cigshixi.com/
301 Moved Permanently 178 B IP
ASN #49532 Eonix Corporation
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 07 Feb 2023 04:59:42 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.cigshixi.com/
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10210
Expires: Tue, 07 Feb 2023 07:49:53 GMT
Date: Tue, 07 Feb 2023 04:59:43 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18714
Expires: Tue, 07 Feb 2023 10:11:37 GMT
Date: Tue, 07 Feb 2023 04:59:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 04:36:30 GMT
content-type: application/json
age: 1393
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6906
Expires: Tue, 07 Feb 2023 06:54:49 GMT
Date: Tue, 07 Feb 2023 04:59:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: V1W8AOTxuUtQ3/5pmWzE0Ptj4zO5s/6n+8cEOvVzXxQtWM2VXPMriZX5CRetY4WHdRmd2A/5TlhE9vgJiwZU/g==
x-amz-request-id: H16PCHXSN5TJSQEP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 04:45:26 GMT
age: 857
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 04:59:43 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 04:51:19 GMT
age: 504
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0162c6c0b0e8f1ad84239fddffae70b4
f3a8de7ce8073738417465d196e1f7fa4e8fcd99
da5707bb9d260d88dbad89f0e3799860a7c957768e61f116a8c79d54c9ff7cad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA5707BB9D260D88DBAD89F0E3799860A7C957768E61F116A8C79D54C9FF7CAD"
Last-Modified: Tue, 07 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 07 Feb 2023 10:59:43 GMT
Date: Tue, 07 Feb 2023 04:59:43 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9472
Expires: Tue, 07 Feb 2023 07:37:35 GMT
Date: Tue, 07 Feb 2023 04:59:43 GMT
Connection: keep-alive
www.cigshixi.com/
200 OK 10 kB IP
ASN #49532 Eonix Corporation
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF, LF line terminators
Hash 177bf9750a7c26c59a315cf35e11bef7
b8caea1c0579f9d5026fffdfb8eb62ed456400c9
d538cee9c181e2e64f7704ed19cec5852393cbcdc1e527af04d681c3f8aba0f2
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:43 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eJNwlLDDmCYtY0B9fLW5Kw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mCHmbfgEt3Sb+TUUSPS0QbboKNM=
www.cigshixi.com/_files/css.css
200 OK 2.7 kB URL HTTP/1.1 www.cigshixi.com/_files/css.css
IP
ASN #49532 Eonix Corporation
Hash 8086760330de11f01bb5747d0f5eac5b
b80f80c1f3bbda02f0657ccffed17eb89796d85b
86a2db69f747583e39184b9e0e1926806207f57d19c3af7844893bd6e5ef0784
GET /_files/css.css HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/_files/_sitegray_d.css
200 OK 43 B URL HTTP/1.1 www.cigshixi.com/_files/_sitegray_d.css
IP
ASN #49532 Eonix Corporation
File type Unicode text, UTF-8 text, with no line terminators
Hash 5b97c84d38a2033e1f1630207e2ffc4e
2b3315cf489cc644999f451faf1beb55c22a5c76
f9a6b51766975b7a7885cf20c36bf07dc458072b7ca3853d1541382bea92a2a0
GET /_files/_sitegray_d.css HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/_files/lrtk.css
200 OK 808 B URL HTTP/1.1 www.cigshixi.com/_files/lrtk.css
IP
ASN #49532 Eonix Corporation
Hash 81f072e5c7f8c49163fd10e635f914e0
c675b35362950b11d36733d33497bc03099efd48
135eec13075f76cfedaf80475027a28fa9e519d364ea089d7a961b1582b0f893
GET /_files/lrtk.css HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/_files/pic.css
200 OK 981 B URL HTTP/1.1 www.cigshixi.com/_files/pic.css
IP
ASN #49532 Eonix Corporation
Hash 6cb70ae07928c787a82901a2b4ac261f
81279507ce021934612addc24ae9ac91ba6ed48a
818de47b632700a0a298cd20a2c403cda8c0958f95053fde89fcf74437d4d227
GET /_files/pic.css HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/_files/_sitegray.js
200 OK 101 B URL HTTP/1.1 www.cigshixi.com/_files/_sitegray.js
IP
ASN #49532 Eonix Corporation
File type Unicode text, UTF-8 (with BOM) text
Hash 45d7476ee7b1edc12c1413a53fe0ce34
6eb68b16e82aaa498077685a85a3b968dcc23da2
d226da1862a2d8dceb47089484b1768297ad661a549a85f311cfb626ec176398
Analyzer Verdict Alert fortinet Phishing
GET /_files/_sitegray.js HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/_files/focus.js
200 OK 767 B URL HTTP/1.1 www.cigshixi.com/_files/focus.js
IP
ASN #49532 Eonix Corporation
File type Unicode text, UTF-8 (with BOM) text
Hash 5c17f629678a24a796c73025d3306f71
77ca3eb6d8c3f1f8e5c8e1ff2273bcf1e5c912b5
fe4b1cdedd98f5c780028499ba4e2b946b7793c55f2860941209bbedac721c71
Analyzer Verdict Alert fortinet Phishing
GET /_files/focus.js HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/_files/index.vsb.css
200 OK 314 B URL HTTP/1.1 www.cigshixi.com/_files/index.vsb.css
IP
ASN #49532 Eonix Corporation
Hash 03f19f889e07faf5f3f28b0d875ef1b7
ad4262e61a96a00f43ef8e636ae71f1705f7b891
82f1f60ab265265a61ea007b459f408fd985cdab8a4edb9a30bcce2e7e5825b8
GET /_files/index.vsb.css HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/_files/vsbscreen.min.js
200 OK 1.2 kB URL HTTP/1.1 www.cigshixi.com/_files/vsbscreen.min.js
IP
ASN #49532 Eonix Corporation
File type Unicode text, UTF-8 (with BOM) text, with very long lines (3347), with no line terminators
Hash e0c54e2e93cdd5a3a6f6b95b058ebc0b
820b93cc6f210d1471bb75f426e30dedd223c3a4
b1961f0c59f31c8bf995f316a195bfb213a4637ee6d30ab6a067a9395903f4c3
Analyzer Verdict Alert fortinet Phishing
GET /_files/vsbscreen.min.js HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/_files/jquery-latest.min.js
200 OK 37 kB URL HTTP/1.1 www.cigshixi.com/_files/jquery-latest.min.js
IP
ASN #49532 Eonix Corporation
File type Unicode text, UTF-8 (with BOM) text, with very long lines (32086)
Hash cef0165292e33b1b754c11941b91f55a
7f07a9f8d2a70ad806c5374d8128aa21923c8b65
41e6bcb1a2610b5a98a68b2487c25a2b4c39ffc1de30719ec67d7a314e93e809
Analyzer Verdict Alert fortinet Phishing
GET /_files/jquery-latest.min.js HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/_files/koala.min.js
200 OK 18 kB URL HTTP/1.1 www.cigshixi.com/_files/koala.min.js
IP
ASN #49532 Eonix Corporation
File type ASCII text, with very long lines (35226)
