13dbf54f367991a5758
07e3fa4428d9e7cc2a2822f32875c4bcde1153103d95c417800650361e3d57dc
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/tags.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 10167
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplus.in/city.com/img/6c8322c7341eac98645c10e3d1d3c7ae.js
119.18.52.62200 OK 132 kB URL HTTP/1.1 acadplus.in/city.com/img/6c8322c7341eac98645c10e3d1d3c7ae.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65536), with no line terminators
Size 132 kB (132096 bytes)
Hash ec3c4e913e701ffdaa2d4e61b8b304cf
58af6e6c4e4fff4f255d07bee570dd41693b9503
9ffd12a29bf91c2b40ac4278387eef088db320756d3b32c5f42f9571e9c0130c
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/6c8322c7341eac98645c10e3d1d3c7ae.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
acadplus.in/city.com/img/logo.js
119.18.52.62404 Not Found 36 B URL HTTP/1.1 acadplus.in/city.com/img/logo.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 6a83fd075b3bf9a252aec307795c05b4
993d53f565edcb12f46eaa6a9e8b4c1639ef7185
4722dc6df5613dc5eaf3fb32338c0aa8b2d4f811b926453790272c1a0a117e26
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/logo.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 36
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
acadplus.in/city.com/img/tags.js(1).download
119.18.52.62200 OK 10 kB URL HTTP/1.1 acadplus.in/city.com/img/tags.js(1).download
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15031)
Hash 9344751b4386fd87e022144f77a7bd32
dae8b3b9127de7f79e97cafa4d6620f5a67d2ce2
b7f03292fd5b6ed9fdbd79fc3056e20e875afc354d1eff2c67d0e6e2f5011068
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/tags.js(1).download HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 10309
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplus.in/city.com/img/styles.a4a9307b7b034ca614a7.css
119.18.52.62200 OK 152 kB URL HTTP/1.1 acadplus.in/city.com/img/styles.a4a9307b7b034ca614a7.css
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (65017), with no line terminators
Size 152 kB (152500 bytes)
Hash 6fec417a3d17d627dafe4bfb42b6adc9
0163fedbe38e00a72062ec026dc716ad4ebf4cb2
d0f49e8a512369a4642d0ee74c29902e6978f26326f5c5be219d8d759640ec86
GET /city.com/img/styles.a4a9307b7b034ca614a7.css HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
acadplus.in/city.com/img/cedric.js
119.18.52.62200 OK 115 kB URL HTTP/1.1 acadplus.in/city.com/img/cedric.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (63761)
Size 115 kB (114803 bytes)
Hash 0aee8b9a53e8c5dbcb2f7f6be4d13c0c
47312dabe77080b429e40d1edc7769479739d800
5fc5c3425a87a1f8c42d4c94be3e89d176389a47af2a4b146666bf7ff613feae
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cedric.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
acadplus.in/city.com/img/tags.js(2).download
119.18.52.62200 OK 10 kB URL HTTP/1.1 acadplus.in/city.com/img/tags.js(2).download
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15031)
Hash 6f22c0c80d0c42eeee7424b9d4cdffc1
b3029fc60b60c5fd33d594ebb5ed4554a4880f8c
3fc593067a4ca69323a48a306be9d0db386beff589b0c6dbf663d65e772b770c
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/tags.js(2).download HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 10371
Keep-Alive: timeout=15
Connection: Keep-Alive
acadplus.in/city.com/img/embed.js
119.18.52.62200 OK 676 B URL HTTP/1.1 acadplus.in/city.com/img/embed.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (449)
Hash 89c3892e6759fce75721ce954f3c35e5
b6c68164536f402b6440b20e98649bbee3a251f1
fc5ee98ac49e747826400feb07739cd07f96784fe6ee250a59d43900e1c271cb
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/embed.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 676
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplus.in/city.com/img/1-es2015.e6099f56b51f44414444.js
119.18.52.62200 OK 110 kB URL HTTP/1.1 acadplus.in/city.com/img/1-es2015.e6099f56b51f44414444.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65536), with no line terminators
Size 110 kB (109789 bytes)
Hash 49ccd713648338622978d8b39faf97e4
03a005976de4d0b377d6548004fd46c48d3b4e34
5d0fe77c4ca3fade748fe4cdcd6ddeaa56cf3b136aa938019b34495b516616d0
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/1-es2015.e6099f56b51f44414444.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
acadplus.in/city.com/img/16003743.js
119.18.52.62200 OK 0 B URL HTTP/1.1 acadplus.in/city.com/img/16003743.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/16003743.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 0
Vary: User-Agent
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
acadplus.in/city.com/img/f(1).txt
119.18.52.62200 OK 1.0 kB URL HTTP/1.1 acadplus.in/city.com/img/f(1).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1707), with no line terminators
Hash 4f74d4e7894f6e9a5e8bb6972a2de856
670b5b0169a48169a0ebd5fd4b7fb99ac53dcde5
d170df1f45194591e6ec394653f027be2645be51caceb2a2407507886c8aad81
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(1).txt HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1033
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplus.in/city.com/img/16001692.js
119.18.52.62200 OK 435 B URL HTTP/1.1 acadplus.in/city.com/img/16001692.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (683), with CRLF line terminators
Hash b52fff442612ca5cb4421d120c836e08
7af38d2d4c808da1152ccb57f5ac7d0680165a4a
815e408d62635cf226ee1002238ef4d978c0afe9c22da9fda94816a082e27f53
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/16001692.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 435
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 14abd2aa622a0b3ba503c59896605468
52e77d9707d170eddd54d4992a3cdf737755ce6c
4be2b33d74fdbbc01e1e1ef6cbf28f338b00ca9863932351c2762f71eaa7a5cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3187
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:41 GMT
Last-Modified: Wed, 05 Oct 2022 18:01:34 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6602
Expires: Wed, 05 Oct 2022 20:44:43 GMT
Date: Wed, 05 Oct 2022 18:54:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6602
Expires: Wed, 05 Oct 2022 20:44:43 GMT
Date: Wed, 05 Oct 2022 18:54:41 GMT
Connection: keep-alive
acadplus.in/city.com/img/f(2).txt
119.18.52.62200 OK 1.0 kB URL HTTP/1.1 acadplus.in/city.com/img/f(2).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash dbc4b7b5fd5ae97be6b6680a68bac057
2c5aa0b08c06a35bbdee0f9d667b6e6022619f06
376dd3ebfa1791363def7ec1870bff17a4e9395fadbf1f06106d31c9b117383c
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(2).txt HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1029
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6602
Expires: Wed, 05 Oct 2022 20:44:43 GMT
Date: Wed, 05 Oct 2022 18:54:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6602
Expires: Wed, 05 Oct 2022 20:44:43 GMT
Date: Wed, 05 Oct 2022 18:54:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1de7c17a0ba9295135e7f8b490b6a8d3
70e8d1589f3daf71378965dd197934e220fb6aa4
ee559ce3166479e2b930be7d18525f5c2d164aed8ca005302ddaf3bfe37eec24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8926
x-amzn-requestid: 27fc8976-af8d-40a3-b701-0642fa135ec4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1GSbIAMFTiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4d4c7837576e0fdb5828fe3b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzVofPSJC-YVU1Q1V9AnjNeQTa1BQEh6ZiH2HjSeeX5RygysFP7oAA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:43:25 GMT
age: 76276
etag: "70e8d1589f3daf71378965dd197934e220fb6aa4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aeOU8fGkf5uHuYZ79k17EzxiFnwm0_z7SeZJElgwECzRyhR2N_SYJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:06:09 GMT
age: 53312
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3257b782efae9b64e6e18a547866ec50
4daf0c001e86af8477fb097e8ca932edb8e5f981
899f9692e86405aa288d88dd285a6fe26bedab1a2ca4693212476063890b01a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5832
x-amzn-requestid: c4427edd-3d71-47d0-a2d3-b3bfed089535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1FuUoAMFhBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-46ddff150da4141d23fc0d8a;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iR82CJ6A06dpqy_nm6JrmjeUJT-uhI5rr0dr6ZnhrQQo9Jqxh10qRQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:43:43 GMT
age: 76258
etag: "4daf0c001e86af8477fb097e8ca932edb8e5f981"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d7d7df8d4c440f9db445c3d99e818d6
612b6dbd4ba895c167964ff7e6d9263013b52b0a
bf527a814c78f9e010cce4ba593c9146d54a2137d1f147f7a6250fbad81956ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3585
x-amzn-requestid: 43c510d4-d87c-4665-a132-d798b836d415
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaJbLHEOoAMFfxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a55e0-614faff31425ff183b7ca4dd;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:24:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d1LCc44Gj_0Je8adu7Iv3I9MwkaDPgWqlNHI96UAtZub22l210J65A==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:53:07 GMT
age: 50494
etag: "612b6dbd4ba895c167964ff7e6d9263013b52b0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 100559d746bedd7c3802661c875c35ee
5261a6c2ee6d6cc87e91ee82e32d8be234db393e
ff06f31267ddcc9a0d84ddc68932872bfed29d072783c3a1dd3790d41c280aec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8816
x-amzn-requestid: b9f3ec8a-f478-4405-b275-e21f2d7d89d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKK7gFPJIAMF-7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f1e3-250348e6140f3c74762263ea;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:04:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8f83Wv7OrO7NOd1y1LXjfphRmJjdwrkcAxrxUN4A4qSgsEzIQMq81g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 22:38:40 GMT
age: 72961
etag: "5261a6c2ee6d6cc87e91ee82e32d8be234db393e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
acadplus.in/city.com/img/f(3).txt
119.18.52.62200 OK 1.0 kB URL HTTP/1.1 acadplus.in/city.com/img/f(3).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash e6bb6c7134f032b8832e06f8ca34671d
f3115032259f52fca13cc557da48682fb47df48c
351931952c69a2387a9c1f2c571a99af29efb9c543d729105b1e362803119380
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(3).txt HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:39 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1029
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 229c99cfb655a8c9f1a22de69fdff73c
6b5db8fbfb56f083d54b13e7660d0e4bc866aa00
f4099e9153c3dc481add95b0f24dbb8f6d65cc74ad5631d9cb6c6f2a0351843d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7021
x-amzn-requestid: 2e30bdac-360e-4d0a-8bb7-c3144e074abe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8ucHb1oAMFjYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7f5-18ba6bc50cb32b1e14c882bd;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: UPEhTwAYEIRy-Cnb0ITefEotLyg3rFe_NaGy92xwWe_7hrdo6UQLwQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:56:53 GMT
age: 75468
etag: "6b5db8fbfb56f083d54b13e7660d0e4bc866aa00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1664996081383
52.49.126.217302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1664996081383
IP 52.49.126.217:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1664996081383 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://acadplus.in
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://acadplus.in
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v044-027b6770c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1664996081383
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=39253062972723882083275351779278946187; Max-Age=15552000; Expires=Mon, 03 Apr 2023 18:54:41 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: qCncoJpsRvw=
Content-Length: 0
Connection: keep-alive
acadplus.in/city.com/img/f(4).txt
119.18.52.62200 OK 1.0 kB URL HTTP/1.1 acadplus.in/city.com/img/f(4).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash c671c874c379aa20886bb407dc3ed02d
4d9871480b56ff84625bea6fd18a4b41d15a1317
c4b15f8a829e17033fcb0f636684bda313321d63b1422b80bac65612e4ac3ac4
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(4).txt HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1028
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplus.in/city.com/img/f(5).txt
119.18.52.62200 OK 1.0 kB URL HTTP/1.1 acadplus.in/city.com/img/f(5).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash 2fad7d3a36c3cdb2bddb79302907d36d
59d3adf7aff60daebb3df7d2843fa34f615a9d9b
9a864c6dca0a20d38c7882125d8e99dcc8fb3c777c0b09daffce936d6f40dc46
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(5).txt HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1028
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1664996081383
52.49.126.217200 OK 124 B URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1664996081383
IP 52.49.126.217:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
GET /id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&ts=1664996081383 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplus.in
Content-Type: application/x-www-form-urlencoded
Referer: https://acadplus.in/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://acadplus.in
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v044-066fbe967.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: 20AkIpDUR9k=
Content-Length: 124
Connection: keep-alive
acadplus.in/city.com/img/f(6).txt
119.18.52.62200 OK 1.0 kB URL HTTP/1.1 acadplus.in/city.com/img/f(6).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash a80de54c80ad3681234349c17b60fb97
c915a16d75f628a27f5103f54074e89b1c22e517
05110e11f13f21ad8c5fc914be1c38d2a087873e9668de6b7c16e162ec5f1597
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(6).txt HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1029
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplus.in/city.com/img/f(7).txt
119.18.52.62200 OK 1.0 kB URL HTTP/1.1 acadplus.in/city.com/img/f(7).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1706), with no line terminators
Hash 857305e1625df88982ee173b3c5a59dc
c3a2c95afb3f45b6c1fe0913398449a33c7a00fb
113c6a2f238ba25b581d70f93ea0de4ac2613816f8520e83838d2b7e0b34e73f
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(7).txt HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1040
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplus.in/city.com/img/f(8).txt
119.18.52.62200 OK 1.0 kB URL HTTP/1.1 acadplus.in/city.com/img/f(8).txt
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1687), with no line terminators
Hash fb91fc2bad1c3ec132eb6d3f3c841279
f69b2c2cb6975671b36ae0640a2a4500719bcb1f
b7f269982fad22d55914c1820e4c47079cdfdb26f2898c350a83002bd2a22f6a
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/f(8).txt HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1030
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain
acadplus.in/city.com/img/bat.js
119.18.52.62404 Not Found 36 B URL HTTP/1.1 acadplus.in/city.com/img/bat.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 6a83fd075b3bf9a252aec307795c05b4
993d53f565edcb12f46eaa6a9e8b4c1639ef7185
4722dc6df5613dc5eaf3fb32338c0aa8b2d4f811b926453790272c1a0a117e26
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/bat.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 36
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
acadplus.in/city.com/img/logo.js
119.18.52.62404 Not Found 36 B URL HTTP/1.1 acadplus.in/city.com/img/logo.js
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 6a83fd075b3bf9a252aec307795c05b4
993d53f565edcb12f46eaa6a9e8b4c1639ef7185
4722dc6df5613dc5eaf3fb32338c0aa8b2d4f811b926453790272c1a0a117e26
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/logo.js HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Cookie: _dpm_ses.b4c6=*; _dpm_id.b4c6=c61d2778-9d0a-4f1c-b43b-c8fb304522c8.1664996081.1.1664996081.1664996081.b20398ff-f98d-4f97-adad-099fa3ec40d5; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19271%7CvVersion%7C3.1.2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 36
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c51a7c6d1b88065632388e210f5869e
3910673df071ed5355282637d657ce6c75323eab