Hash 7522afe9d87c1d7c696923d5951af063
e64ed0ac5402286516d611361bcb8e987b81156e
5b5bdbed0c08119b81d3cb01e6739c456b75b55d5719399285eccd817e3638c0
Analyzer Verdict Alert fortinet Phishing
GET /_files/koala.min.js HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/_files/counter.js
200 OK 754 B URL HTTP/1.1 www.cigshixi.com/_files/counter.js
IP
ASN #49532 Eonix Corporation
File type Unicode text, UTF-8 (with BOM) text, with very long lines (831)
Hash e54e27a21f25d9c25af37f93c94b6430
76418ce8042ec52c73c7bf7d2071fcaef11a5e15
1a3076bce0bf195cab6168fce2c4c8153dbb76177d3f49017a717f2d8094a6ff
Analyzer Verdict Alert fortinet Phishing
GET /_files/counter.js HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/_sitegray/_sitegray_d.css
200 OK 40 B URL HTTP/1.1 www.cigshixi.com/_sitegray/_sitegray_d.css
IP
ASN #49532 Eonix Corporation
File type ASCII text, with no line terminators
Hash cb2b33a5575d38237dba313af5ac3092
6e5716b27a4554091963aa34f5433b8ed01a9e4a
a02d3811e026b580db29333b7d91849abcffe86635092557cd4bfc5b21d6b219
GET /_sitegray/_sitegray_d.css HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/_sitegray/_sitegray.js
200 OK 98 B URL HTTP/1.1 www.cigshixi.com/_sitegray/_sitegray.js
IP
ASN #49532 Eonix Corporation
Hash a376d309afacc17fc6ec22935cc1e958
612062f672fee038b568702cf5535bcc031c568d
bea51bdbce54ba8a0aae154d28b8aa9bc171258fb1b98662668a3953e552d9c1
Analyzer Verdict Alert fortinet Phishing
GET /_sitegray/_sitegray.js HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/index.vsb.css
200 OK 90 B URL HTTP/1.1 www.cigshixi.com/index.vsb.css
IP
ASN #49532 Eonix Corporation
Hash 183f5c4c957f58cf076ae59a0fc5b658
2b9ca9fa37ccf4ad667c5cdc612a07e99d13525b
eaa4bbab5e4e39ebfd4dbb7c0ce4ba7074bb14072ffed10b8b6259a3a4b1084a
GET /index.vsb.css HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/jquery.bc.min.js
200 OK 1.3 kB URL HTTP/1.1 www.cigshixi.com/jquery.bc.min.js
IP
ASN #49532 Eonix Corporation
File type HTML document text\012- HTML document, ASCII text, with very long lines (1784), with CRLF line terminators
Hash 1612eb1712d51d6e8440a152b315d232
10846d191627164438707e32a7c73f62d5bde5e6
7fbdb6256e0fef4d4e961e2308472a11764dcf9cea38fb6d3b419350733d53c2
Analyzer Verdict Alert fortinet Phishing
GET /jquery.bc.min.js HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: application/javascript
Last-Modified: Tue, 11 Oct 2022 01:57:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6344cd77-ad4"
Expires: Tue, 07 Feb 2023 05:59:44 GMT
Cache-Control: max-age=3600
Content-Encoding: gzip
www.cigshixi.com/system/resource/js/counter.js
200 OK 754 B URL HTTP/1.1 www.cigshixi.com/system/resource/js/counter.js
IP
ASN #49532 Eonix Corporation
File type Unicode text, UTF-8 (with BOM) text, with very long lines (831)
Hash e54e27a21f25d9c25af37f93c94b6430
76418ce8042ec52c73c7bf7d2071fcaef11a5e15
1a3076bce0bf195cab6168fce2c4c8153dbb76177d3f49017a717f2d8094a6ff
Analyzer Verdict Alert fortinet Phishing
GET /system/resource/js/counter.js HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/system/resource/js/dynclicks.js
200 OK 1.1 kB URL HTTP/1.1 www.cigshixi.com/system/resource/js/dynclicks.js
IP
ASN #49532 Eonix Corporation
File type Unicode text, UTF-8 (with BOM) text
Hash 9442c4c190c9cdfe1017f0372c0be305
f9286c77ceaef09d0f2329e2619fbd83027ab61e
53cc9c79d3b9ab116e168e56eed1c7cdc978fa5e9fa44d33aa28ba6ca839f1b2
Analyzer Verdict Alert fortinet Phishing
GET /system/resource/js/dynclicks.js HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/system/resource/js/base64.js
200 OK 1.5 kB URL HTTP/1.1 www.cigshixi.com/system/resource/js/base64.js
IP
ASN #49532 Eonix Corporation
Hash f9ba20e41496e1709a7582be758f572c
10e2a9b252140e657665e3db79defad64b613637
17e754a3750f3822372163c62d1fc106843d8bcbdcf1af089dd5d2eb985d9c8e
Analyzer Verdict Alert fortinet Phishing
GET /system/resource/js/base64.js HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/system/resource/js/formfunc.js
200 OK 639 B URL HTTP/1.1 www.cigshixi.com/system/resource/js/formfunc.js
IP
ASN #49532 Eonix Corporation
File type Unicode text, UTF-8 (with BOM) text
Hash 74a0c2e1253abc1829e03516683382e6
c38c7e78bb3380c889d2ed441f082450484061cf
da471c05995843a9afafd5b69fa5b9423a48e06a8edd23639c54a36779da6101
Analyzer Verdict Alert fortinet Phishing
GET /system/resource/js/formfunc.js HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/system/resource/js/centerCutImg.js
200 OK 1.6 kB URL HTTP/1.1 www.cigshixi.com/system/resource/js/centerCutImg.js
IP
ASN #49532 Eonix Corporation
Hash 918bee0cd7521fcf6584fafcbf662460
dd8a04d5836778d52541c2037c14719898cb8673
3c0acd2aa1a4e98121fb192302dd60962d816fef42ff7db3c5acb31964301027
Analyzer Verdict Alert fortinet Phishing
GET /system/resource/js/centerCutImg.js HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/system/resource/js/ajax.js
200 OK 2.3 kB URL HTTP/1.1 www.cigshixi.com/system/resource/js/ajax.js
IP
ASN #49532 Eonix Corporation
File type Unicode text, UTF-8 (with BOM) text
Hash 6faff064ccb5dcbc60f09268063f61b2
64773e937c9a44998dae6682512fba46856c8190
69f41fafc01a0b409645bf08d3d0a19a4a953d4dab2adb8716ae1c69d2713fae
Analyzer Verdict Alert fortinet Phishing
GET /system/resource/js/ajax.js HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/_files/imagechangenews.css
200 OK 322 B URL HTTP/1.1 www.cigshixi.com/_files/imagechangenews.css
IP
ASN #49532 Eonix Corporation
Hash 6d0bafd32675cf2846375e0070bbcdbe
1752a55d14d66b9d87224173ebecf4fcbe973c09
bfbaa5e3023c163d7bd62eea4457657056f2a03da87829a26bdde592b0b08fb3
GET /_files/imagechangenews.css HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/_files/imagechangenews.js
200 OK 2.2 kB URL HTTP/1.1 www.cigshixi.com/_files/imagechangenews.js
IP
ASN #49532 Eonix Corporation
File type Unicode text, UTF-8 (with BOM) text
Hash 29a7b122eb4d5edd52ce71644ce5b49e
788eaa67b290d0bb8e4b1a528f8ca4c18f0b872f
fb107b9264855342e7254bf97eb2a63c017002fbe33b0b7d30b30acc959f490c
Analyzer Verdict Alert fortinet Phishing
GET /_files/imagechangenews.js HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/_files/images/logo.jpg
302 Moved Temporarily 0 B URL HTTP/1.1 www.cigshixi.com/_files/images/logo.jpg
IP
ASN #49532 Eonix Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_files/images/logo.jpg HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: https://tjxy.glut.edu.cn/_files/images/logo.jpg
www.cigshixi.com/5.jpg
302 Moved Temporarily 0 B IP
ASN #49532 Eonix Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /5.jpg HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: https://tjxy.glut.edu.cn/5.jpg
www.cigshixi.com/_files/images/index/banner/8AF672CD5AD0F5FEFCC8C83AE6F_FF5F6D38_1C6C6A.gif
302 Moved Temporarily 0 B URL HTTP/1.1 www.cigshixi.com/_files/images/index/banner/8AF672CD5AD0F5FEFCC8C83AE6F_FF5F6D38_1C6C6A.gif
IP
ASN #49532 Eonix Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_files/images/index/banner/8AF672CD5AD0F5FEFCC8C83AE6F_FF5F6D38_1C6C6A.gif HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: https://tjxy.glut.edu.cn/_files/images/index/banner/8AF672CD5AD0F5FEFCC8C83AE6F_FF5F6D38_1C6C6A.gif
www.cigshixi.com/ershida.png
302 Moved Temporarily 0 B URL HTTP/1.1 www.cigshixi.com/ershida.png
IP
ASN #49532 Eonix Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ershida.png HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: https://tjxy.glut.edu.cn/ershida.png
www.cigshixi.com/_files/images/zs.png
302 Moved Temporarily 0 B URL HTTP/1.1 www.cigshixi.com/_files/images/zs.png
IP
ASN #49532 Eonix Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_files/images/zs.png HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 Feb 2023 04:59:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: https://tjxy.glut.edu.cn/_files/images/zs.png
www.cigshixi.com/_files/images/index/banner/2.png
302 Moved Temporarily 0 B URL HTTP/1.1 www.cigshixi.com/_files/images/index/banner/2.png
IP
ASN #49532 Eonix Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_files/images/index/banner/2.png HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 Feb 2023 04:59:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: https://tjxy.glut.edu.cn/_files/images/index/banner/2.png
www.cigshixi.com/1.png
302 Moved Temporarily 0 B IP
ASN #49532 Eonix Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1.png HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 Feb 2023 04:59:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: https://tjxy.glut.edu.cn/1.png
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2352
Expires: Tue, 07 Feb 2023 05:38:57 GMT
Date: Tue, 07 Feb 2023 04:59:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2352
Expires: Tue, 07 Feb 2023 05:38:57 GMT
Date: Tue, 07 Feb 2023 04:59:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2352
Expires: Tue, 07 Feb 2023 05:38:57 GMT
Date: Tue, 07 Feb 2023 04:59:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75b0935816ca54d5d20a9fffa5531e0d
bd8374980c16b7d5a28e55b8bef2215713b1ebb2
4ab6f49d22d029681754b617001f93467d63035acdaf12905c2314cab77991af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13390
x-amzn-requestid: e7653b49-3160-42e3-8292-8ae32604f775
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpc8KEoPoAMFrUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da0eb4-68fd76a95ffa656318bedff6;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 07:03:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KaitXsesZ9mJducJ54ChzQGfb-2-hEN4W_QojGMKXYEji4xsjNdWCA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 09:06:57 GMT
age: 71568
etag: "bd8374980c16b7d5a28e55b8bef2215713b1ebb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8ec9ce3-b686-41f5-8011-400eea8266d1.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8ec9ce3-b686-41f5-8011-400eea8266d1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bea82060b0cd156bf25493942ab62317
4182ba66cceb85c1e873ed5c72a86d53ab851b94
b77aaa7620aa77c7b73be04ad7c91af04f5e91393b3847928668bed644d68709
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8ec9ce3-b686-41f5-8011-400eea8266d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10297
x-amzn-requestid: e1dcfab3-4321-4c83-8ad2-5b6a1b948178
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77J0G-voAMFrfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1723e-33c2bc5c1f200cca7d7aa961;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:33:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6X7tm-1VoSJ0mm0sAsGfD4R-lnaCIUmy91BFZo72Idl1di8SabpEWw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:29 GMT
age: 25456
etag: "4182ba66cceb85c1e873ed5c72a86d53ab851b94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3cd20c6639e2b0d996fbbd7df2d4f47
2e54c22fb83981e2690161cd521e4fc3998e9c16
9b2b1f3e062fca74341d09540e44d2a02ec451b8349440ed5917073e8fab988d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6316
x-amzn-requestid: 879578cc-a58a-4516-a7cd-68850553762b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpc79ECLIAMFclw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da0eb2-57141dcf1c5595110f5f572e;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 07:03:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ARr-i9j3ruIxZ123Ae2bEk_c2s_5Zs7fhrn4UXphw_jOYrtvq9OMVg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 16:55:00 GMT
age: 43485
etag: "2e54c22fb83981e2690161cd521e4fc3998e9c16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eedb4de12585c70ddb5b8f94fe6a59e2
83c9437e71a0a03b3e8ff652155a85eafa76cdda
d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4227
x-amzn-requestid: b45f2ab7-0102-4542-9514-54fb93a0e27f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77sTH4jIAMFnsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1731b-4a24bcb1102e58543cd81343;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ovhdLaEGaDSC8X0F9VamLw0KyBPWkxfYg5pssOT8NOZP4IBtNk6Gfw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:19 GMT