31e9e2084b623baf67fdd5c4f9dd8313baa9114b9775c17e20086c4b34dd8559
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1583
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:41 GMT
Last-Modified: Wed, 05 Oct 2022 18:28:18 GMT
Server: ECS (amb/6BBE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0de7e6c3e93ab342a5ec2e6fd2cef190
5e4e2ee6165abc28ea211334b688ac8178802fa3
e3a7930a339c03fd37e7795f12140d63a61f501f7c4d0074191ff7c491a41470
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3736
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:41 GMT
Last-Modified: Wed, 05 Oct 2022 17:52:25 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
acadplus.in/city.com/img/social-media_facebook@3x.png
119.18.52.62200 OK 445 B URL HTTP/1.1 acadplus.in/city.com/img/social-media_facebook@3x.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 27 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f627e41e84a3b87f57c9de2e3a722d0
a7d350d9d267149f60b46a454f021920f89df877
695788dc05d94be3b32060ffea15c1a4d74897bd32e5da7811e7ca76d82fc86b
GET /city.com/img/social-media_facebook@3x.png HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 445
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplus.in/city.com/img/social-media_youtube@3x.png
119.18.52.62200 OK 1.2 kB URL HTTP/1.1 acadplus.in/city.com/img/social-media_youtube@3x.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 72 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 3541c5442b1b90b4efe20ab4b2802323
ad778d35efc7b9950d2158d800b61966204b75d8
be9b5382b4526ffd3306d0292122ce3599123f1cd543f52f3035b4f24fbf9de8
GET /city.com/img/social-media_youtube@3x.png HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1175
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplus.in/city.com/img/social-media_twitter@3x.png
119.18.52.62200 OK 1.3 kB URL HTTP/1.1 acadplus.in/city.com/img/social-media_twitter@3x.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 66 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 60b0fec951727b4762fabc2570a1317f
56f9ed9699233f4cef1317a9a2c83179070b5e8a
5394d11ec8ad7a5494bcdb65cd95f885388532e14fb45a747e249112389bd837
GET /city.com/img/social-media_twitter@3x.png HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1277
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplus.in/city.com/img/appStore@3x.png
119.18.52.62200 OK 20 kB URL HTTP/1.1 acadplus.in/city.com/img/appStore@3x.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 351 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash d461f4d2e32e339372869b3f4be72007
d8e3a847a7d18c3948617f75622f6cd27bd4cd54
87c763c6b05015e55915d0a1e6647e4e5d0b996e78d79e1afe228dd33b68e65b
GET /city.com/img/appStore@3x.png HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 20047
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
metrics1.citi.com/id?d_visid_ver=3.1.2&d_fieldgroup=MC&mcorgid=61834D9B5228A7430A490D45%40AdobeOrg&ts=1664996081614
15.236.176.210200 OK 89 B URL HTTP/2 metrics1.citi.com/id?d_visid_ver=3.1.2&d_fieldgroup=MC&mcorgid=61834D9B5228A7430A490D45%40AdobeOrg&ts=1664996081614
IP 15.236.176.210:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d6285d1d42587c4673991251b0e19ae0
250e984a46ba2334be6ff3802ce52990d23a2b03
d2bd66400e06d39d1e31f49657efbe66da386a1552c07700f4428ef30a2d73df
GET /id?d_visid_ver=3.1.2&d_fieldgroup=MC&mcorgid=61834D9B5228A7430A490D45%40AdobeOrg&ts=1664996081614 HTTP/1.1
Host: metrics1.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://acadplus.in
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://acadplus.in
access-control-allow-credentials: true
date: Wed, 05 Oct 2022 18:54:41 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; Path=/; Domain=citi.com; Max-Age=63072000; Expires=Fri, 04 Oct 2024 18:54:54 GMT; SameSite=None; Secure
AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; Path=/; Domain=citi.com; Max-Age=63072000; Expires=Fri, 04 Oct 2024 18:54:54 GMT; SameSite=None; Secure
s_ecid=MCMID%7C76270789850655157011331792400302488566; Path=/; Domain=citi.com; Max-Age=63072000; Expires=Fri, 04 Oct 2024 18:54:54 GMT; SameSite=None; Secure
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 89
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
acadplus.in/city.com/img/citilogoredesign.png
119.18.52.62200 OK 1.8 kB URL HTTP/1.1 acadplus.in/city.com/img/citilogoredesign.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 89 x 89, 8-bit/color RGBA, non-interlaced\012- data
Hash b8c9db53b866a0120618cd396e1513f1
5cfe9732c78e4eb7365681834cdd682b977a0232
102503acef6077fcf8e42a856fb4904fcd74224a32d5d8efcd13236ac6309fed
GET /city.com/img/citilogoredesign.png HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 1799
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplus.in/city.com/img/050-location@2x.svg
119.18.52.62200 OK 758 B URL HTTP/1.1 acadplus.in/city.com/img/050-location@2x.svg
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (785)
Hash 2b7cfe76b3d07bceb495d2dcc63dafa3
dd9a3e5c21135454fb20655caf55b7269a06a579
b1fff2f946232e402a12ac7b4f262d09a3268446dbb829ffc6a22eb89dd3360f
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/050-location@2x.svg HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 758
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/svg+xml
acadplus.in/city.com/img/icon_globe_med-grey@2x.svg
119.18.52.62200 OK 1.4 kB URL HTTP/1.1 acadplus.in/city.com/img/icon_globe_med-grey@2x.svg
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (2189)
Hash ebcbe76ba2da728d84c6a76b3541919d
cacffc8e5130f938cc86399ba1b9fe379ba65b3b
a2f31bb6f70cfc842d1e8d3709aac9a8dd58fc4adebdc4cd2556051eb49d2bd8
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/icon_globe_med-grey@2x.svg HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1419
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/svg+xml
acadplus.in/city.com/img/EqualHousing.png
119.18.52.62200 OK 1.6 kB URL HTTP/1.1 acadplus.in/city.com/img/EqualHousing.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 29 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash 83a5bb8d054fc7b4adab0615c487dc25
8a26d8e39da754c8f63d2a3122ed87a6e4a7f369
f23485e8b9c368f28f18a0bb110573df79c00ac3a2ca71d68017db100207639d
GET /city.com/img/EqualHousing.png HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 1606
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplus.in/city.com/img/googlePlay@3x.png
119.18.52.62200 OK 25 kB URL HTTP/1.1 acadplus.in/city.com/img/googlePlay@3x.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 390 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 27b0482f8ebba1e3cc92d2eee497497e
379e9e2ed883250c02736c151a47d38248285572
a079bb0d5590826bcc664715122004dff51e76c79608bc29f586c9388b623b77
GET /city.com/img/googlePlay@3x.png HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 25077
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
online.citi.com/nga-lite-signon/LSO_4959.jpg
23.13.42.166200 OK 108 kB URL HTTP/2 online.citi.com/nga-lite-signon/LSO_4959.jpg
IP 23.13.42.166:0
File type JPEG image data, progressive, precision 8, 2160x600, components 3\012- data
Size 108 kB (108233 bytes)
Hash 7dd9aa1bc81d1bf0e77e3e08de814096
0e251835579aa147fd88c76b85b74359856c6de9
dbdebfcc2ed9932006edcfc7f8190ca5c9a04ff737e990645712ccc33e5ce070
GET /nga-lite-signon/LSO_4959.jpg HTTP/1.1
Host: online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 13:54:04 GMT
accept-ranges: bytes
content-length: 108233
x-akamai-citisite: SWDC
strict-transport-security: max-age=300
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV OUR NOR STP UNIo NAV STA PREi TAI"
content-type: image/jpeg
date: Wed, 05 Oct 2022 18:54:41 GMT
set-cookie: AKMTLTSID=03F668BF858D0C9587BAD900C9AD9C36; path=/; domain=citi.com; secure
x-webkit-csp: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
x-content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
content-security-policy: frame-ancestors https://*.citi.com https://*.citigroup.net https://*.nsroot.net
X-Firefox-Spdy: h2
acadplus.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplus.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.woff HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Cookie: _dpm_ses.b4c6=*; _dpm_id.b4c6=c61d2778-9d0a-4f1c-b43b-c8fb304522c8.1664996081.1.1664996081.1664996081.b20398ff-f98d-4f97-adad-099fa3ec40d5; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19271%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1664996081754-58231D4C-B2F3-4492-AE94-6F74CD06A761
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplus.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplus.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.woff HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Cookie: _dpm_ses.b4c6=*; _dpm_id.b4c6=c61d2778-9d0a-4f1c-b43b-c8fb304522c8.1664996081.1.1664996081.1664996081.b20398ff-f98d-4f97-adad-099fa3ec40d5; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19271%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1664996081754-58231D4C-B2F3-4492-AE94-6F74CD06A761
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplus.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplus.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplus.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.b4c6=*; _dpm_id.b4c6=c61d2778-9d0a-4f1c-b43b-c8fb304522c8.1664996081.1.1664996081.1664996081.b20398ff-f98d-4f97-adad-099fa3ec40d5; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19271%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1664996081754-58231D4C-B2F3-4492-AE94-6F74CD06A761
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplus.in/cbol-pre-login-static-assets/assets/partner-login/qr/images/qrsignon-1.png
119.18.52.62404 Not Found 36 B URL HTTP/1.1 acadplus.in/cbol-pre-login-static-assets/assets/partner-login/qr/images/qrsignon-1.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 6a83fd075b3bf9a252aec307795c05b4
993d53f565edcb12f46eaa6a9e8b4c1639ef7185
4722dc6df5613dc5eaf3fb32338c0aa8b2d4f811b926453790272c1a0a117e26
GET /cbol-pre-login-static-assets/assets/partner-login/qr/images/qrsignon-1.png HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Cookie: _dpm_ses.b4c6=*; _dpm_id.b4c6=c61d2778-9d0a-4f1c-b43b-c8fb304522c8.1664996081.1.1664996081.1664996081.b20398ff-f98d-4f97-adad-099fa3ec40d5; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19271%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1664996081754-58231D4C-B2F3-4492-AE94-6F74CD06A761
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 36
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
acadplus.in/city.com/img/phone.png
119.18.52.62200 OK 9.9 kB URL HTTP/1.1 acadplus.in/city.com/img/phone.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 396 x 270, 8-bit/color RGBA, non-interlaced\012- data
Hash 448436abd4bc903abc9a9c53cdd2fe5e
1f3731747ded20c04b25009d3a570d1164ddf1ed
5df469ee4da2bc124065cb8df0e24173c5cbc8b9e0c807960fc39c93ffb640c8
GET /city.com/img/phone.png HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 9873
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplus.in/city.com/img/qrsignon.png
119.18.52.62200 OK 741 B URL HTTP/1.1 acadplus.in/city.com/img/qrsignon.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash a5ee9c25c190474a2efe66a609a2ca19
890832b6a7115abd51f480dce8e74206f06a428a
dc876f814074650acde84db7a7f34c583f043b83130e5de49de65f18d1ee2683
GET /city.com/img/qrsignon.png HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 741
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplus.in/city.com/img/laptop-and-phone-success.png
119.18.52.62200 OK 2.5 kB URL HTTP/1.1 acadplus.in/city.com/img/laptop-and-phone-success.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 132 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash d63ac8356aa91fa9f070d79dadaed88f
7990f46b70c992de92c29e2361ddf9f0bf369869
e5c725c5a6510cd7323ff66fa032e69cfe7aec1dd042911cae0607d071670eec
GET /city.com/img/laptop-and-phone-success.png HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:26 GMT
Accept-Ranges: bytes
Content-Length: 2544
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplus.in/city.com/img/laptop-and-phone-pairing.png
119.18.52.62200 OK 3.0 kB URL HTTP/1.1 acadplus.in/city.com/img/laptop-and-phone-pairing.png
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 132 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash b046a1c58205ebfbee7886df2de485b5
05a4dd6b988a6c55afa3225780e341e5db52a787
a9a43473908fb995ecdc6bd80d80fd42d3e43bf31687aff0978d7389de2573aa
GET /city.com/img/laptop-and-phone-pairing.png HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 11:08:28 GMT
Accept-Ranges: bytes
Content-Length: 3044
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: image/png
acadplus.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf
119.18.52.62404 Not Found 36 B URL HTTP/1.1 acadplus.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 6a83fd075b3bf9a252aec307795c05b4
993d53f565edcb12f46eaa6a9e8b4c1639ef7185
4722dc6df5613dc5eaf3fb32338c0aa8b2d4f811b926453790272c1a0a117e26
Analyzer Verdict Alert fortinet Phishing
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Bold.ttf HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Cookie: _dpm_ses.b4c6=*; _dpm_id.b4c6=c61d2778-9d0a-4f1c-b43b-c8fb304522c8.1664996081.1.1664996081.1664996081.b20398ff-f98d-4f97-adad-099fa3ec40d5; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19271%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1664996081754-58231D4C-B2F3-4492-AE94-6F74CD06A761
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 36
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&d_mid=76270789850655157011331792400302488566&d_cid_ic=AVID%01319EE9789E6317CF-60000AE4A071E2F9&ts=1664996082117
52.49.126.217200 OK 300 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&d_mid=76270789850655157011331792400302488566&d_cid_ic=AVID%01319EE9789E6317CF-60000AE4A071E2F9&ts=1664996082117
IP 52.49.126.217:0
File type JSON data\012- , ASCII text, with very long lines (358), with no line terminators
Hash 887130f7e6712bf21b4c2a39683788a1
f1ee38397dc343ef9698375e698826a77ccbbfb0
23c96e5bccf5046bb752a8ef35b58d72da8479675dda87981a11e01f0446b2ef
GET /id?d_visid_ver=3.1.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=61834D9B5228A7430A490D45%40AdobeOrg&d_nsid=0&d_mid=76270789850655157011331792400302488566&d_cid_ic=AVID%01319EE9789E6317CF-60000AE4A071E2F9&ts=1664996082117 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://acadplus.in
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://acadplus.in
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcscanary-prod-irl1-1-v051-0d443fb62.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=69522316285711122142006600029372023381; Max-Age=15552000; Expires=Mon, 03 Apr 2023 18:54:42 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: hl9ri2DEQts=
Content-Length: 300
Connection: keep-alive
acadplus.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf
119.18.52.62404 Not Found 36 B URL HTTP/1.1 acadplus.in/cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 6a83fd075b3bf9a252aec307795c05b4
993d53f565edcb12f46eaa6a9e8b4c1639ef7185
4722dc6df5613dc5eaf3fb32338c0aa8b2d4f811b926453790272c1a0a117e26
Analyzer Verdict Alert fortinet Phishing
GET /cbol-pre-login-static-assets/commonui-assets/fonts/interstate/Interstate-Light.ttf HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/
Cookie: _dpm_ses.b4c6=*; _dpm_id.b4c6=c61d2778-9d0a-4f1c-b43b-c8fb304522c8.1664996081.1.1664996081.1664996081.b20398ff-f98d-4f97-adad-099fa3ec40d5; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19271%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1664996081754-58231D4C-B2F3-4492-AE94-6F74CD06A761
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 36
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
acadplus.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf
119.18.52.62404 Not Found 36 B URL HTTP/1.1 acadplus.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 6a83fd075b3bf9a252aec307795c05b4
993d53f565edcb12f46eaa6a9e8b4c1639ef7185
4722dc6df5613dc5eaf3fb32338c0aa8b2d4f811b926453790272c1a0a117e26