etag: "83c9437e71a0a03b3e8ff652155a85eafa76cdda"
content-type: image/jpeg
age: 25466
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F198b8ebd-22a2-44e4-af1d-3429fb3e64bb.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F198b8ebd-22a2-44e4-af1d-3429fb3e64bb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 08d66d83f1ae9acd6e442c4dcaed2a20
8c258ac6de196f8c32f1af69e7a754da0610b090
a32b5df8fd6bea737e04679d05e9f0cc645cbe6d799329877e78f9e994a6eff6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F198b8ebd-22a2-44e4-af1d-3429fb3e64bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12368
x-amzn-requestid: 988041b5-278d-4ea6-9ee9-77377bcab080
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzPr-GoQoAMFkGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddf97f-4a891b142f5d503703694380;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 06:21:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tFE9XdCE4VScFBlyxeWM-7mPl7tH7x5KrVsE4te7JUuerHnti03Vyg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 22:47:51 GMT
age: 22314
etag: "8c258ac6de196f8c32f1af69e7a754da0610b090"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg
200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0594f78c4fdfed5dd2e0666312555f40
db903b9a3f387c1510170f8d16dd4d289f7df83f
8874083a529064657b18be58147ae7df5fe79c822c4bd2a023fdf3df7186a62e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3712
x-amzn-requestid: 44c7e7bd-1a95-49b6-9b0a-f8aff3725ded
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftbOtH-lIAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba591-2fb19c33646c3d327681e9f9;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 11:59:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Z5r7rFH2nEro98p7U4_Lz8xIrX_bnU7ntAc46ytGzL8498buHzsCcg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:26 GMT
age: 25459
etag: "db903b9a3f387c1510170f8d16dd4d289f7df83f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 1ae03fb279de5f34153a77dd60c74b35
62c840bb09ac74e28bc7e86636555cadfea5d8d2
ea863ec07673116867abeb8410a55ef71521ba2434e2e1aade6d8202d9dee5b3
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 04:59:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 11 Feb 2023 02:02:27 GMT
ETag: "62c840bb09ac74e28bc7e86636555cadfea5d8d2"
Last-Modified: Tue, 07 Feb 2023 02:02:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3004
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79598ed86e81b503-OSL
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 7f7c7f6d41a50ab527b1caba83ab55d3
2820413656bf1cad1c30b6b6762130a38c72418b
93226ca633acb8e00b7bdcfd3851b5890dff30d885c59c78ca8437d292f5add4
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 04:59:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 11 Feb 2023 03:27:18 GMT
ETag: "2820413656bf1cad1c30b6b6762130a38c72418b"
Last-Modified: Tue, 07 Feb 2023 03:27:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1426
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79598ed87e91b503-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d7444f382d20fdcdcb59a16f40fc44d2
79de35cb2925c40e97a58ddd37aafada070eea7e
b52c174d323d74fac21a292706b2ff7fc31bc05dfee610dbe797759f0faeabe4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C174D323D74FAC21A292706B2FF7FC31BC05DFEE610DBE797759F0FAEABE4"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 07 Feb 2023 10:59:45 GMT
Date: Tue, 07 Feb 2023 04:59:45 GMT
Connection: keep-alive
www.yueguo99.com/fn888/seo.js
200 OK 1.7 kB URL HTTP/1.1 www.yueguo99.com/fn888/seo.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (2869), with no line terminators
Hash 30fbca62f188fd35eccd04a8c5d1c970
2837eccbc51d374e0cf72f9ab314fee4c7b5781e
08ff9748e1add72bb96b2ae4b2a8da9181c6f392bc74d5abcb12b841f41c8dcc
GET /fn888/seo.js HTTP/1.1
Host: www.yueguo99.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:45 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 May 2022 11:24:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"627cee6d-b38"
Content-Encoding: gzip
js.users.51.la/21179529.js
200 OK 2.4 kB URL HTTP/1.1 js.users.51.la/21179529.js
IP
ASN #4837 CHINA UNICOM China169 Backbone
File type HTML document, ASCII text, with very long lines (5068)
Hash 569092e327eff97c74695cc796fabb5c
a0af829fc8f248ec45248069c8d7a4cf0d7e62ff
e31baa1af0de66454e63577c1be7ef1d20f38a873788ef241e3a6acae4d128e9
GET /21179529.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Tue, 07 Feb 2023 04:59:45 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=002083972d73c3f7458; path=/
HWWAFSESTIME=1675745983669; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
www.cigshixi.com/system/resource/code/datainput.jsp?owner=1563710153&e=1&w=1280&h=1024&treeid=1001&refer=&pagename=L2luZGV4LmpzcA%3D%3D&newsid=-1
200 OK 20 B URL HTTP/1.1 www.cigshixi.com/system/resource/code/datainput.jsp?owner=1563710153&e=1&w=1280&h=1024&treeid=1001&refer=&pagename=L2luZGV4LmpzcA%3D%3D&newsid=-1
IP
ASN #49532 Eonix Corporation
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /system/resource/code/datainput.jsp?owner=1563710153&e=1&w=1280&h=1024&treeid=1001&refer=&pagename=L2luZGV4LmpzcA%3D%3D&newsid=-1 HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:45 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/_files/images/btn.png
302 Moved Temporarily 0 B URL HTTP/1.1 www.cigshixi.com/_files/images/btn.png
IP
ASN #49532 Eonix Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_files/images/btn.png HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/_files/lrtk.css
Cookie: __tins__21179529=%7B%22sid%22%3A%201675746034086%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201675747834086%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 Feb 2023 04:59:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: https://tjxy.glut.edu.cn/_files/images/btn.png
www.cigshixi.com/_files/images/focusico1.png
302 Moved Temporarily 0 B URL HTTP/1.1 www.cigshixi.com/_files/images/focusico1.png
IP
ASN #49532 Eonix Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_files/images/focusico1.png HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/_files/lrtk.css
Cookie: __tins__21179529=%7B%22sid%22%3A%201675746034086%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201675747834086%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 Feb 2023 04:59:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: https://tjxy.glut.edu.cn/_files/images/focusico1.png
www.cigshixi.com/_files/images/searchbg.png
302 Moved Temporarily 0 B URL HTTP/1.1 www.cigshixi.com/_files/images/searchbg.png
IP
ASN #49532 Eonix Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_files/images/searchbg.png HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/_files/css.css
Cookie: __tins__21179529=%7B%22sid%22%3A%201675746034086%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201675747834086%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 Feb 2023 04:59:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: https://tjxy.glut.edu.cn/_files/images/searchbg.png
www.cigshixi.com/_files/images/focusico2.png
302 Moved Temporarily 0 B URL HTTP/1.1 www.cigshixi.com/_files/images/focusico2.png
IP
ASN #49532 Eonix Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_files/images/focusico2.png HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/_files/lrtk.css
Cookie: __tins__21179529=%7B%22sid%22%3A%201675746034086%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201675747834086%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 Feb 2023 04:59:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: https://tjxy.glut.edu.cn/_files/images/focusico2.png
www.cigshixi.com/__local/D/82/A3/78600EFE9EFEE51D3645847AD46_E2E34EC7_17538.jpg
302 Moved Temporarily 0 B URL HTTP/1.1 www.cigshixi.com/__local/D/82/A3/78600EFE9EFEE51D3645847AD46_E2E34EC7_17538.jpg
IP
ASN #49532 Eonix Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /__local/D/82/A3/78600EFE9EFEE51D3645847AD46_E2E34EC7_17538.jpg HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Cookie: __tins__21179529=%7B%22sid%22%3A%201675746034086%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201675747834086%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 Feb 2023 04:59:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: https://tjxy.glut.edu.cn/__local/D/82/A3/78600EFE9EFEE51D3645847AD46_E2E34EC7_17538.jpg
www.cigshixi.com/_files/images/space.gif
302 Moved Temporarily 0 B URL HTTP/1.1 www.cigshixi.com/_files/images/space.gif
IP
ASN #49532 Eonix Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_files/images/space.gif HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Cookie: __tins__21179529=%7B%22sid%22%3A%201675746034086%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201675747834086%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 Feb 2023 04:59:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: https://tjxy.glut.edu.cn/_files/images/space.gif
www.cigshixi.com/_files/images/jiantou.png
302 Moved Temporarily 0 B URL HTTP/1.1 www.cigshixi.com/_files/images/jiantou.png
IP
ASN #49532 Eonix Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_files/images/jiantou.png HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/_files/css.css
Cookie: __tins__21179529=%7B%22sid%22%3A%201675746034086%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201675747834086%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 Feb 2023 04:59:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: https://tjxy.glut.edu.cn/_files/images/jiantou.png
www.cigshixi.com/_files/images/newsico.jpg
302 Moved Temporarily 0 B URL HTTP/1.1 www.cigshixi.com/_files/images/newsico.jpg
IP
ASN #49532 Eonix Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_files/images/newsico.jpg HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/_files/css.css
Cookie: __tins__21179529=%7B%22sid%22%3A%201675746034086%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201675747834086%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 Feb 2023 04:59:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: https://tjxy.glut.edu.cn/_files/images/newsico.jpg
www.cigshixi.com/__local/E/8E/E8/EDF17105FC818375C33AD7D8A0D_23B60A9E_24703.jpeg
302 Moved Temporarily 0 B URL HTTP/1.1 www.cigshixi.com/__local/E/8E/E8/EDF17105FC818375C33AD7D8A0D_23B60A9E_24703.jpeg
IP
ASN #49532 Eonix Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /__local/E/8E/E8/EDF17105FC818375C33AD7D8A0D_23B60A9E_24703.jpeg HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Cookie: __tins__21179529=%7B%22sid%22%3A%201675746034086%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201675747834086%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 Feb 2023 04:59:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: https://tjxy.glut.edu.cn/__local/E/8E/E8/EDF17105FC818375C33AD7D8A0D_23B60A9E_24703.jpeg
www.cigshixi.com/__local/5/BE/8E/1BC8F9065F0757CEC46BA38CDCC_0C2ED8EF_16F5A.jpg
302 Moved Temporarily 0 B URL HTTP/1.1 www.cigshixi.com/__local/5/BE/8E/1BC8F9065F0757CEC46BA38CDCC_0C2ED8EF_16F5A.jpg
IP
ASN #49532 Eonix Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /__local/5/BE/8E/1BC8F9065F0757CEC46BA38CDCC_0C2ED8EF_16F5A.jpg HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Cookie: __tins__21179529=%7B%22sid%22%3A%201675746034086%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201675747834086%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 Feb 2023 04:59:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: https://tjxy.glut.edu.cn/__local/5/BE/8E/1BC8F9065F0757CEC46BA38CDCC_0C2ED8EF_16F5A.jpg
www.cigshixi.com/__local/9/7D/C8/40BC8DC50C1233BB960CA1E96C2_4C7D19DB_1EC43.jpg
302 Moved Temporarily 0 B URL HTTP/1.1 www.cigshixi.com/__local/9/7D/C8/40BC8DC50C1233BB960CA1E96C2_4C7D19DB_1EC43.jpg
IP