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.b4c6=*; _dpm_id.b4c6=c61d2778-9d0a-4f1c-b43b-c8fb304522c8.1664996081.1.1664996081.1664996081.b20398ff-f98d-4f97-adad-099fa3ec40d5; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19271%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1664996081754-58231D4C-B2F3-4492-AE94-6F74CD06A761
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 36
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 00c0cb6fa40a938ba5a86904849d6022
d59e057779483b4a6a2ffe61782782ee5881830a
f7c3256c9929870cca9c31ccdc6a5871fc77c14e6637b2ff1825aea40e3fade1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4257
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:42 GMT
Last-Modified: Wed, 05 Oct 2022 17:43:45 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
acadplus.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.woff
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplus.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.woff
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.woff HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplus.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.b4c6=*; _dpm_id.b4c6=c61d2778-9d0a-4f1c-b43b-c8fb304522c8.1664996081.1.1664996081.1664996081.b20398ff-f98d-4f97-adad-099fa3ec40d5; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19271%7CMCMID%7C76270789850655157011331792400302488566%7CMCAID%7C319EE9789E6317CF-60000AE4A071E2F9%7CMCOPTOUT-1665003282s%7CNONE%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1664996081754-58231D4C-B2F3-4492-AE94-6F74CD06A761; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplus.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplus.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Bold.woff HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplus.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.b4c6=*; _dpm_id.b4c6=c61d2778-9d0a-4f1c-b43b-c8fb304522c8.1664996081.1.1664996081.1664996081.b20398ff-f98d-4f97-adad-099fa3ec40d5; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19271%7CMCMID%7C76270789850655157011331792400302488566%7CMCAID%7C319EE9789E6317CF-60000AE4A071E2F9%7CMCOPTOUT-1665003282s%7CNONE%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1664996081754-58231D4C-B2F3-4492-AE94-6F74CD06A761; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplus.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Light.woff
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplus.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Light.woff
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/commonui-assets/fonts/interstate/Interstate-Light.woff HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplus.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.b4c6=*; _dpm_id.b4c6=c61d2778-9d0a-4f1c-b43b-c8fb304522c8.1664996081.1.1664996081.1664996081.b20398ff-f98d-4f97-adad-099fa3ec40d5; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19271%7CMCMID%7C76270789850655157011331792400302488566%7CMCAID%7C319EE9789E6317CF-60000AE4A071E2F9%7CMCOPTOUT-1665003282s%7CNONE%7CMCAAMLH-1665600882%7C6%7CMCAAMB-1665600882%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1664996081754-58231D4C-B2F3-4492-AE94-6F74CD06A761; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
acadplus.in/city.com/img/cds-assets/fonts/interstate/Interstate-Light.woff
119.18.52.62404 Not Found 16 B URL HTTP/1.1 acadplus.in/city.com/img/cds-assets/fonts/interstate/Interstate-Light.woff
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Light.woff HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://acadplus.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.b4c6=*; _dpm_id.b4c6=c61d2778-9d0a-4f1c-b43b-c8fb304522c8.1664996081.1.1664996081.1664996081.b20398ff-f98d-4f97-adad-099fa3ec40d5; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19271%7CMCMID%7C76270789850655157011331792400302488566%7CMCAID%7C319EE9789E6317CF-60000AE4A071E2F9%7CMCOPTOUT-1665003282s%7CNONE%7CMCAAMLH-1665600882%7C6%7CMCAAMB-1665600882%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1664996081754-58231D4C-B2F3-4492-AE94-6F74CD06A761; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
citi.demdex.net/dest5.html?d_nsid=0
52.49.126.217200 OK 2.8 kB URL HTTP/1.1 citi.demdex.net/dest5.html?d_nsid=0
IP 52.49.126.217:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: citi.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 5 Oct 2022 18:54:42 GMT
DCS: dcs-prod-irl1-1-v044-06a78a427.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 29 Sep 2022 16:18:56 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: nwbH/Hw4Ttg=
Content-Length: 2791
Connection: keep-alive
contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
52.154.174.214200 OK 1.3 kB URL HTTP/2 contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
IP 52.154.174.214:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (1317), with no line terminators
Hash 8174bcd9e2edca05183a46e1476b0d1d
acc52a8f5bb45eef8d64751ea34fba18dde9198c
4febd85cfd8b6654b394401015150cfbf6b8d3ef87db7fb54a15f908fc82074f
POST /client/v3.1/web/wup?cid=cedric HTTP/1.1
Host: contents2.00110.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 172
Origin: https://acadplus.in
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 1317
date: Wed, 05 Oct 2022 18:54:41 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: 494bf0b2-e65e-41a7-a603-6ce5b127e63c
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
acadplus.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf
119.18.52.62404 Not Found 36 B URL HTTP/1.1 acadplus.in/city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 6a83fd075b3bf9a252aec307795c05b4
993d53f565edcb12f46eaa6a9e8b4c1639ef7185
4722dc6df5613dc5eaf3fb32338c0aa8b2d4f811b926453790272c1a0a117e26
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Bold.ttf HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.b4c6=*; _dpm_id.b4c6=c61d2778-9d0a-4f1c-b43b-c8fb304522c8.1664996081.1.1664996081.1664996081.b20398ff-f98d-4f97-adad-099fa3ec40d5; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19271%7CMCMID%7C76270789850655157011331792400302488566%7CMCAID%7C319EE9789E6317CF-60000AE4A071E2F9%7CMCOPTOUT-1665003282s%7CNONE%7CMCAAMLH-1665600882%7C6%7CMCAAMB-1665600882%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1664996081754-58231D4C-B2F3-4492-AE94-6F74CD06A761; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 36
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
acadplus.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.ttf
119.18.52.62404 Not Found 36 B URL HTTP/1.1 acadplus.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.ttf
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 6a83fd075b3bf9a252aec307795c05b4
993d53f565edcb12f46eaa6a9e8b4c1639ef7185
4722dc6df5613dc5eaf3fb32338c0aa8b2d4f811b926453790272c1a0a117e26
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/commonui-assets/fonts/interstate/Interstate-Bold.ttf HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.b4c6=*; _dpm_id.b4c6=c61d2778-9d0a-4f1c-b43b-c8fb304522c8.1664996081.1.1664996081.1664996081.b20398ff-f98d-4f97-adad-099fa3ec40d5; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19271%7CMCMID%7C76270789850655157011331792400302488566%7CMCAID%7C319EE9789E6317CF-60000AE4A071E2F9%7CMCOPTOUT-1665003282s%7CNONE%7CMCAAMLH-1665600882%7C6%7CMCAAMB-1665600882%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1664996081754-58231D4C-B2F3-4492-AE94-6F74CD06A761; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 36
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
acadplus.in/city.com/img/cds-assets/fonts/interstate/Interstate-Light.ttf
119.18.52.62404 Not Found 36 B URL HTTP/1.1 acadplus.in/city.com/img/cds-assets/fonts/interstate/Interstate-Light.ttf
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 6a83fd075b3bf9a252aec307795c05b4
993d53f565edcb12f46eaa6a9e8b4c1639ef7185
4722dc6df5613dc5eaf3fb32338c0aa8b2d4f811b926453790272c1a0a117e26
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/cds-assets/fonts/interstate/Interstate-Light.ttf HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.b4c6=*; _dpm_id.b4c6=c61d2778-9d0a-4f1c-b43b-c8fb304522c8.1664996081.1.1664996081.1664996081.b20398ff-f98d-4f97-adad-099fa3ec40d5; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19271%7CMCMID%7C76270789850655157011331792400302488566%7CMCAID%7C319EE9789E6317CF-60000AE4A071E2F9%7CMCOPTOUT-1665003282s%7CNONE%7CMCAAMLH-1665600882%7C6%7CMCAAMB-1665600882%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1664996081754-58231D4C-B2F3-4492-AE94-6F74CD06A761; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 36
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
acadplus.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Light.ttf
119.18.52.62404 Not Found 36 B URL HTTP/1.1 acadplus.in/city.com/img/commonui-assets/fonts/interstate/Interstate-Light.ttf
IP 119.18.52.62:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 6a83fd075b3bf9a252aec307795c05b4
993d53f565edcb12f46eaa6a9e8b4c1639ef7185
4722dc6df5613dc5eaf3fb32338c0aa8b2d4f811b926453790272c1a0a117e26
Analyzer Verdict Alert fortinet Phishing
GET /city.com/img/commonui-assets/fonts/interstate/Interstate-Light.ttf HTTP/1.1
Host: acadplus.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/city.com/img/styles.a4a9307b7b034ca614a7.css
Cookie: _dpm_ses.b4c6=*; _dpm_id.b4c6=c61d2778-9d0a-4f1c-b43b-c8fb304522c8.1664996081.1.1664996081.1664996081.b20398ff-f98d-4f97-adad-099fa3ec40d5; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=-330454231%7CMCIDTS%7C19271%7CMCMID%7C76270789850655157011331792400302488566%7CMCAID%7C319EE9789E6317CF-60000AE4A071E2F9%7CMCOPTOUT-1665003282s%7CNONE%7CMCAAMLH-1665600882%7C6%7CMCAAMB-1665600882%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C3.1.2; cdContextId=1; bmuid=1664996081754-58231D4C-B2F3-4492-AE94-6F74CD06A761; AMCVS_61834D9B5228A7430A490D45%40AdobeOrg=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 18:54:40 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 36
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9eb66dfb5f3c9cdd4df7120817774c2f
7433bbeedf74d56d11c65176e40f27caedf8bc84
5807184320103a7fe25c7f82cfa5ffafbc11ed486a8502635b5bd48475a6fd66
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 11:15:49 GMT
Expires: Mon, 10 Oct 2022 11:15:48 GMT
Etag: "7433bbeedf74d56d11c65176e40f27caedf8bc84"
Cache-Control: max-age=403865,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75585e0bcf91b511-OSL
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
54.230.111.46200 OK 221 B URL HTTP/2 1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
IP 54.230.111.46:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 221
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 21:37:13 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1n0ttIhASEv9ltps1r5r2ltas1ljk9PMLznES5kD6gb1mw_E5H7uFQ==
age: 76650
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 1137b48c342351cb93c7e163e7da7364
9e25cf2459e15db62592b4083d03ac6f8e7472e0
e46b0a65f5e1b342ac5ab34938af9e850b35d2e02e3fc2667bbcd70adfe485fa
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:42 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 06:00:06 GMT
Expires: Tue, 11 Oct 2022 06:00:05 GMT
Etag: "9e25cf2459e15db62592b4083d03ac6f8e7472e0"
Cache-Control: max-age=471322,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75585e0bdd720b41-OSL
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
54.230.111.64200 OK 221 B URL HTTP/2 1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
IP 54.230.111.64:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.c81358859121583b7adf2ace89cb39f44.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 221
date: Wed, 05 Oct 2022 06:56:55 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: odlPEHEz8y0uvuTt-790ROBV3tDnQdQe102pTEKSdZesbXri7Hx9RQ==
age: 43068
X-Firefox-Spdy: h2
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
54.230.111.46200 OK 3.2 kB URL HTTP/2 1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP 54.230.111.46:0
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
date: Wed, 05 Oct 2022 07:00:57 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Phg6haA7VZX1nQHKDbhkY75L2M0-virC1qqqqFuzWFdqwfeqmntKPA==
age: 42826
X-Firefox-Spdy: h2
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
54.230.111.64200 OK 3.2 kB URL HTTP/2 1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP 54.230.111.64:0
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.c81358859121583b7adf2ace89cb39f44.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
date: Tue, 04 Oct 2022 21:22:18 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Wzq7eSYAIq2-fRHVJCDG4N7aznkPvddJvH81xqOgqsabuFMco6C4Hg==
age: 77545
X-Firefox-Spdy: h2
nexus.ensighten.com/citi/na_prod/perf.rnc?cid=1129&ns=1664996078742&ce=671&cs=389&dc=0&dclee=0&dcles=3098&di=3032&dl=833&dle=389&dls=388&fs=380&lee=0&les=0&rede=0&reds=0&reqs=671&resps=807&respe=1089&scs=528&ues=0&uee=0
54.230.111.74204 No Content 0 B URL HTTP/2 nexus.ensighten.com/citi/na_prod/perf.rnc?cid=1129&ns=1664996078742&ce=671&cs=389&dc=0&dclee=0&dcles=3098&di=3032&dl=833&dle=389&dls=388&fs=380&lee=0&les=0&rede=0&reds=0&reqs=671&resps=807&respe=1089&scs=528&ues=0&uee=0
IP 54.230.111.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /citi/na_prod/perf.rnc?cid=1129&ns=1664996078742&ce=671&cs=389&dc=0&dclee=0&dcles=3098&di=3032&dl=833&dle=389&dls=388&fs=380&lee=0&les=0&rede=0&reds=0&reqs=671&resps=807&respe=1089&scs=528&ues=0&uee=0 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: CloudFront
date: Tue, 04 Oct 2022 21:47:21 GMT
cache-control: no-cache, no-store
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wH3FC3pARHhSa7pc6qxQH90KLJPh1IjoV9x1FKLTItpS-tl6D4ReqA==
age: 76042
X-Firefox-Spdy: h2
nexus.ensighten.com/error/e.gif?msg=_dl%20is%20not%20defined&lnn=481&fn=https%3A%2F%2Facadplus.in%2Fcity.com%2Fimg%2FBootstrap.js&cid=1129&client=citi&publishPath=na_prod&rid=3092996&did=622672&errorName=ReferenceError
54.230.111.74204 No Content 0 B URL HTTP/2 nexus.ensighten.com/error/e.gif?msg=_dl%20is%20not%20defined&lnn=481&fn=https%3A%2F%2Facadplus.in%2Fcity.com%2Fimg%2FBootstrap.js&cid=1129&client=citi&publishPath=na_prod&rid=3092996&did=622672&errorName=ReferenceError
IP 54.230.111.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /error/e.gif?msg=_dl%20is%20not%20defined&lnn=481&fn=https%3A%2F%2Facadplus.in%2Fcity.com%2Fimg%2FBootstrap.js&cid=1129&client=citi&publishPath=na_prod&rid=3092996&did=622672&errorName=ReferenceError HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: CloudFront
date: Wed, 05 Oct 2022 01:05:18 GMT
cache-control: no-cache, no-store
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dirRljJ71HBowkeC4uofFHk0lrTzKKKruDvAWMRStMy9JTpEjgYgmg==
age: 64165
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 7b0dbb377b16f7fbde7a70abdbf1cf7f
f7e008c013fa96f6c694879a440fa896b60f7f7d
43c862fe9430972ed263786d8b2f6535782454de7c450f263a92fb3073ce9a42
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 05 Oct 2022 18:54:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 04 Oct 2022 23:17:07 GMT
Expires: Wed, 05 Oct 2022 23:17:07 GMT
ETag: "f7e008c013fa96f6c694879a440fa896b60f7f7d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 40a4de06678d96242b71d5318f2fd4ef
546a7d1d92df81916f14155943427b5453ae3924
aed9af25ae57c181702a137d48cb00f5b30297180161451de3b628359dc9ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 40a4de06678d96242b71d5318f2fd4ef
546a7d1d92df81916f14155943427b5453ae3924
aed9af25ae57c181702a137d48cb00f5b30297180161451de3b628359dc9ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 40a4de06678d96242b71d5318f2fd4ef
546a7d1d92df81916f14155943427b5453ae3924
aed9af25ae57c181702a137d48cb00f5b30297180161451de3b628359dc9ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 40a4de06678d96242b71d5318f2fd4ef
546a7d1d92df81916f14155943427b5453ae3924
aed9af25ae57c181702a137d48cb00f5b30297180161451de3b628359dc9ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/916451471/?random=1645199688127&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1013547421&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/916451471/?random=1645199688127&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1013547421&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/916451471/?random=1645199688127&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=1013547421&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 18:54:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/819500023/?random=1645199688162&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=934572699&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/819500023/?random=1645199688162&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=934572699&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/819500023/?random=1645199688162&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=934572699&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 18:54:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/830907969/?random=1645199688154&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3929776891&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/830907969/?random=1645199688154&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3929776891&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/830907969/?random=1645199688154&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3929776891&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 18:54:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/959299794/?random=1645199688176&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2969722864&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/959299794/?random=1645199688176&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2969722864&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/959299794/?random=1645199688176&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2969722864&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 18:54:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/975701947/?random=1645199688158&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3742915801&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/975701947/?random=1645199688158&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3742915801&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/975701947/?random=1645199688158&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3742915801&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 18:54:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/960621875/?random=1645199688150&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3640341865&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/960621875/?random=1645199688150&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3640341865&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/960621875/?random=1645199688150&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3640341865&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 18:54:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/644574043/?random=1645199688142&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3716761758&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/644574043/?random=1645199688142&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3716761758&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/644574043/?random=1645199688142&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=3716761758&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 18:54:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/695231162/?random=1645199688136&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2490011135&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/695231162/?random=1645199688136&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2490011135&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/695231162/?random=1645199688136&cv=9&fst=1645196400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=768&u_aw=1366&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.citi.com%2Flogin&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&async=1&fmt=3&is_vtc=1&random=2490011135&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 18:54:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash eaa32bc70d58ee3e9cefd05cb9e45209
b4a2ddb3627b993cc0207e945257777a8ef9c4ff
d2bc78bf694beade4f35a9a1622d7ff5062e6308c3ea49d14e0ee638f2100fa6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:43 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 12:17:23 GMT
Expires: Wed, 12 Oct 2022 12:17:22 GMT
Etag: "b4a2ddb3627b993cc0207e945257777a8ef9c4ff"
Cache-Control: max-age=580358,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75585e0bed7eb4f1-OSL
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
54.230.111.21200 OK 221 B URL HTTP/2 1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
IP 54.230.111.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 221
date: Tue, 04 Oct 2022 19:36:48 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pBvcCAZBrean5RBzDvEJ3IftRrI_bb6estNqi_uAd2KjzV6Qmu1IEQ==
age: 83876
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=A23029B8820A42AD849C49924CCA7CD3&RedC=c.clarity.ms&MXFR=34EE323D3C1D6D9324E62009381D63C9
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=34EE323D3C1D6D9324E62009381D63C9; domain=.clarity.ms; expires=Mon, 30-Oct-2023 18:54:43 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Wed, 05 Oct 2022 18:54:43 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash c80499e3ccd937651c4d56769e245c5e
b5b4b80c63b6c1459f9d127d1cb76502dc64c85b
fd7a20166e3f2062babd11638e75ba6af15e1c577674a006831fcd2930095638
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 18:54:43 GMT
Last-Modified: Wed, 05 Oct 2022 17:57:03 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wvywYInk9-JLmkdZAQ-JqyEfbfJKS0w_KdbDoPUamfp-J2lqb-mckw==
Age: 3460
cm.everesttech.net/cm/dd?d_uuid=69522316285711122142006600029372023381
54.74.40.111302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=69522316285711122142006600029372023381
IP 54.74.40.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=69522316285711122142006600029372023381 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Wed, 05 Oct 2022 18:54:43 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Yz3S8wAAAKZ-pwN-; Domain=.everesttech.net; Expires=Thu, 05-Oct-2023 18:54:43 GMT; Path=/
everest_session_v2=Yz3S8wAAAKZ-qAN-; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yz3S8wAAAKZ-pwN-
Server: AMO-cookiemap/1.1
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
54.230.111.21200 OK 3.2 kB URL HTTP/2 1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP 54.230.111.21:0
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 18:53:04 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: H_mvbRvBhoWbNFoaGFdsk6eKRQUbOzMrKhBhmHW-lTcLUVvr31NDeg==
age: 100
X-Firefox-Spdy: h2
contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
52.154.174.214200 OK 558 B URL HTTP/2 contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
IP 52.154.174.214:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (558), with no line terminators
Hash 1fe3dc9af683745ec671807a79aa6c42
bb9c88e5d612171c2e798b12a57fdff0e090f0c4
27f805eebcb70e020c317700c2186e652ae07ae91afa088e5a4c62e37e4eb84e
POST /client/v3.1/web/wup?cid=cedric HTTP/1.1
Host: contents2.00110.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2538
Origin: https://acadplus.in
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 558
date: Wed, 05 Oct 2022 18:54:43 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: 9374f71f-e6f9-44f3-b8ad-a05beee61aca
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
nexus.ensighten.com/citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963
54.230.111.74200 OK 989 B URL HTTP/2 nexus.ensighten.com/citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963
IP 54.230.111.74:0
File type ASCII text, with very long lines (524)
Hash a88ee16d6636b998b8a6bb0eedf3a3bb
84b7338657d33ace2048bf6b6e3b8b3fa649548a
7df13706eaab8ce9a3dcd2a501f60bc66987c83834d07dfaf07ae56ef814c110
GET /citi/na_prod/code/fdf45a7c15c1cee06bb71e10dac4e26e.js?conditionId0=4849963 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 989
date: Fri, 22 Jul 2022 05:10:06 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Jul 2021 20:01:14 GMT
etag: "a88ee16d6636b998b8a6bb0eedf3a3bb"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: .wEMJ82rme0Ajy8MXYWYMqCLOS4zdOlx
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UaC65d33oWzugftmWxTkbzht_kr_LkPyR4oI3zmWcwRDdmqxfHKz6w==
age: 6529478
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=411&dpuuid=Yz3S8wAAAKZ-pwN-
52.49.126.217302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Yz3S8wAAAKZ-pwN-
IP 52.49.126.217:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Yz3S8wAAAKZ-pwN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acadplus.in/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v044-0b1a912a4.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Yz3S8wAAAKZ-pwN-
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=14147595986770516152239992012347831481; Max-Age=15552000; Expires=Mon, 03 Apr 2023 18:54:43 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: SMrAw7jES2k=
Content-Length: 0
Connection: keep-alive
c.bing.com/c.gif?CtsSyncId=A23029B8820A42AD849C49924CCA7CD3&RedC=c.clarity.ms&MXFR=34EE323D3C1D6D9324E62009381D63C9
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=A23029B8820A42AD849C49924CCA7CD3&RedC=c.clarity.ms&MXFR=34EE323D3C1D6D9324E62009381D63C9
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=A23029B8820A42AD849C49924CCA7CD3&RedC=c.clarity.ms&MXFR=34EE323D3C1D6D9324E62009381D63C9 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acadplus.in/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=A23029B8820A42AD849C49924CCA7CD3&MUID=3EC940AB18F4664319B3529F190167C6
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=3EC940AB18F4664319B3529F190167C6; domain=c.bing.com; expires=Mon, 30-Oct-2023 18:54:43 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A2BDEF2013E9440DAF9C357EF64B8E8B Ref B: OSL30EDGE0122 Ref C: 2022-10-05T18:54:43Z
date: Wed, 05 Oct 2022 18:54:43 GMT
content-length: 0
X-Firefox-Spdy: h2
nexus.ensighten.com/citi/na_prod/code/74cc1efe8c7595da53e7ab20e00a12ab.js?conditionId0=486757
54.230.111.74200 OK 41 kB URL HTTP/2 nexus.ensighten.com/citi/na_prod/code/74cc1efe8c7595da53e7ab20e00a12ab.js?conditionId0=486757
IP 54.230.111.74:0
Hash 63ba1cdd960ade6e7eca5eff4d2a9228
eac1debb5c378c95ef718d00c303eb08733680ff
1e59b22e0411d1122572b6751085c6d27a9e35cd2515f46ddc928c180c3cda76
GET /citi/na_prod/code/74cc1efe8c7595da53e7ab20e00a12ab.js?conditionId0=486757 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 04 Oct 2022 17:38:58 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 04 Oct 2022 17:38:26 GMT
etag: W/"3ede326e87ee2b8f7af776b4c4ad35f7"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: LjMYQmiQy7kOs5o7pU54PuDyr5b_DNtO
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N-WxtfweXAkZDR2qOVVB8rAtqDHtahKFxPFf0HZTe6PGZDonxEFIkQ==
age: 90946
X-Firefox-Spdy: h2
nexus.ensighten.com/citi/na_prod/code/51aba9f62787efbaa13e53a8d1ae3892.js?conditionId0=4827153
54.230.111.74200 OK 43 kB URL HTTP/2 nexus.ensighten.com/citi/na_prod/code/51aba9f62787efbaa13e53a8d1ae3892.js?conditionId0=4827153
IP 54.230.111.74:0
File type ASCII text, with very long lines (524)
Hash bb5dff128e475a1d1867cd0de8194d6d
5be39bf67ff7c1ad532c2acb46aef1726b9981e7
7543c3916919f5e95865d1fbb508429917c00fd0928bd7ac3b45b0d1b2d25093
GET /citi/na_prod/code/51aba9f62787efbaa13e53a8d1ae3892.js?conditionId0=4827153 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 22 Jul 2022 04:58:00 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 31 Aug 2021 17:19:04 GMT
etag: W/"4d37444c012a76a0557182615bf5cdd3"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: wbqnWd5jL63548esNkWLxT1ImQDA0TC0
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9scEw4cWkbKqIwfurwonf6a6_hPhal_EHtyU0zh6UVlRXkvoDvfQvg==
age: 6530203
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4a3537782727d0cd620456d32a8cfe81
3dcf889c6b528df6edbc76942729d6ee23d40bd6
dbeca37bb01f7549e346005a57f8887fe161c10ea813fbe54fffbe17c68a4994
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 02:15:46 GMT
Expires: Wed, 12 Oct 2022 02:15:45 GMT
Etag: "3dcf889c6b528df6edbc76942729d6ee23d40bd6"
Cache-Control: max-age=544260,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75585e156a120b41-OSL
nexus.ensighten.com/citi/na_prod/code/557566dc60916e3de69e006bef252459.js?conditionId0=4837456
54.230.111.74200 OK 778 B URL HTTP/2 nexus.ensighten.com/citi/na_prod/code/557566dc60916e3de69e006bef252459.js?conditionId0=4837456
IP 54.230.111.74:0
File type ASCII text, with very long lines (1964)
Hash dfcbb9de0921be2bf9c2c3e61ad2f322
f148b87376da4c033f81c9e2b3efc3762c54397f
9275dda5f43baa78553da048e931dc0dc6bd26468fc3820f7e09d719f79a3881
GET /citi/na_prod/code/557566dc60916e3de69e006bef252459.js?conditionId0=4837456 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 22 Jul 2022 04:43:02 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Jul 2021 20:01:09 GMT
etag: W/"c12999fcad47ab9cba1967b8c736048d"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: nE2jchQRxt_gtDKDOvHRLQGyp_MKp2PL
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N6f4C5It0lao6y-xUysYiimNsEH7iPtLbtKbhS43gw-j0lyStTfSdg==
age: 6531102
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=A23029B8820A42AD849C49924CCA7CD3&MUID=3EC940AB18F4664319B3529F190167C6
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=A23029B8820A42AD849C49924CCA7CD3&MUID=3EC940AB18F4664319B3529F190167C6
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=A23029B8820A42AD849C49924CCA7CD3&MUID=3EC940AB18F4664319B3529F190167C6 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acadplus.in/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 05-Oct-2022 19:04:44 GMT; path=/; SameSite=None; Secure;
date: Wed, 05 Oct 2022 18:54:44 GMT
content-length: 42
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Yz3S8wAAAKZ-pwN-
52.49.126.217200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Yz3S8wAAAKZ-pwN-
IP 52.49.126.217:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Yz3S8wAAAKZ-pwN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acadplus.in/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v044-0f70348c4.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 2w7oFfxwSvA=
Content-Length: 59
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 67abba1f2b7032339b9ee22c49033b0c
d8bee062e4c1c78c39df16bb624e2699b40ecf35
ad6fa5c31a09b8a18dadad25fd87c838180e94571cbc3c22ecc35633b659ba02
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 18:54:44 GMT
Last-Modified: Wed, 05 Oct 2022 17:42:51 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Bau8l8koWCWQ4_7Isb3z9_LCKrcdJi7vPO25ZHv6ey-AHA-bYd5rPQ==
Age: 4313
contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
52.154.174.214200 OK 558 B URL HTTP/2 contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
IP 52.154.174.214:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (558), with no line terminators
Hash 2bf4bb53519d746ee65ba3c7b799563e
eec71118964817faafd55122e027476337f5ff99
f99044dc29cce4589948c4c27ff16f5811215261f6d8c78ad5787cf7de382472
POST /client/v3.1/web/wup?cid=cedric HTTP/1.1
Host: contents2.00110.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2290
Origin: https://acadplus.in
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 558
date: Wed, 05 Oct 2022 18:54:43 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: f849cf21-e9e3-4752-b1e4-336560689a6c
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
c1.rfihub.net/js/tc.min.js
54.230.111.62200 OK 6.0 kB URL HTTP/2 c1.rfihub.net/js/tc.min.js
IP 54.230.111.62:0
File type C source, ASCII text, with very long lines (19497)
Hash a70260b145ba0152ff8bcf875405c2b9
95bc361d6376cd79319e552a0cbddd34bfdc1ac7
7b84f12eb84c0816da628e82d78d042990a2140f2916b8a5821e000849842155
GET /js/tc.min.js HTTP/1.1
Host: c1.rfihub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
last-modified: Wed, 05 Oct 2022 15:00:21 GMT
server: Jetty(9.3.29.v20201019)
content-encoding: br
date: Wed, 05 Oct 2022 18:02:07 GMT
cache-control: public, max-age=3600
expires: Wed, 05 Oct 2022 19:01:33 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kowgqcG8DoejZPcznQLjj9AMrJ9J4vfidEYOe3hK_MnZZq7yO7v7TA==
age: 3191
X-Firefox-Spdy: h2