ASN #49532 Eonix Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /__local/9/7D/C8/40BC8DC50C1233BB960CA1E96C2_4C7D19DB_1EC43.jpg HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Cookie: __tins__21179529=%7B%22sid%22%3A%201675746034086%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201675747834086%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 Feb 2023 04:59:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: https://tjxy.glut.edu.cn/__local/9/7D/C8/40BC8DC50C1233BB960CA1E96C2_4C7D19DB_1EC43.jpg
www.cigshixi.com/__local/8/57/52/3660CA9B07BB7721989CB42712B_1721CFBF_1F352.jpg
302 Moved Temporarily 0 B URL HTTP/1.1 www.cigshixi.com/__local/8/57/52/3660CA9B07BB7721989CB42712B_1721CFBF_1F352.jpg
IP
ASN #49532 Eonix Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /__local/8/57/52/3660CA9B07BB7721989CB42712B_1721CFBF_1F352.jpg HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Cookie: __tins__21179529=%7B%22sid%22%3A%201675746034086%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201675747834086%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 Feb 2023 04:59:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: https://tjxy.glut.edu.cn/__local/8/57/52/3660CA9B07BB7721989CB42712B_1721CFBF_1F352.jpg
www.yueguo99.com/nlp/fn888.php?keyword=beat365(%E4%B8%AD%E5%9B%BD)%E6%89%8B%E6%9C%BA%E7%89%88%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%E6%AD%A3%E8%A7%84-%E4%B8%BB%E9%A0%81%E6%AC%A2%E8%BF%8E%E6%82%A8!&from=pc&originurl=https%3A%2F%2Fwww.cigshixi.com%2F&referer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&v=2588
200 OK 1.3 kB URL HTTP/1.1 www.yueguo99.com/nlp/fn888.php?keyword=beat365(%E4%B8%AD%E5%9B%BD)%E6%89%8B%E6%9C%BA%E7%89%88%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%E6%AD%A3%E8%A7%84-%E4%B8%BB%E9%A0%81%E6%AC%A2%E8%BF%8E%E6%82%A8!&from=pc&originurl=https%3A%2F%2Fwww.cigshixi.com%2F&referer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&v=2588
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 384c3966e8272ae18e3c81ac9e57bc88
998bc1205e1fddea28c0c77b042c110f7382fb04
a0ab04f7194d691f8fe6b9219746d66484aad789d6c3f0eecbd1203f5f72eb85
GET /nlp/fn888.php?keyword=beat365(%E4%B8%AD%E5%9B%BD)%E6%89%8B%E6%9C%BA%E7%89%88%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%E6%AD%A3%E8%A7%84-%E4%B8%BB%E9%A0%81%E6%AC%A2%E8%BF%8E%E6%82%A8!&from=pc&originurl=https%3A%2F%2Fwww.cigshixi.com%2F&referer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&v=2588 HTTP/1.1
Host: www.yueguo99.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cigshixi.com
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:46 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 3df00b311819717758f334eaacce7151
d08475fa7c476a1e917659e724c301db8fbe7212
d3fc5037bbd1692162d9b36c573a67ad9a0ba51e81c07f798a82740d29d16d08
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 04:59:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 11 Feb 2023 01:39:56 GMT
ETag: "d08475fa7c476a1e917659e724c301db8fbe7212"
Last-Modified: Tue, 07 Feb 2023 01:39:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2841
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79598eded982b503-OSL
www.cigshixi.com/index.css
200 OK 1.1 kB URL HTTP/1.1 www.cigshixi.com/index.css
IP
ASN #49532 Eonix Corporation
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text
Hash 2136b8d5df585cb0a971fd7fa3b805b1
725baac2d109d03cb3637d6349336355e951db25
68e9e9936383fe4446cc2fee73846583f2018238e8704fdac5e9cf44d5e5b716
GET /index.css HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Cookie: __tins__21179529=%7B%22sid%22%3A%201675746034086%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201675747834086%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:46 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.cigshixi.com/site.css
200 OK 1.1 kB URL HTTP/1.1 www.cigshixi.com/site.css
IP
ASN #49532 Eonix Corporation
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text
Hash 2136b8d5df585cb0a971fd7fa3b805b1
725baac2d109d03cb3637d6349336355e951db25
68e9e9936383fe4446cc2fee73846583f2018238e8704fdac5e9cf44d5e5b716
GET /site.css HTTP/1.1
Host: www.cigshixi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Cookie: __tins__21179529=%7B%22sid%22%3A%201675746034086%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201675747834086%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:46 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d49443bdf3b89442d36e2169b7cbdd6b
bd28412bdc31a889cc965e29b110a9bd1885a389
204e7b6ee6ed1ed5d2f26e98b08b00501a248d241a8b79241ac07dfd5aa34c99
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "204E7B6EE6ED1ED5D2F26E98B08B00501A248D241A8B79241AC07DFD5AA34C99"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9647
Expires: Tue, 07 Feb 2023 07:40:34 GMT
Date: Tue, 07 Feb 2023 04:59:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de7fb8fa6cab8c171b6bdca2ff5a6881
ef365595df8550797ca2a0aa499d5182e2b434b6
16c1f52efdbf173cba5467e7cafdac58dd8ce25a634a00b642e15d2e0f129bd9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16C1F52EFDBF173CBA5467E7CAFDAC58DD8CE25A634A00B642E15D2E0F129BD9"
Last-Modified: Sun, 05 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21571
Expires: Tue, 07 Feb 2023 10:59:18 GMT
Date: Tue, 07 Feb 2023 04:59:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de7fb8fa6cab8c171b6bdca2ff5a6881
ef365595df8550797ca2a0aa499d5182e2b434b6
16c1f52efdbf173cba5467e7cafdac58dd8ce25a634a00b642e15d2e0f129bd9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16C1F52EFDBF173CBA5467E7CAFDAC58DD8CE25A634A00B642E15D2E0F129BD9"
Last-Modified: Sun, 05 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21594
Expires: Tue, 07 Feb 2023 10:59:41 GMT
Date: Tue, 07 Feb 2023 04:59:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d49443bdf3b89442d36e2169b7cbdd6b
bd28412bdc31a889cc965e29b110a9bd1885a389
204e7b6ee6ed1ed5d2f26e98b08b00501a248d241a8b79241ac07dfd5aa34c99