contents1.00110.citi.com/api/v1/sendLogs?cid=cedric&cdsnum=1664996082362-sjn0000320-0e60559c-0950-44be-ab20-d0c11be25d41&csid=null&ds=js&sdkVer=2.17.2.285.6f55d57
13.89.105.232204 No Content 0 B URL HTTP/2 contents1.00110.citi.com/api/v1/sendLogs?cid=cedric&cdsnum=1664996082362-sjn0000320-0e60559c-0950-44be-ab20-d0c11be25d41&csid=null&ds=js&sdkVer=2.17.2.285.6f55d57
IP 13.89.105.232:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v1/sendLogs?cid=cedric&cdsnum=1664996082362-sjn0000320-0e60559c-0950-44be-ab20-d0c11be25d41&csid=null&ds=js&sdkVer=2.17.2.285.6f55d57 HTTP/1.1
Host: contents1.00110.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 796
Origin: https://acadplus.in
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 05 Oct 2022 18:54:45 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/embed.js
151.101.85.230200 OK 531 B URL HTTP/2 resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/embed.js
IP 151.101.85.230:0
File type ASCII text, with very long lines (592)
Hash 163d0bd34ff8cd5d5d8c376ff4fa5448
49290a53b47fe11dd527ed41db0876da97afc365
6b05ff7c0159529870ef88073983b50eee80d938ffbd55d5c9aebb0dab4d772a
GET /wdcusciti/50/onsite/embed.js HTTP/1.1
Host: resources.digital-cloud-citi.medallia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: u1q21WQPfwzs23uymh2CMtwwrYIFyq26AkrhDsm4sSkBTMF8S/P2IkvvYV6yALkuLLfW2ZP//GI=
x-amz-request-id: W3PJBFJ0QTFP83BK
last-modified: Mon, 29 Aug 2022 07:49:45 GMT
etag: "c1db4c234cf539e2bfab42c09c1ca05d"
x-amz-version-id: eKMfkf17jnOEK1NZY3.0vSO_D.gj7xc9
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
content-encoding: gzip
accept-ranges: bytes
date: Wed, 05 Oct 2022 18:54:45 GMT
via: 1.1 varnish
age: 70243
x-served-by: cache-bma1656-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664996085.495069,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 531
X-Firefox-Spdy: h2
nexus.ensighten.com/citi/na_prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citi/na_prod/code/&publishedOn=Thu%20Feb%2017%2015:16:12%20GMT%202022&ClientID=1129&PageID=https%3A%2F%2Facadplus.in%2Fcity.com%2F
54.230.111.74200 OK 1.1 kB URL HTTP/2 nexus.ensighten.com/citi/na_prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citi/na_prod/code/&publishedOn=Thu%20Feb%2017%2015:16:12%20GMT%202022&ClientID=1129&PageID=https%3A%2F%2Facadplus.in%2Fcity.com%2F
IP 54.230.111.74:0
Hash b072107ccfbca090c588df30e345f631
2e5473959ae152271fac42567324a077da3d24dc
65726e29875c107ecedb6867f170e82b7259f73036e047d214a192277c109b64
GET /citi/na_prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/citi/na_prod/code/&publishedOn=Thu%20Feb%2017%2015:16:12%20GMT%202022&ClientID=1129&PageID=https%3A%2F%2Facadplus.in%2Fcity.com%2F HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
server: nginx
date: Wed, 05 Oct 2022 18:54:43 GMT
expires: Wed, 05 Oct 2022 18:54:42 GMT
cache-control: no-cache, no-store
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -4MHrGToLdPhWz94JrgYVbxweyRmIYJN3wke5UH16Sg_7upiDUpr0w==
X-Firefox-Spdy: h2
resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1642556755234.js
151.101.85.230200 OK 89 kB URL HTTP/2 resources.digital-cloud-citi.medallia.com/wdcusciti/50/onsite/generic1642556755234.js
IP 151.101.85.230:0
File type Unicode text, UTF-8 text, with very long lines (53734)
Hash 0910c09f371905190d92a517f6664582
82015ba51fdafebdc71f17b7c2650025bfba0770
25707832992c14c98b3e72d17579ba9a4e082de9f544750d8576a84d3e3b4bbb
GET /wdcusciti/50/onsite/generic1642556755234.js HTTP/1.1
Host: resources.digital-cloud-citi.medallia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BCwZ+cDcanB29+BIrIjunK0dcPElBR1vbfl7mt31+KPJClzhOrG0x4PRt1pSmRTPehz6jLE8X8E=
x-amz-request-id: R1SSFTZN4WDYR195
last-modified: Wed, 19 Jan 2022 01:45:56 GMT
etag: "23e4d609fe08b7a8c3e4f1da77c7f96c"
x-amz-version-id: rSjn3UrYpUyqzJwJI83SrWd_Yi2yQGv5
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Wed, 05 Oct 2022 18:54:45 GMT
via: 1.1 varnish
age: 74606
x-served-by: cache-bma1656-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664996085.498766,VS0,VE10
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 89391
X-Firefox-Spdy: h2
contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
52.154.174.214200 OK 558 B URL HTTP/2 contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
IP 52.154.174.214:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (558), with no line terminators
Hash 850fc4f187696dec3d4d0130b0dc7ed3
982dd985586d53b472ee2f864d906fd8c6347fd5
635f216f22f5f5c9b6903ade38774890425ba68cbd3615b87b4b4f8d47f209e8
POST /client/v3.1/web/wup?cid=cedric HTTP/1.1
Host: contents2.00110.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1098
Origin: https://acadplus.in
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 558
date: Wed, 05 Oct 2022 18:54:44 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: b6d7c8bc-f41a-4545-8303-067913be03bf
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
35.190.60.146451 Unavailable For Legal Reasons 0 B URL HTTP/2 sr.rlcdn.com/425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709
IP 35.190.60.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /425466.html?es=80676&u=da39a3ee5e6b4b0d3255bfef95601890afd80709 HTTP/1.1
Host: sr.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 451 Unavailable For Legal Reasons
date: Wed, 05 Oct 2022 18:54:45 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3f48157cf95513193cf7f7714ce3c70d
711ed2f3122d4d02553c181c3b880a6855e16072
427f76bc40cdb31fc8457e10ed18273b906e5ec3fbbc53a54374b6f420c9074e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4412
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:45 GMT
Last-Modified: Wed, 05 Oct 2022 17:41:14 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3f48157cf95513193cf7f7714ce3c70d
711ed2f3122d4d02553c181c3b880a6855e16072
427f76bc40cdb31fc8457e10ed18273b906e5ec3fbbc53a54374b6f420c9074e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4412
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:45 GMT
Last-Modified: Wed, 05 Oct 2022 17:41:14 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3f48157cf95513193cf7f7714ce3c70d
711ed2f3122d4d02553c181c3b880a6855e16072
427f76bc40cdb31fc8457e10ed18273b906e5ec3fbbc53a54374b6f420c9074e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4412
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:45 GMT
Last-Modified: Wed, 05 Oct 2022 17:41:14 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ck=0&m=2
91.235.133.67200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ck=0&m=2
IP 91.235.133.67:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ck=0&m=2 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:45 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ck=0&m=1
91.235.133.67200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ck=0&m=1
IP 91.235.133.67:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ck=0&m=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:45 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash da760bd41ef8ff9370254bfa22f58538
d2913d670acf488ba2460758095e8238c1d47966
92af768a29358479e72788fbbb20cfd27aad26588b07a3218968710da11a2d37
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 13:42:54 GMT
Expires: Wed, 12 Oct 2022 13:42:53 GMT
Etag: "d2913d670acf488ba2460758095e8238c1d47966"
Cache-Control: max-age=585487,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75585e1f9ebe0b41-OSL
content22.online.citi.com/fp/check.js;CIS3SID=69B4B09FD8A728BF2EE7FCB11A1B9673?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jb=3731242668736f753d4c6b6e7d7a266a73673f4c69667770246a73627d3d46697067646d78246273623d46697265646f782530303b34
91.235.133.67200 OK 79 kB URL HTTP/1.1 content22.online.citi.com/fp/check.js;CIS3SID=69B4B09FD8A728BF2EE7FCB11A1B9673?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jb=3731242668736f753d4c6b6e7d7a266a73673f4c69667770246a73627d3d46697067646d78246273623d46697265646f782530303b34
IP 91.235.133.67:0
File type ASCII text, with very long lines (6124)
Hash b8598e63a049d99d010ff67e6edb440c
9dbf813431ce61305de34ec9b2969de2739f04c9
ceeb739c692581ef2d89961d57f49db244c4c11e2253151b5473c174cd35ecef
GET /fp/check.js;CIS3SID=69B4B09FD8A728BF2EE7FCB11A1B9673?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&jb=3731242668736f753d4c6b6e7d7a266a73673f4c69667770246a73627d3d46697067646d78246273623d46697265646f782530303b34 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:45 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 6b89f78c1aa12a6c
Set-Cookie: thx_guid=27f5bf9af357b3e2d5b0c092785fd781; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure;
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ck=0&m=1
91.235.133.67200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ck=0&m=1
IP 91.235.133.67:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ck=0&m=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:45 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: image/png
content22.online.citi.com/fp/check.js;CIS3SID=69915BADAB241B2E060746F35B8AB099?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jb=37312e2668716f773f4c616c77782468736f3d4c69667778266a7362753f46697067646f7a246273623f46697265666d782730303936
91.235.133.67200 OK 79 kB URL HTTP/1.1 content22.online.citi.com/fp/check.js;CIS3SID=69915BADAB241B2E060746F35B8AB099?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jb=37312e2668716f773f4c616c77782468736f3d4c69667778266a7362753f46697067646f7a246273623f46697265666d782730303936
IP 91.235.133.67:0
File type ASCII text, with very long lines (15506)
Hash 8c8dc1d4788e27d0fc131b16b8e83f4e
772f2885b716cf5ba45e4cab78f71b05e302fdfc
cfd064f0c92d99a61d124ca3349e7af276b97c283cfe75ca94cd1fdb2675549a
GET /fp/check.js;CIS3SID=69915BADAB241B2E060746F35B8AB099?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jb=37312e2668716f773f4c616c77782468736f3d4c69667778266a7362753f46697067646f7a246273623f46697265666d782730303936 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:45 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 31f079b47db06ff4
Set-Cookie: thx_guid=2928c5ca9e289d05841f979bbdee4730; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure;
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
151.101.85.175200 OK 5.2 kB URL HTTP/2 nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
IP 151.101.85.175:0
File type C source, ASCII text, with very long lines (585)
Hash a8a8316559534b9784a92826ab49b9f2
3836a3dbc421106117da4a97871aed09eedbdf0c
b11175156d2ff85a9f749c78ab961597cc0034db4df0295f2e57335e94f61b1e
GET /resources/onsite/js/cool-2.1.15.min.js HTTP/1.1
Host: nebula-cdn.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5DsDii/Q4DH7ELXaSSQk8LthmRPPyf53c8AfqU+DuRMLCwyO0c2GhS45Jvn2u1AAXM+COlEdWaw=
x-amz-request-id: N94HBZ7MFH62Q62Y
last-modified: Sun, 24 Jan 2021 11:03:10 GMT
etag: "80dd5e3be5152c5c72d552c6a26ef6ff"
x-amz-version-id: 9HCXbKZTbCJZkS8s9IuB.pE0JEvI0TGW
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Wed, 05 Oct 2022 18:54:45 GMT
via: 1.1 varnish
age: 822572
x-served-by: cache-bma1658-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664996086.759769,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 5197
X-Firefox-Spdy: h2
content22.online.citi.com/fp/check.js;CIS3SID=46224D2C1EE73E9471744854588FFD2B?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jb=3d3326246a7167753f4c6b6c7578266a736d3f4c696e757824687360773f4469726d666f78266a73603d466b7a65666d7a2530323934
91.235.133.67200 OK 79 kB URL HTTP/1.1 content22.online.citi.com/fp/check.js;CIS3SID=46224D2C1EE73E9471744854588FFD2B?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jb=3d3326246a7167753f4c6b6c7578266a736d3f4c696e757824687360773f4469726d666f78266a73603d466b7a65666d7a2530323934
IP 91.235.133.67:0
File type ASCII text, with very long lines (9942)
Hash 09c33699e2cb422afa891896389f6ecf
2bb57456baea65a2bbedd7bc7d534610210dba11
ce146c8ff4b7c4244f5fe89fe83d202c4163556a5d7e6dea9cdbbbf8bc846912
GET /fp/check.js;CIS3SID=46224D2C1EE73E9471744854588FFD2B?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jb=3d3326246a7167753f4c6b6c7578266a736d3f4c696e757824687360773f4469726d666f78266a73603d466b7a65666d7a2530323934 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:45 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 5527618d41f91b6a
Set-Cookie: thx_guid=d96e9479b924024b3de51d92b766aafa; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure;
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3f48157cf95513193cf7f7714ce3c70d
711ed2f3122d4d02553c181c3b880a6855e16072
427f76bc40cdb31fc8457e10ed18273b906e5ec3fbbc53a54374b6f420c9074e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:45 GMT
Server: ECS (amb/6BC2)
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3f48157cf95513193cf7f7714ce3c70d
711ed2f3122d4d02553c181c3b880a6855e16072
427f76bc40cdb31fc8457e10ed18273b906e5ec3fbbc53a54374b6f420c9074e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:45 GMT
Server: ECS (amb/6BB8)
Content-Length: 471
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ck=0&m=2
91.235.133.67200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ck=0&m=2
IP 91.235.133.67:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ck=0&m=2 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:45 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ck=0&m=2
91.235.133.67200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ck=0&m=2
IP 91.235.133.67:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ck=0&m=2 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:45 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ja=3131352624633d30267a3f302e643d31323032783138303c2461663d393238307a33323232247b78793d307830266670723d332c33303a3224313032342c33303a302e313230322c31323a30243b33392c3930383024333830342c302430267361663f30342464683d6874747073273341253046273044636b6164706c75712c6b6e273244636974792e616f65273246266c703d26606a35673832646a35333430323a3431676c62396535363039373533396364356167302e6a736f3d4c6b6c7778246a71623d4669726766677a2532303134266a7b6d7d3f4c696e7d78266a7160773f466b7a65666f78266e68613d3136247478663f575c43266d61746a703f323a3934623838633035656a63346466693a626130633e3b3139643e6363613032336135346d31383261306139663934616334363266313c3436623566363b32&jb=3b35246c733d4d6f7a696e6c692732463526322532382a50333125334a2532304e6b6c7778273a307838365f3634273342253030707427314939362e3029273032476763696f25324632323138323130312d30304661706d646f78253a4639362c32
91.235.133.67204 204 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ja=3131352624633d30267a3f302e643d31323032783138303c2461663d393238307a33323232247b78793d307830266670723d332c33303a3224313032342c33303a302e313230322c31323a30243b33392c3930383024333830342c302430267361663f30342464683d6874747073273341253046273044636b6164706c75712c6b6e273244636974792e616f65273246266c703d26606a35673832646a35333430323a3431676c62396535363039373533396364356167302e6a736f3d4c6b6c7778246a71623d4669726766677a2532303134266a7b6d7d3f4c696e7d78266a7160773f466b7a65666f78266e68613d3136247478663f575c43266d61746a703f323a3934623838633035656a63346466693a626130633e3b3139643e6363613032336135346d31383261306139663934616334363266313c3436623566363b32&jb=3b35246c733d4d6f7a696e6c692732463526322532382a50333125334a2532304e6b6c7778273a307838365f3634273342253030707427314939362e3029273032476763696f25324632323138323130312d30304661706d646f78253a4639362c32
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=f13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f&nonce=6b89f78c1aa12a6c&pageid=1&ja=3131352624633d30267a3f302e643d31323032783138303c2461663d393238307a33323232247b78793d307830266670723d332c33303a3224313032342c33303a302e313230322c31323a30243b33392c3930383024333830342c302430267361663f30342464683d6874747073273341253046273044636b6164706c75712c6b6e273244636974792e616f65273246266c703d26606a35673832646a35333430323a3431676c62396535363039373533396364356167302e6a736f3d4c6b6c7778246a71623d4669726766677a2532303134266a7b6d7d3f4c696e7d78266a7160773f466b7a65666f78266e68613d3136247478663f575c43266d61746a703f323a3934623838633035656a63346466693a626130633e3b3139643e6363613032336135346d31383261306139663934616334363266313c3436623566363b32&jb=3b35246c733d4d6f7a696e6c692732463526322532382a50333125334a2532304e6b6c7778273a307838365f3634273342253030707427314939362e3029273032476763696f25324632323138323130312d30304661706d646f78253a4639362c32 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Wed, 05 Oct 2022 18:54:45 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
content22.online.citi.com/fp/clear.png
91.235.133.67200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png
IP 91.235.133.67:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*, 89oebq5k/6b89f78c1aa12a6cf13ab1edeab18f4de9bda9c87dd095aabcc70280541a117ddef5b26c845e156f
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplus.in
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 05 Oct 2022 18:54:46 GMT
Expires: Mon, 04 Oct 2027 18:54:46 GMT
Etag: e2f28d8cd3ae4cc4bb446bb8b3540966
Cache-Control: private, must-revalidate, max-age=0
Access-Control-Allow-Origin: https://acadplus.in
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
content22.online.citi.com/fp/ls_fp.html;CIS3SID=9F3D29A988B362B5A3175ECA6161A9F6?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
91.235.133.67200 OK 13 kB URL HTTP/1.1 content22.online.citi.com/fp/ls_fp.html;CIS3SID=9F3D29A988B362B5A3175ECA6161A9F6?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
IP 91.235.133.67:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash b78cd56284b4c222b55912b3dfa04569
cc74d975367aacab739247f31c5b62c44656715a
a93e76ab93700f979c8abd00c0169f37c4797972ce2ce1e197999c8a60b7d521
GET /fp/ls_fp.html;CIS3SID=9F3D29A988B362B5A3175ECA6161A9F6?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jb=31362e6c71633d316737693a6061343730383134303e366136643133363366306330326431333b
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jb=31362e6c71633d316737693a6061343730383134303e366136643133363366306330326431333b
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jb=31362e6c71633d316737693a6061343730383134303e366136643133363366306330326431333b HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Wed, 05 Oct 2022 18:54:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jd=37352e2668646e3f352662646a3d3a66316234376130673630366535316066376735306163336e37623a38336565266866766c3d303a353a3a37
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jd=37352e2668646e3f352662646a3d3a66316234376130673630366535316066376735306163336e37623a38336565266866766c3d303a353a3a37
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jd=37352e2668646e3f352662646a3d3a66316234376130673630366535316066376735306163336e37623a38336565266866766c3d303a353a3a37 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Wed, 05 Oct 2022 18:54:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/clear.png
91.235.133.67200 OK 81 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png
IP 91.235.133.67:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*, 89oebq5k/31f079b47db06ff46a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplus.in
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 05 Oct 2022 18:54:46 GMT
Expires: Mon, 04 Oct 2027 18:54:46 GMT
Etag: 1e9a3b9a9d6b408e8e6a8b935db7c2ad
Cache-Control: private, must-revalidate, max-age=0
Access-Control-Allow-Origin: https://acadplus.in
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
content22.online.citi.com/fp/top_fp.html;CIS3SID=9F3D29A988B362B5A3175ECA6161A9F6?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
91.235.133.67200 OK 13 kB URL HTTP/1.1 content22.online.citi.com/fp/top_fp.html;CIS3SID=9F3D29A988B362B5A3175ECA6161A9F6?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
IP 91.235.133.67:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash e5c2ceca1db4d046c1f7214bf644aa3e
1c5e65854b5a9be9cc3f288dc46d3130f663d38c
5c188bcd9b71504107ebf76e099ccc1edef91ad0473e699559feeb1e99fcbc36
GET /fp/top_fp.html;CIS3SID=9F3D29A988B362B5A3175ECA6161A9F6?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ja=37383f2624613d32247a353224663f3332383078313830342661663d313038307a33323030247b78793f307830266472723f332c313238322c313030362c33303a3024313232322e333230322e39313b2c3132383024333032342c302c32267361663f32362464683d6a7474707325314127304625324663636164726e75712c6b6e2d32446169767b2e6b6d6f2530442664723d26606a3d66636230383231313b30616132663064636764323061303438323b6434656336266a736d3f4c6b6c77782e6a71603d446b726d646d782730303936266a7b6d753d4c696e757a266a7160773d446b7a65666d78266e68633f313424747a643d575443266f63746a703f3230393460383a61303f6760613666666138626130633639313964366163613032336337346d31383061306139643b3463633434306431343436603766363b3226783d726e75656b6e57646e61716a253545666164716521706c75676b6e5f756b6c646d757b5f6d676469615f706e617b677225354564616c736723706e776569665f63666f60675f6961706f60637425354566696e736521706c7565696e5d73776961697c696d6725354566616e736723706c75676b6e5f736a6d63697563766d25374766636e736d23726c7765696e5f7265696e706c6179657227354564636e736723786c7565696e5f766c615f726e6179657227354566636e736723726c7d676b6c5f666776696e747227374566616c736d23706c7567696e5d7376655d746967756d7225374566616c736721726e7567696e5d6a61766327354764636c7b65246163663f323f353a3736&jb=3b352e6c733f4d6d7869646e63253044352e302532382a5831312533422732304e6b6c757a273a30783a365f3634253142273030727625314139362c3229273032476d63696d253044323833323033323125323046617065666f7825324439362c32
91.235.133.67204 204 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ja=37383f2624613d32247a353224663f3332383078313830342661663d313038307a33323030247b78793f307830266472723f332c313238322c313030362c33303a3024313232322e333230322e39313b2c3132383024333032342c302c32267361663f32362464683d6a7474707325314127304625324663636164726e75712c6b6e2d32446169767b2e6b6d6f2530442664723d26606a3d66636230383231313b30616132663064636764323061303438323b6434656336266a736d3f4c6b6c77782e6a71603d446b726d646d782730303936266a7b6d753d4c696e757a266a7160773d446b7a65666d78266e68633f313424747a643d575443266f63746a703f3230393460383a61303f6760613666666138626130633639313964366163613032336337346d31383061306139643b3463633434306431343436603766363b3226783d726e75656b6e57646e61716a253545666164716521706c75676b6e5f756b6c646d757b5f6d676469615f706e617b677225354564616c736723706e776569665f63666f60675f6961706f60637425354566696e736521706c7565696e5d73776961697c696d6725354566616e736723706c75676b6e5f736a6d63697563766d25374766636e736d23726c7765696e5f7265696e706c6179657227354564636e736723786c7565696e5f766c615f726e6179657227354566636e736723726c7d676b6c5f666776696e747227374566616c736d23706c7567696e5d7376655d746967756d7225374566616c736721726e7567696e5d6a61766327354764636c7b65246163663f323f353a3736&jb=3b352e6c733f4d6d7869646e63253044352e302532382a5831312533422732304e6b6c757a273a30783a365f3634253142273030727625314139362c3229273032476d63696d253044323833323033323125323046617065666f7825324439362c32
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&ja=37383f2624613d32247a353224663f3332383078313830342661663d313038307a33323030247b78793f307830266472723f332c313238322c313030362c33303a3024313232322e333230322e39313b2c3132383024333032342c302c32267361663f32362464683d6a7474707325314127304625324663636164726e75712c6b6e2d32446169767b2e6b6d6f2530442664723d26606a3d66636230383231313b30616132663064636764323061303438323b6434656336266a736d3f4c6b6c77782e6a71603d446b726d646d782730303936266a7b6d753d4c696e757a266a7160773d446b7a65666d78266e68633f313424747a643d575443266f63746a703f3230393460383a61303f6760613666666138626130633639313964366163613032336337346d31383061306139643b3463633434306431343436603766363b3226783d726e75656b6e57646e61716a253545666164716521706c75676b6e5f756b6c646d757b5f6d676469615f706e617b677225354564616c736723706e776569665f63666f60675f6961706f60637425354566696e736521706c7565696e5d73776961697c696d6725354566616e736723706c75676b6e5f736a6d63697563766d25374766636e736d23726c7765696e5f7265696e706c6179657227354564636e736723786c7565696e5f766c615f726e6179657227354566636e736723726c7d676b6c5f666776696e747227374566616c736d23706c7567696e5d7376655d746967756d7225374566616c736721726e7567696e5d6a61766327354764636c7b65246163663f323f353a3736&jb=3b352e6c733f4d6d7869646e63253044352e302532382a5831312533422732304e6b6c757a273a30783a365f3634253142273030727625314139362c3229273032476d63696d253044323833323033323125323046617065666f7825324439362c32 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Wed, 05 Oct 2022 18:54:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
content22.online.citi.com/fp/clear.png
91.235.133.67304 Not Modified 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*, 89oebq5k/5527618d41f91b6a9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acadplus.in
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 05 Oct 2022 18:54:46 GMT
If-None-Match: e2f28d8cd3ae4cc4bb446bb8b3540966
HTTP/1.1 304 Not Modified
Date: Wed, 05 Oct 2022 18:54:46 GMT
Access-Control-Allow-Origin: *
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jb=3b34266e736335336737633a62613635303a3334303634613466313134336430613a3064333133
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jb=3b34266e736335336737633a62613635303a3334303634613466313134336430613a3064333133
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jb=3b34266e736335336737633a62613635303a3334303634613466313134336430613a3064333133 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Wed, 05 Oct 2022 18:54:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/ls_fp.html;CIS3SID=0535F7E792C26E1899F6BE67179C76D0?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
91.235.133.67200 OK 13 kB URL HTTP/1.1 content22.online.citi.com/fp/ls_fp.html;CIS3SID=0535F7E792C26E1899F6BE67179C76D0?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
IP 91.235.133.67:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash 8a33c260b7a7ae63a9b98096ac31b86c
b2f8fecb43471387b9a76d26fc80c421e9b00aff
48a182fdf0a6897ba7f6efbbb6262250c61f530081016008775256928d73962e
GET /fp/ls_fp.html;CIS3SID=0535F7E792C26E1899F6BE67179C76D0?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=94
Transfer-Encoding: chunked
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jd=3d3726246a64663d35266864683d386431603637613865363234653733606437653f326161316637603838316d65266864746c3f303833333835
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jd=3d3726246a64663d35266864683d386431603637613865363234653733606437653f326161316637603838316d65266864746c3f303833333835
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jd=3d3726246a64663d35266864683d386431603637613865363234653733606437653f326161316637603838316d65266864746c3f303833333835 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Wed, 05 Oct 2022 18:54:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/javascript
ocsps.ssl.com/
34.237.184.165200 OK 1.9 kB IP 34.237.184.165:0
Hash 486c3adefbcc481e2941bcddb4f7a216
ee51708bbaacfb5b65f4f7b824b4ff0a01f0baad
277ab4ee258899e15d1ec39e667150cbe870bfbdbd878f9ab0d5157b929d8858
POST / HTTP/1.1
Host: ocsps.ssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Oct 2022 18:54:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1883
Connection: keep-alive
Expires: Wed, 12 Oct 2022 13:43:38 GMT
Cache-Control: max-age=86400,public,no-transform,must-revalidate
ETag: "ee51708bbaacfb5b65f4f7b824b4ff0a01f0baad"
Last-Modified: Wed, 05 Oct 2022 13:43:39 GMT
X-Proxy-Cache: HIT
content22.online.citi.com/fp/top_fp.html;CIS3SID=0535F7E792C26E1899F6BE67179C76D0?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
91.235.133.67200 OK 14 kB URL HTTP/1.1 content22.online.citi.com/fp/top_fp.html;CIS3SID=0535F7E792C26E1899F6BE67179C76D0?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
IP 91.235.133.67:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash b0a02425d99ffc14493133449b2fcbca
1cb01ff6da1bccd7f72e7278ad3e768ff89e5f98
f565544503000f0732a128f762b7788bd56fe10ea584d5b1a10e7c20d0fb3a6b
GET /fp/top_fp.html;CIS3SID=0535F7E792C26E1899F6BE67179C76D0?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ja=3d3a372426613530247a3f3226663d31323a3278313032342463663f33303a3078393030322673787b3d307a38266472703d332e31303a322e333832342e313030322c3330323a2c33323a322c3933392c333038302c313030362c322e322473636c3d3234266c683f68747678732531432530442530446361636c706c77732c616c2530466161747b2e616d6d2532462666703d2668683d3430643366646432366c383563306362646136616b63306737346161353b363024687b6f3d4e696c7d7a2668736035466b7267646f782532303b34266a736f753f4e696c777a246a736a753d46697265646f78246668633f333624767a663f5756412e6d617668703530383b36603038613035676261346466633a62613861363b3339663461616132383163353665313a3261326939643b366163363432663136363e623564343b3824703f706e7d676b6e5d646c61736825374766616c736523726c77656b6c5f77616e646f77735f6f65646b695f706e6379677025374764636e7b6521726c776f6b6e5d61666762675f6361726f62617427374566616c736723706e77656b6e5f797569636b74696f6525374d66616e716523726c77656b6c5d7b686f616b756974652735476e616e736723706c7567696c5d7265616c706e6379677027374566696c736521706c7767696c57766c615d706e637967702737476e616c716523786e7565696c57646776636e767225354564636c736521706e77676b6c5d7176675776696577657227354564696c736723706e77676b6c5d68637e6125374564696e736726616b643f32303a333736&jb=3137266e713f456f78696e6e61253246352c32253230285833332531402730304c616e75782532307a38365d3e3425314025303272742731433b3e2e302b2530384565616b6d2d3244323233303031303127303046697265646d782730443b362e38
91.235.133.67204 204 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ja=3d3a372426613530247a3f3226663d31323a3278313032342463663f33303a3078393030322673787b3d307a38266472703d332e31303a322e333832342e313030322c3330323a2c33323a322c3933392c333038302c313030362c322e322473636c3d3234266c683f68747678732531432530442530446361636c706c77732c616c2530466161747b2e616d6d2532462666703d2668683d3430643366646432366c383563306362646136616b63306737346161353b363024687b6f3d4e696c7d7a2668736035466b7267646f782532303b34266a736f753f4e696c777a246a736a753d46697265646f78246668633f333624767a663f5756412e6d617668703530383b36603038613035676261346466633a62613861363b3339663461616132383163353665313a3261326939643b366163363432663136363e623564343b3824703f706e7d676b6e5d646c61736825374766616c736523726c77656b6c5f77616e646f77735f6f65646b695f706e6379677025374764636e7b6521726c776f6b6e5d61666762675f6361726f62617427374566616c736723706e77656b6e5f797569636b74696f6525374d66616e716523726c77656b6c5d7b686f616b756974652735476e616e736723706c7567696c5d7265616c706e6379677027374566696c736521706c7767696c57766c615d706e637967702737476e616c716523786e7565696c57646776636e767225354564636c736521706e77676b6c5d7176675776696577657227354564696c736723706e77676b6c5d68637e6125374564696e736726616b643f32303a333736&jb=3137266e713f456f78696e6e61253246352c32253230285833332531402730304c616e75782532307a38365d3e3425314025303272742731433b3e2e302b2530384565616b6d2d3244323233303031303127303046697265646d782730443b362e38
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&ja=3d3a372426613530247a3f3226663d31323a3278313032342463663f33303a3078393030322673787b3d307a38266472703d332e31303a322e333832342e313030322c3330323a2c33323a322c3933392c333038302c313030362c322e322473636c3d3234266c683f68747678732531432530442530446361636c706c77732c616c2530466161747b2e616d6d2532462666703d2668683d3430643366646432366c383563306362646136616b63306737346161353b363024687b6f3d4e696c7d7a2668736035466b7267646f782532303b34266a736f753f4e696c777a246a736a753d46697265646f78246668633f333624767a663f5756412e6d617668703530383b36603038613035676261346466633a62613861363b3339663461616132383163353665313a3261326939643b366163363432663136363e623564343b3824703f706e7d676b6e5d646c61736825374766616c736523726c77656b6c5f77616e646f77735f6f65646b695f706e6379677025374764636e7b6521726c776f6b6e5d61666762675f6361726f62617427374566616c736723706e77656b6e5f797569636b74696f6525374d66616e716523726c77656b6c5d7b686f616b756974652735476e616e736723706c7567696c5d7265616c706e6379677027374566696c736521706c7767696c57766c615d706e637967702737476e616c716523786e7565696c57646776636e767225354564636c736521706e77676b6c5d7176675776696577657227354564696c736723706e77676b6c5d68637e6125374564696e736726616b643f32303a333736&jb=3137266e713f456f78696e6e61253246352c32253230285833332531402730304c616e75782532307a38365d3e3425314025303272742731433b3e2e302b2530384565616b6d2d3244323233303031303127303046697265646d782730443b362e38 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Wed, 05 Oct 2022 18:54:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=93
Connection: Keep-Alive
ocsp.securetrust.com/
23.36.79.25200 OK 638 B IP 23.36.79.25:0
ASN #20940 Akamai International B.V.