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "204E7B6EE6ED1ED5D2F26E98B08B00501A248D241A8B79241AC07DFD5AA34C99"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 07 Feb 2023 10:59:47 GMT
Date: Tue, 07 Feb 2023 04:59:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de7fb8fa6cab8c171b6bdca2ff5a6881
ef365595df8550797ca2a0aa499d5182e2b434b6
16c1f52efdbf173cba5467e7cafdac58dd8ce25a634a00b642e15d2e0f129bd9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16C1F52EFDBF173CBA5467E7CAFDAC58DD8CE25A634A00B642E15D2E0F129BD9"
Last-Modified: Sun, 05 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 07 Feb 2023 10:59:47 GMT
Date: Tue, 07 Feb 2023 04:59:47 GMT
Connection: keep-alive
www.whjcpet.com/zhuye/jquery.la.min.js
200 OK 718 B URL HTTP/1.1 www.whjcpet.com/zhuye/jquery.la.min.js
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (554), with CRLF line terminators
Hash 7508aa9626ca42f55395e1c730ca2a42
5844f42d5773ebe2818c487f59364d5bfc6add82
6d04d2e22711ab44cfc76138b4d5f02521d57ff0e7a2a41eb4fe31698e990990
GET /zhuye/jquery.la.min.js HTTP/1.1
Host: www.whjcpet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:47 GMT
Content-Type: application/javascript
Content-Length: 718
Last-Modified: Thu, 12 May 2022 19:29:56 GMT
Connection: keep-alive
ETag: "627d6034-2ce"
Accept-Ranges: bytes
js.users.51.la/20655415.js
200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/20655415.js
IP
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash 9b03aee65d17c20df699aee40c4b3921
6387fd8f85f4837343bdbc8b3898c12327050450
0093fe02f1e7eb39252d5338d32771b72f1a015d8f4baca6c11b1136278e6566
GET /20655415.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Tue, 07 Feb 2023 04:59:47 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=002085ec2d73c3f7458; path=/
HWWAFSESTIME=1675745983669; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
www.whjcpet.com/zhuye/img/tyc2021.png
200 OK 100 kB URL HTTP/1.1 www.whjcpet.com/zhuye/img/tyc2021.png
IP
File type PNG image data, 1000 x 200, 8-bit colormap, non-interlaced\012- data
Hash 8f96b530a6e253577a2e3db628678348
34a6dd285ef52b88e1483fc668b3cf8cfb0da077
f59c819532085d1d0bb91db9b186a749df0c8a2478fc230a833125d5e7e64ae1
GET /zhuye/img/tyc2021.png HTTP/1.1
Host: www.whjcpet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:47 GMT
Content-Type: image/png
Content-Length: 99525
Last-Modified: Tue, 29 Mar 2022 20:45:08 GMT
Connection: keep-alive
ETag: "62436fd4-184c5"
Accept-Ranges: bytes
www.whjcpet.com/zhuye/img/yongli2021.gif
200 OK 79 kB URL HTTP/1.1 www.whjcpet.com/zhuye/img/yongli2021.gif
IP
File type GIF image data, version 89a, 1000 x 200\012- data
Hash 9a081484d733800559f1e70616dd2bd1
cb60345f940d2a4cb6112b7048308cc400269bdd
a50032aeffd59b3b8387739e373855aa95385c19f567644aa720cff69c71f0ea
GET /zhuye/img/yongli2021.gif HTTP/1.1
Host: www.whjcpet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:47 GMT
Content-Type: image/gif
Content-Length: 78713
Last-Modified: Tue, 29 Mar 2022 20:45:14 GMT
Connection: keep-alive
ETag: "62436fda-13379"
Accept-Ranges: bytes
www.whjcpet.com/zhuye/img/wnsr2021.gif
200 OK 75 kB URL HTTP/1.1 www.whjcpet.com/zhuye/img/wnsr2021.gif
IP
File type GIF image data, version 89a, 1000 x 200\012- data
Hash 6643420c5bbe4bd6e2d8b61837af3039
95c9fc7af01c5856bc05914373972cc4320bfb32
34a0e2070071c1bac6f17f5eb3dbfc297137792dbcaafa1203e0c9a78867f7e1
GET /zhuye/img/wnsr2021.gif HTTP/1.1
Host: www.whjcpet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:47 GMT
Content-Type: image/gif
Content-Length: 74577
Last-Modified: Tue, 29 Mar 2022 20:46:02 GMT
Connection: keep-alive
ETag: "6243700a-12351"
Accept-Ranges: bytes
sdk.51.la/js-sdk-pro.min.js
200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 07 Feb 2023 04:59:47 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 10 Jan 2023 04:34:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63bceaef-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
www.whjcpet.com/zhuye/img/xpj2021.gif
200 OK 88 kB URL HTTP/1.1 www.whjcpet.com/zhuye/img/xpj2021.gif
IP
File type GIF image data, version 89a, 1000 x 200\012- data
Hash d03cd26d74296657fe5035f3920849b8
9be05d96796fa7f44616c5223bdf287b2df8dfcb
9314c2cb13cf470c9e1776355a6f03674a374c2ff566f02ecdde4be513477085
GET /zhuye/img/xpj2021.gif HTTP/1.1
Host: www.whjcpet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:47 GMT
Content-Type: image/gif
Content-Length: 88320
Last-Modified: Tue, 29 Mar 2022 20:45:50 GMT
Connection: keep-alive
ETag: "62436ffe-15900"
Accept-Ranges: bytes
www.whjcpet.com/zhuye/img/jinsha999.gif
200 OK 138 kB URL HTTP/1.1 www.whjcpet.com/zhuye/img/jinsha999.gif
IP
File type GIF image data, version 89a, 1000 x 300\012- data
Size 138 kB (138124 bytes)
Hash b15223fbef3ad6231c8a2065b14321bf
32b15b10b21a7a2c10a3720529299b0e77f574b8
60571f689a768060ae99d093560967d034611fc4ec7a87a0ee270a3a9b1b23fa
GET /zhuye/img/jinsha999.gif HTTP/1.1
Host: www.whjcpet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:47 GMT
Content-Type: image/gif
Content-Length: 138124
Last-Modified: Tue, 29 Mar 2022 20:44:56 GMT
Connection: keep-alive
ETag: "62436fc8-21b8c"
Accept-Ranges: bytes
www.whjcpet.com/zhuye/img/bet2021.jpg
200 OK 144 kB URL HTTP/1.1 www.whjcpet.com/zhuye/img/bet2021.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x200, components 3\012- data
Size 144 kB (143681 bytes)
Hash a812779ba450f8ea99610cc717104182
805c591f2cb0fe9d13350bd3d71bff2f86e32bd4
77e6a1db91d45aa7c0c16c2be7be7a856b1fa3b983b774c9d21ea38a31b08c17
GET /zhuye/img/bet2021.jpg HTTP/1.1
Host: www.whjcpet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:47 GMT
Content-Type: image/jpeg
Content-Length: 143681
Last-Modified: Tue, 29 Mar 2022 20:45:46 GMT
Connection: keep-alive
ETag: "62436ffa-23141"
Accept-Ranges: bytes
www.whjcpet.com/zhuye/img/manbetx2021.jpg
200 OK 28 kB URL HTTP/1.1 www.whjcpet.com/zhuye/img/manbetx2021.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x206, components 3\012- data
Hash e87ed328e88c78e459fb6263e79430f0
90757590c16296d8f63c74a4121c875bfcb8fc6b