Hash 813d42eb84e24c69e9ffd73540cc8ec1
feee22be6396e545ca7b13e6b1ebb4c08ab64802
0f97a1ad733be09a800ef6843770c27f74af10a775b2126ab719b93dc80b7481
POST / HTTP/1.1
Host: ocsp.securetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 638
Date: Wed, 05 Oct 2022 18:54:46 GMT
Connection: keep-alive
89oebq5kczg3ghvfhl4btlj7hqcgbmpe5jomxzqk31f079b47db06ff4am1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&di=yes
91.235.134.131200 OK 81 B URL HTTP/1.1 89oebq5kczg3ghvfhl4btlj7hqcgbmpe5jomxzqk31f079b47db06ff4am1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&di=yes
IP 91.235.134.131:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&di=yes HTTP/1.1
Host: 89oebq5kczg3ghvfhl4btlj7hqcgbmpe5jomxzqk31f079b47db06ff4am1.e.aa.online-metrix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81
Content-Type: image/png
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMS4xNSIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY0OTk2MDg1OTMxIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODNhOTgwMTBhOTYyLTAxZjQ0N2Y3ZWIyODU0OC0zMDZkNDY0YS0xNDAwMDAtMTgzYTk4MDEwYWE1MmQiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtY2l0aSIsImFjY291bnRJZCI6IDQ5LCJ1cmwiOiAiaHR0cHM6Ly9hY2FkcGx1cy5pbi9jaXR5LmNvbS8iLCJ3ZWJzaXRlSWQiOiA1MCwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiZTAwOS1lZTc5LWQwOWQtYzU1My1kMDhhLWJjYmQtMTgzNS1lNTY0Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NjQ5OTYwODU2OTUiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogMTAyNywia2FtcHlsZV92ZXJzaW9uIjogIjIuNDIuMSIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDIuMSIsImhpc3RvcnlfbGVuZ3RoIjogMSwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY2NDk5NjA4NTY5NywicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsImZlZWRiYWNrX2NvcnJlbGF0aW9uX3V1aWQiOiBudWxsfQpdfQ==
35.241.45.82200 OK 0 B URL HTTP/2 udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMS4xNSIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY0OTk2MDg1OTMxIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODNhOTgwMTBhOTYyLTAxZjQ0N2Y3ZWIyODU0OC0zMDZkNDY0YS0xNDAwMDAtMTgzYTk4MDEwYWE1MmQiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtY2l0aSIsImFjY291bnRJZCI6IDQ5LCJ1cmwiOiAiaHR0cHM6Ly9hY2FkcGx1cy5pbi9jaXR5LmNvbS8iLCJ3ZWJzaXRlSWQiOiA1MCwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiZTAwOS1lZTc5LWQwOWQtYzU1My1kMDhhLWJjYmQtMTgzNS1lNTY0Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NjQ5OTYwODU2OTUiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogMTAyNywia2FtcHlsZV92ZXJzaW9uIjogIjIuNDIuMSIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDIuMSIsImhpc3RvcnlfbGVuZ3RoIjogMSwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY2NDk5NjA4NTY5NywicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsImZlZWRiYWNrX2NvcnJlbGF0aW9uX3V1aWQiOiBudWxsfQpdfQ==
IP 35.241.45.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMS4xNSIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY0OTk2MDg1OTMxIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODNhOTgwMTBhOTYyLTAxZjQ0N2Y3ZWIyODU0OC0zMDZkNDY0YS0xNDAwMDAtMTgzYTk4MDEwYWE1MmQiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtY2l0aSIsImFjY291bnRJZCI6IDQ5LCJ1cmwiOiAiaHR0cHM6Ly9hY2FkcGx1cy5pbi9jaXR5LmNvbS8iLCJ3ZWJzaXRlSWQiOiA1MCwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiZTAwOS1lZTc5LWQwOWQtYzU1My1kMDhhLWJjYmQtMTgzNS1lNTY0Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NjQ5OTYwODU2OTUiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogMTAyNywia2FtcHlsZV92ZXJzaW9uIjogIjIuNDIuMSIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDIuMSIsImhpc3RvcnlfbGVuZ3RoIjogMSwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY2NDk5NjA4NTY5NywicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsImZlZWRiYWNrX2NvcnJlbGF0aW9uX3V1aWQiOiBudWxsfQpdfQ== HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:54:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
x-me: prod-instance-gatewayservice-blue-00mk
x-application-context: application:9090
content-type: image/gif; charset=UTF-8
content-length: 0
server: Jetty(9.2.11.v20150529)
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
89oebq5ka4b25zymnoyrkbsdklbqrknifamjhly35527618d41f91b6aam1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&di=yes
91.235.134.131200 OK 81 B URL HTTP/1.1 89oebq5ka4b25zymnoyrkbsdklbqrknifamjhly35527618d41f91b6aam1.e.aa.online-metrix.net/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&di=yes
IP 91.235.134.131:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&di=yes HTTP/1.1
Host: 89oebq5ka4b25zymnoyrkbsdklbqrknifamjhly35527618d41f91b6aam1.e.aa.online-metrix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:54:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81
Content-Type: image/png
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jf=31362e6c71603d3363356d6766353b313961633462316461316536646161623063356761363069
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jf=31362e6c71603d3363356d6766353b313961633462316461316536646161623063356761363069
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jf=31362e6c71603d3363356d6766353b313961633462316461316536646161623063356761363069 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=9F3D29A988B362B5A3175ECA6161A9F6?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Wed, 05 Oct 2022 18:54:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=92
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jf=3b34266e73603531633567676435393339636134623966613367366663616030613f6561343261
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jf=3b34266e73603531633567676435393339636134623966613367366663616030613f6561343261
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jf=3b34266e73603531633567676435393339636134623966613367366663616030613f6561343261 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://content22.online.citi.com/fp/ls_fp.html;CIS3SID=0535F7E792C26E1899F6BE67179C76D0?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Wed, 05 Oct 2022 18:54:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=91
Connection: Keep-Alive
Content-Type: text/javascript
contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
52.154.174.214200 OK 558 B URL HTTP/2 contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
IP 52.154.174.214:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (558), with no line terminators
Hash c26eed4643bd9def4fde5d1bf2aa5360
4cdebc71a1b1b0b0fd2eb4b7cc037bd963ed25f4
c800cc37778d72b98c00ece701dbf12ae42fff48a996d7786fd9c1eb0e9e862d
POST /client/v3.1/web/wup?cid=cedric HTTP/1.1
Host: contents2.00110.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1602
Origin: https://acadplus.in
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 558
date: Wed, 05 Oct 2022 18:54:45 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: 8fc0d13b-e699-43f2-a7c2-36f7c858d57d
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jac=1&je=3332392624726d3f6c6f2e6377646a3f64663534623d363038303535636635656034323961616d646363353637323667633733303663363a3536323a61653b6632393f393434333336303a3133646630266578333d6c643638656637623237383a63643460353166623a66626562656733643761616363663339363632
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jac=1&je=3332392624726d3f6c6f2e6377646a3f64663534623d363038303535636635656034323961616d646363353637323667633733303663363a3536323a61653b6632393f393434333336303a3133646630266578333d6c643638656637623237383a63643460353166623a66626562656733643761616363663339363632
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jac=1&je=3332392624726d3f6c6f2e6377646a3f64663534623d363038303535636635656034323961616d646363353637323667633733303663363a3536323a61653b6632393f393434333336303a3133646630266578333d6c643638656637623237383a63643460353166623a66626562656733643761616363663339363632 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Wed, 05 Oct 2022 18:54:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=90
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jac=1&je=393031242672653d6c6f24637564683d64643734623534303a32353761663765623e303963636564616135343f323667613533323661343a37343a3863673966383b373b36343b31363030313164643226677a333d6466363a676635603235383869663462373966603866606d6265673166376361616166313b3e3430
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jac=1&je=393031242672653d6c6f24637564683d64643734623534303a32353761663765623e303963636564616135343f323667613533323661343a37343a3863673966383b373b36343b31363030313164643226677a333d6466363a676635603235383869663462373966603866606d6265673166376361616166313b3e3430
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jac=1&je=393031242672653d6c6f24637564683d64643734623534303a32353761663765623e303963636564616135343f323667613533323661343a37343a3863673966383b373b36343b31363030313164643226677a333d6466363a676635603235383869663462373966603866606d6265673166376361616166313b3e3430 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Wed, 05 Oct 2022 18:54:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/javascript
content22.online.citi.com/fp/clear1.png;CIS3SID=0535F7E792C26E1899F6BE67179C76D0?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jf=3c333624736b6c5f706e663f7464725f4d76667a7237636b6140697b4e544f63267b69645f646174673d31343e34393b34303a3426716b665d767170653f77676a386561647169267169665d6b65793d33323739333031333234303530633a36343063653364303232313034383832633a36363a6367316632313831303530313c30303230363b613561613a3366666337303064356537626161343063356764643a393539653261376361306b3132643b34633430603063313b3037663130603861373030323862606660636166366261373738393063393530666460303730396b37366165383563663231316163303a62616431613466343b30626231383b3167333a39302e736b645d7169673d3330363730323231303264323a61373a33363039626263343366383732303265646165353a36343b6732313937376662323b343732373b3164356536356335653838676037666131363032323032356739376d666637663430303030353e383761333436366467673a37303165343a33373d60356337676d65676366663061613436616164396263626737356431247169667a3d30
91.235.133.67204 204 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear1.png;CIS3SID=0535F7E792C26E1899F6BE67179C76D0?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jf=3c333624736b6c5f706e663f7464725f4d76667a7237636b6140697b4e544f63267b69645f646174673d31343e34393b34303a3426716b665d767170653f77676a386561647169267169665d6b65793d33323739333031333234303530633a36343063653364303232313034383832633a36363a6367316632313831303530313c30303230363b613561613a3366666337303064356537626161343063356764643a393539653261376361306b3132643b34633430603063313b3037663130603861373030323862606660636166366261373738393063393530666460303730396b37366165383563663231316163303a62616431613466343b30626231383b3167333a39302e736b645d7169673d3330363730323231303264323a61373a33363039626263343366383732303265646165353a36343b6732313937376662323b343732373b3164356536356335653838676037666131363032323032356739376d666637663430303030353e383761333436366467673a37303165343a33373d60356337676d65676366663061613436616164396263626737356431247169667a3d30
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear1.png;CIS3SID=0535F7E792C26E1899F6BE67179C76D0?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1&jf=3c333624736b6c5f706e663f7464725f4d76667a7237636b6140697b4e544f63267b69645f646174673d31343e34393b34303a3426716b665d767170653f77676a386561647169267169665d6b65793d33323739333031333234303530633a36343063653364303232313034383832633a36363a6367316632313831303530313c30303230363b613561613a3366666337303064356537626161343063356764643a393539653261376361306b3132643b34633430603063313b3037663130603861373030323862606660636166366261373738393063393530666460303730396b37366165383563663231316163303a62616431613466343b30626231383b3167333a39302e736b645d7169673d3330363730323231303264323a61373a33363039626263343366383732303265646165353a36343b6732313937376662323b343732373b3164356536356335653838676037666131363032323032356739376d666637663430303030353e383761333436366467673a37303165343a33373d60356337676d65676366663061613436616164396263626737356431247169667a3d30 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Wed, 05 Oct 2022 18:54:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: image/png;charset=UTF-8
Keep-Alive: timeout=2, max=96
content22.online.citi.com/fp/clear1.png;CIS3SID=9F3D29A988B362B5A3175ECA6161A9F6?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jf=36313c26716b645d706e6c3f7664705d335736633767694c6f6e50514f656b3924716b645d666974653f31363634393b36323a36267369665f747972673d7567603a6d636671612471696c5d69657b3f33303539333833333036303732633836363a6165316638323033303630383263383436386365336630333033323732313632383032366134313238676435363066343131393b63353062353765326433606064613a333a3865613366626363303537353434643533623865646730333332306a663161646730343d633a623260336161316230353238306132306362376361306337373e33306765373139383b30603366366535366133633a3532673034396e39603126716b6457716b673f3130343430323a3233396639663334343763613464363b3c33613038333135333b393b6631396566603835323436313b3031656e316036323433306d3b3a39606064383938303a3330323230353263316235373b6234353c6466326539653733303833603934363761373436616666313437356b393b67323730363a343a35603a32303666633e313838333126736b66723f32
91.235.133.67204 204 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear1.png;CIS3SID=9F3D29A988B362B5A3175ECA6161A9F6?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jf=36313c26716b645d706e6c3f7664705d335736633767694c6f6e50514f656b3924716b645d666974653f31363634393b36323a36267369665f747972673d7567603a6d636671612471696c5d69657b3f33303539333833333036303732633836363a6165316638323033303630383263383436386365336630333033323732313632383032366134313238676435363066343131393b63353062353765326433606064613a333a3865613366626363303537353434643533623865646730333332306a663161646730343d633a623260336161316230353238306132306362376361306337373e33306765373139383b30603366366535366133633a3532673034396e39603126716b6457716b673f3130343430323a3233396639663334343763613464363b3c33613038333135333b393b6631396566603835323436313b3031656e316036323433306d3b3a39606064383938303a3330323230353263316235373b6234353c6466326539653733303833603934363761373436616666313437356b393b67323730363a343a35603a32303666633e313838333126736b66723f32
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear1.png;CIS3SID=9F3D29A988B362B5A3175ECA6161A9F6?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1&jf=36313c26716b645d706e6c3f7664705d335736633767694c6f6e50514f656b3924716b645d666974653f31363634393b36323a36267369665f747972673d7567603a6d636671612471696c5d69657b3f33303539333833333036303732633836363a6165316638323033303630383263383436386365336630333033323732313632383032366134313238676435363066343131393b63353062353765326433606064613a333a3865613366626363303537353434643533623865646730333332306a663161646730343d633a623260336161316230353238306132306362376361306337373e33306765373139383b30603366366535366133633a3532673034396e39603126716b6457716b673f3130343430323a3233396639663334343763613464363b3c33613038333135333b393b6631396566603835323436313b3031656e316036323433306d3b3a39606064383938303a3330323230353263316235373b6234353c6466326539653733303833603934363761373436616666313437356b393b67323730363a343a35603a32303666633e313838333126736b66723f32 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Wed, 05 Oct 2022 18:54:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: image/png;charset=UTF-8
Keep-Alive: timeout=2, max=96
cdn.pbbl.co/r/1560.js
54.230.111.108403 Forbidden 986 B IP 54.230.111.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a4b5dd872880deee87b9c9cd51e217b7
6fd54d0869841339404d8ec802b9248705c86422
20f99e2002bdc77edddcc48faf37c5ac6ecc225339b97668917178919eb03a33
GET /r/1560.js HTTP/1.1
Host: cdn.pbbl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: CloudFront
date: Wed, 05 Oct 2022 18:54:46 GMT
content-type: text/html
content-length: 986
x-cache: Error from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aVSOsUn_UYwrGObdVEZX7xJF9CL_6joiU4jvVPc9fo0mvjOG8s-0_A==
vary: Origin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/?random=1664996087024&cv=9&fst=1664996087024&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.34200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/830907969/?random=1664996087024&cv=9&fst=1664996087024&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (2316), with no line terminators
Hash 131f92fcb677a2c10a140bd7e93ea8de
6ec8dd0f8f18d627a9d2dc812d512a3e516397e2
950a6b464c9ea399ab9b1ff0d575bdaecf22b8e8680b97acabf2247ac4723626
GET /pagead/viewthroughconversion/830907969/?random=1664996087024&cv=9&fst=1664996087024&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 18:54:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1054
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 05-Oct-2022 19:09:47 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/?random=1664996086975&cv=9&fst=1664996086975&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.34200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/916451471/?random=1664996086975&cv=9&fst=1664996086975&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (2314), with no line terminators
Hash 502b4ab1e275b5ffa4213d28b01fb8ad
b70f1dd5ed68fb5008897398939e5fcc7e182c6d
97f56882d4cd99fecfc1a5e8f0cb9bd74824f51a430e5abc5e85aa277f299920
GET /pagead/viewthroughconversion/916451471/?random=1664996086975&cv=9&fst=1664996086975&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 18:54:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1053
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 05-Oct-2022 19:09:47 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/819500023/?random=1664996087028&cv=9&fst=1664996087028&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.34200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/819500023/?random=1664996087028&cv=9&fst=1664996087028&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (2316), with no line terminators
Hash 176a8d696f70c0bd9433ac1fd004c9c4
5cda70cf006308b875c45db889cb73770c797800
a8ea9c6e429751e981ab9cfe12349f7a7f9c663bd4ffeaa94e823d12da694c87
GET /pagead/viewthroughconversion/819500023/?random=1664996087028&cv=9&fst=1664996087028&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 18:54:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1054
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 05-Oct-2022 19:09:47 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10955006959/?random=1664996087019&cv=9&fst=1664996087019&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa30&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&auid=1160632557.1664996084&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.34200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10955006959/?random=1664996087019&cv=9&fst=1664996087019&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa30&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&auid=1160632557.1664996084&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (2318), with no line terminators
Hash 99fb53a72ba04e335745641190b7619f
543f69c0c37441a395c90f120cde8c82e92acddf
5789845d102c89a395f7987511f05fe9996fc0e244d76e8a8a2b82a1229986cd
GET /pagead/viewthroughconversion/10955006959/?random=1664996087019&cv=9&fst=1664996087019&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa30&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&auid=1160632557.1664996084&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 18:54:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1055
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 05-Oct-2022 19:09:47 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/?random=1664996087016&cv=9&fst=1664996087016&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.34200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/975701947/?random=1664996087016&cv=9&fst=1664996087016&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (2316), with no line terminators
Hash b99415529295dacc6de108213af78e97
1170434e3a9c259b788b68716909895aacd5914d
9044a4aae24fbc3af01f9a1728f3390acc31fcb5185f4e19d2a857815dc5255b
GET /pagead/viewthroughconversion/975701947/?random=1664996087016&cv=9&fst=1664996087016&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 18:54:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1052
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 05-Oct-2022 19:09:47 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/?random=1664996087006&cv=9&fst=1664996087006&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.34200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/959299794/?random=1664996087006&cv=9&fst=1664996087006&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (2316), with no line terminators
Hash d48a78e6c6a5b2082c17be8b596dafe2
46749b2f72d73761ab088ec309c68bd034225f4f
ddda8cffe441512aecc3646222178f0d8d9f1c39d83231e0a05fb348c41f98a6
GET /pagead/viewthroughconversion/959299794/?random=1664996087006&cv=9&fst=1664996087006&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 18:54:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1054
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 05-Oct-2022 19:09:47 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/?random=1664996086994&cv=9&fst=1664996086994&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.34200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/960621875/?random=1664996086994&cv=9&fst=1664996086994&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (2314), with no line terminators
Hash e1eabffb5d19cd4857df1d53908da76d
4f1b7a29ebe89d12cf34a1683418e3672bb2893c
905c5c382a4dc9c10bbad5204f658b2099ecc5e6a1ae576b17a50b9c5c2bdd26
GET /pagead/viewthroughconversion/960621875/?random=1664996086994&cv=9&fst=1664996086994&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 18:54:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1049
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 05-Oct-2022 19:09:47 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/?random=1664996087000&cv=9&fst=1664996087000&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.34200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/695231162/?random=1664996087000&cv=9&fst=1664996087000&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (2314), with no line terminators
Hash d8e6bd255439ca2385a41e84668a08a1
611acec89dcdf21063973f6533f5328c25583364
599de3b811fbf7a5de9f25ce6b620c7d285d203ef0b7fc04814b05d0bc8a0021
GET /pagead/viewthroughconversion/695231162/?random=1664996087000&cv=9&fst=1664996087000&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 18:54:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1052
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 05-Oct-2022 19:09:47 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/?random=1664996087011&cv=9&fst=1664996087011&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.34200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/644574043/?random=1664996087011&cv=9&fst=1664996087011&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (2314), with no line terminators
Hash 58fe530cc83c60d2d7447add72eea84a
09f764c1cfc1f96797ec32fcbb66952e3137da35
a05cb9703a17d406c80b341e0f2563fe004774c164e583783ad9a447118d9214
GET /pagead/viewthroughconversion/644574043/?random=1664996087011&cv=9&fst=1664996087011&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa2g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Facadplus.in%2Fcity.com%2F&tiba=Sign%20On%20to%20Your%20Citi%20Account%20-%20Citibank&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 18:54:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1054
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 05-Oct-2022 19:09:47 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:54:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
52.154.174.214200 OK 558 B URL HTTP/2 contents2.00110.citi.com/client/v3.1/web/wup?cid=cedric
IP 52.154.174.214:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (558), with no line terminators
Hash 27bcb55882360ff2db5534985bd08d22
97e4d73ffa060fea82e6d2dc1761fb2697b0f604
773e43bc298c9939523a11311a61deeb16f313d9353f6cbfeaad96a59729e2ce
POST /client/v3.1/web/wup?cid=cedric HTTP/1.1
Host: contents2.00110.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1542
Origin: https://acadplus.in
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 558
date: Wed, 05 Oct 2022 18:54:46 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: d377f3e7-3c97-4d3a-b1d6-a8c8d2078825
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp/clear.png?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 7
Origin: https://content22.online.citi.com
Connection: keep-alive
Referer: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=0535F7E792C26E1899F6BE67179C76D0?org_id=89oebq5k&session_id=9717568aca3ba00d5234104e6f4c362a19aaa5de751b91a371cfabbf6b804cec&nonce=5527618d41f91b6a&pageid=1
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Wed, 05 Oct 2022 18:54:47 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Access-Control-Allow-Origin: https://content22.online.citi.com
Content-Type: text/javascript
content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
91.235.133.67204 No Content 0 B URL HTTP/1.1 content22.online.citi.com/fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
IP 91.235.133.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp/clear.png?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1 HTTP/1.1
Host: content22.online.citi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 7
Origin: https://content22.online.citi.com
Connection: keep-alive
Referer: https://content22.online.citi.com/fp/top_fp.html;CIS3SID=9F3D29A988B362B5A3175ECA6161A9F6?org_id=89oebq5k&session_id=6a85cc0b2587fa37e50459cde015dc512324b28dd7dd15460c2d10e6ae17cd32&nonce=31f079b47db06ff4&pageid=1
Cookie: s_vi=[CS]v1|319EE9789E6317CF-60000AE4A071E2F9[CE]; AMCV_61834D9B5228A7430A490D45%40AdobeOrg=0%7CMCMID%7C76270789850655157011331792400302488566; s_ecid=MCMID%7C76270789850655157011331792400302488566
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Wed, 05 Oct 2022 18:54:47 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Access-Control-Allow-Origin: https://content22.online.citi.com
Content-Type: text/javascript
nexus.ensighten.com/citi/na_prod/code/af3b21070dd01ab22a4f331056324374.js?conditionId0=4897099
54.230.111.74200 OK 0 B URL HTTP/2 nexus.ensighten.com/citi/na_prod/code/af3b21070dd01ab22a4f331056324374.js?conditionId0=4897099
IP 54.230.111.74:0
GET /citi/na_prod/code/af3b21070dd01ab22a4f331056324374.js?conditionId0=4897099 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 16 Aug 2022 21:43:10 GMT
x-amz-replication-status: PENDING
last-modified: Tue, 16 Aug 2022 21:43:05 GMT
etag: W/"412eb38d6a797c24fd5d7e30e1b9799d"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: QTYOdEvDbSbtudwcv3X6K9qpVGIDVLJs
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h2eaClN-cD_Rq__AyeJB0yxnUr4sMT9pJy2W8iQmddPCgcyV2Ib0Ng==
age: 4309894
X-Firefox-Spdy: h2
nexus.ensighten.com/citi/na_prod/code/2fec4c7c6dc69d561844935cdcfc1d5c.js?conditionId0=467299
54.230.111.74200 OK 0 B URL HTTP/2 nexus.ensighten.com/citi/na_prod/code/2fec4c7c6dc69d561844935cdcfc1d5c.js?conditionId0=467299
IP 54.230.111.74:0
GET /citi/na_prod/code/2fec4c7c6dc69d561844935cdcfc1d5c.js?conditionId0=467299 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 16 Aug 2022 21:43:10 GMT
x-amz-replication-status: PENDING
last-modified: Tue, 16 Aug 2022 21:43:05 GMT
etag: W/"6ee8c75c11d701bd85d6e3c25093c469"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: jza8GqxZGhVz18cCFAItH4ZpiQFQqNOt
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aRDdDpnp-dEJo_Q762uu51cSbnMdFpKTaoYqqWdoXIs4Itt9Z-LBSw==
age: 4309894
X-Firefox-Spdy: h2
nexus.ensighten.com/citi/na_prod/code/dcef7f6f64cade2834884f6600bcceb1.js?conditionId0=421908
54.230.111.74200 OK 0 B URL HTTP/2 nexus.ensighten.com/citi/na_prod/code/dcef7f6f64cade2834884f6600bcceb1.js?conditionId0=421908
IP 54.230.111.74:0
GET /citi/na_prod/code/dcef7f6f64cade2834884f6600bcceb1.js?conditionId0=421908 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acadplus.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 04 Oct 2022 20:23:36 GMT
x-amz-replication-status: PENDING
last-modified: Tue, 04 Oct 2022 20:23:22 GMT
etag: W/"910d372c0999fbacf19a94b8f1f3790e"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: KdwhCnYpFa1seeonQXpM5hyu41NX_OEJ
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MWJmy8RjT3ND1Ysp9hEVaOAVYmbsTbKsTrU6nVjo2vxWKaP9a3ozlQ==
age: 81068
X-Firefox-Spdy: h2