fa3234ef626d29676fccb7643a5a3fc66ecc850acd4f19eb865239e73613ee83
GET /zhuye/img/manbetx2021.jpg HTTP/1.1
Host: www.whjcpet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:47 GMT
Content-Type: image/jpeg
Content-Length: 28307
Last-Modified: Tue, 29 Mar 2022 20:46:40 GMT
Connection: keep-alive
ETag: "62437030-6e93"
Accept-Ranges: bytes
www.whjcpet.com/zhuye/img/tyc1.gif
200 OK 244 kB URL HTTP/1.1 www.whjcpet.com/zhuye/img/tyc1.gif
IP
File type GIF image data, version 89a, 1000 x 100\012- data
Size 244 kB (244502 bytes)
Hash fc4a7310fc9f4e7fbe2d43f1c063b43a
6410c3cf2eb299b1acfcd442b00d66c8e6134cdd
948ddb11b3c6c28622e03bc58daeebe0d373236d43a3ced3265b3fe6eb9bc95c
GET /zhuye/img/tyc1.gif HTTP/1.1
Host: www.whjcpet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:47 GMT
Content-Type: image/gif
Content-Length: 244502
Last-Modified: Tue, 29 Mar 2022 20:47:38 GMT
Connection: keep-alive
ETag: "6243706a-3bb16"
Accept-Ranges: bytes
www.whjcpet.com/zhuye/img/yb999.png
200 OK 337 kB URL HTTP/1.1 www.whjcpet.com/zhuye/img/yb999.png
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x500, components 3\012- data
Size 337 kB (337091 bytes)
Hash f1e5601893a0f186a494e7dd0a18ec7e
571941931633bd84fb829ef5f15830dc7f9c1617
6a416bf5d721d033f61050f4ec3d83a075cdc5f16a6db7a5a0022dd48e2c806d
GET /zhuye/img/yb999.png HTTP/1.1
Host: www.whjcpet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:47 GMT
Content-Type: image/png
Content-Length: 337091
Last-Modified: Tue, 29 Mar 2022 20:45:56 GMT
Connection: keep-alive
ETag: "62437004-524c3"
Accept-Ranges: bytes
www.whjcpet.com/zhuye/img/yl999.gif
200 OK 477 kB URL HTTP/1.1 www.whjcpet.com/zhuye/img/yl999.gif
IP
File type GIF image data, version 89a, 1000 x 100\012- data
Size 477 kB (477348 bytes)
Hash 9e07a5cab4aa0dd2f4812fc347081ac8
b07f49e9cb7a8a678063ebede264aa7a60387348
38be687f0e62fcbf1b13a04003b15a3f9cef34bc2ab4332f33aa29e63e359765
GET /zhuye/img/yl999.gif HTTP/1.1
Host: www.whjcpet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:47 GMT
Content-Type: image/gif
Content-Length: 477348
Last-Modified: Tue, 29 Mar 2022 20:47:48 GMT
Connection: keep-alive
ETag: "62437074-748a4"
Accept-Ranges: bytes
www.whjcpet.com/zhuye/img/aomen1200.gif
200 OK 692 kB URL HTTP/1.1 www.whjcpet.com/zhuye/img/aomen1200.gif
IP
File type GIF image data, version 89a, 1000 x 200\012- data
Size 692 kB (692009 bytes)
Hash a2334b349e43e032cca680ccb8cfb0f7
a736e42c6842d9f4474a95892db9daa78f8d973e
db6f2077910bd49164439c7d9560e9356e31497a444c8f8069195604c7addb7b
GET /zhuye/img/aomen1200.gif HTTP/1.1
Host: www.whjcpet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:47 GMT
Content-Type: image/gif
Content-Length: 692009
Last-Modified: Tue, 29 Mar 2022 20:46:52 GMT
Connection: keep-alive
ETag: "6243703c-a8f29"
Accept-Ranges: bytes
www.whjcpet.com/zhuye/img/betway999.gif
200 OK 786 kB URL HTTP/1.1 www.whjcpet.com/zhuye/img/betway999.gif
IP
File type GIF image data, version 89a, 1000 x 300\012- data
Size 786 kB (786077 bytes)
Hash 146e097dc6ac97692c6ba585b1880fd9
489ce49a513b069516081ab9fdce52347d6a158e
dc17b35522420bdee29ba5d29f6f5d6117c4ce984a2917d8d8d2e9f528b08dfe
GET /zhuye/img/betway999.gif HTTP/1.1
Host: www.whjcpet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 04:59:47 GMT
Content-Type: image/gif
Content-Length: 786077
Last-Modified: Tue, 29 Mar 2022 20:47:04 GMT
Connection: keep-alive
ETag: "62437048-bfe9d"
Accept-Ranges: bytes
ia.51.la/go1?id=20655415&rt=1675746035733&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=2&ekc=&sid=1675746035733&tt=beat365(%25E4%25B8%25AD%25E5%259B%25BD)%25E6%2589%258B%25E6%259C%25BA%25E7%2589%2588%25E5%25AE%2598%25E6%2596%25B9%25E7%25BD%2591%25E7%25AB%2599%25E6%25AD%25A3%25E8%25A7%2584-%25E4%25B8%25BB%25E9%25A0%2581%25E6%25AC%25A2%25E8%25BF%258E%25E6%2582%25A8!&kw=&cu=https%253A%252F%252Fwww.cigshixi.com%252F&pu=
200 0 B URL HTTP/1.1 ia.51.la/go1?id=20655415&rt=1675746035733&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=2&ekc=&sid=1675746035733&tt=beat365(%25E4%25B8%25AD%25E5%259B%25BD)%25E6%2589%258B%25E6%259C%25BA%25E7%2589%2588%25E5%25AE%2598%25E6%2596%25B9%25E7%25BD%2591%25E7%25AB%2599%25E6%25AD%25A3%25E8%25A7%2584-%25E4%25B8%25BB%25E9%25A0%2581%25E6%25AC%25A2%25E8%25BF%258E%25E6%2582%25A8!&kw=&cu=https%253A%252F%252Fwww.cigshixi.com%252F&pu=
IP
ASN #136959 China Unicom Guangdong IP network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=20655415&rt=1675746035733&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=2&ekc=&sid=1675746035733&tt=beat365(%25E4%25B8%25AD%25E5%259B%25BD)%25E6%2589%258B%25E6%259C%25BA%25E7%2589%2588%25E5%25AE%2598%25E6%2596%25B9%25E7%25BD%2591%25E7%25AB%2599%25E6%25AD%25A3%25E8%25A7%2584-%25E4%25B8%25BB%25E9%25A0%2581%25E6%25AC%25A2%25E8%25BF%258E%25E6%2582%25A8!&kw=&cu=https%253A%252F%252Fwww.cigshixi.com%252F&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Content-Length: 0
Date: Tue, 07 Feb 2023 04:59:49 GMT
collect-v6.51.la/v6/collect?dt=4
200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 328
Origin: https://www.cigshixi.com
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Tue, 07 Feb 2023 04:59:50 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=8a672a3c03e8b265bae; path=/
HWWAFSESTIME=1675745987462; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://www.cigshixi.com
Access-Control-Allow-Credentials: true
hm.baidu.com/hm.js?8d7d4cfa6b46e49eb91bf0e7e0306291
200 OK 0 B URL HTTP/1.1 hm.baidu.com/hm.js?8d7d4cfa6b46e49eb91bf0e7e0306291
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
GET /hm.js?8d7d4cfa6b46e49eb91bf0e7e0306291 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cigshixi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Tue, 07 Feb 2023 04:59:45 GMT
Etag: 2777245eb33c3f1586a1197e607ab3c9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=706B87B9780178C2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
23.231.17.24
23.33.119.27
112.90.153.37
103.235.46.191
104.18.20.226