Report - touchdownhotels.com/elden-ring-crack-activation-code-skidrow-dlcproduct-key-free-download-x64/

Report Overview

Visited public
2023-11-06 17:49:01
Tags
Submit Tags
URL
touchdownhotels.com/elden-ring-crack-activation-code-skidrow-dlcproduct-key-free-download-x64/
Finishing URL
touchdownhotels.com/
IP / ASN
38.207.215.198
#174 COGENT-174
Title
半岛体彩·(中国)官网入口

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
hm.baidu.com	8254	1999-10-11	2012-05-26 10:38:45	2023-11-06 05:11:51	1.1 kB	12 kB	103.235.46.191
touchdownhotels.com	unknown	2023-04-24	2018-01-21 14:21:56	2023-11-05 11:36:25	10 kB	5.0 MB	38.207.215.198
66.bd168888.top	unknown	2023-07-19	2023-10-17 09:48:19	2023-11-05 01:31:43	319 B	1.3 kB	38.238.128.26
wsfile.dahe.cn	unknown	2003-03-10	2018-06-26 04:22:39	2023-11-05 01:31:45	11 kB	6.4 MB	27.148.145.164
ocsp.digicert.cn	37572	2006-01-24	2020-03-20 18:45:56	2023-11-06 05:09:45	1.7 kB	4.8 kB	47.246.48.205
www.henanamc.com.cn	unknown	2017-07-14	2022-08-20 15:44:01	2023-11-05 01:31:44	1.1 kB	4.7 kB	180.76.164.11
caishen.bdbyyo.com	unknown	2023-09-15	2023-10-26 05:41:14	2023-11-05 01:31:44	1.1 kB	25 kB	38.207.223.77
facai.bd168888.top	unknown	2023-07-19	2023-09-12 13:41:05	2023-11-05 01:31:44	3.3 kB	1.5 MB	38.238.128.26

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-06 17:48:42	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile
2023-11-06 17:48:43	medium	Client IP	38.238.128.26	ET INFO HTTP Request to a *.top domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (14)

	URL	From	Size	First Seen	Last Seen
	unknown	DomTimer	113 B	2023-04-13	2024-08-21
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-13 06:37 Last Seen2024-08-21 08:30 Times Seen49 Hash db3e236cc5be72f097e3c174e066526c 2a9e334d472cc0c3f79b0d3553a9517d6fd23bca 42098a9b7347d862e81f05c3bf5246a35948ac5d4c3b6094fd6d7b6d2aab7c9d Loading...

	hm.baidu.com/hm.js?0cce79fe3ab674da516c3e643e5fcf9b	ScriptElement	30 kB	2023-11-06	2023-11-06
Pretty URL hm.baidu.com/hm.js?0cce79fe3ab674da516c3e643e5fcf9b IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-06 18:49 Last Seen2023-11-06 18:49 Times Seen1 Hash 67a47fc86634b14e4e3b2d893ad0e3ff a90e5f45e2fe11d8e5c20e5cf86e0f1ee1415fe2 852e8889e3aafa03963103b04db02002e23656f9345d3161c020ccdcabb485c9 Loading...

	touchdownhotels.com/	ScriptElement	57 B	2023-03-07	2025-06-29
Pretty URL touchdownhotels.com/ IP 38.207.215.198 ASN #174 COGENT-174 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:19 Last Seen2025-06-29 03:18 Times Seen4221 Hash 2d313be4b5d93e9b681de954aaeb3006 1e0508be1026244daf1812f988033612c3945bdb 9059d0d74efaf0e229d59a9c05ace7b975b42ccacea21e01aa64c56b2157048c Loading...

	unknown	Function	37 B	2023-04-11	2025-06-29
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:49 Last Seen2025-06-29 04:34 Times Seen39187 Hash 1c5c9160600df2d96d69a4ea16cec7ed 3cf678c9135cc952ba6970ef545035bb757a443f a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808 Loading...

	unknown	Function	348 B	2024-08-20	2024-08-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-08-20 20:39 Last Seen2024-08-20 20:39 Times Seen1 Hash 352c3065b543b8b4a65a99d7f05fd151 d5d77d2c7244b6d130b1f50a569f98346ddeb38c c0902543d6f7f355ae7857a4aa0012b08b23aa8a392bad44f7dece68d6ffee79 Loading...

	touchdownhotels.com/	ScriptElement	1.2 kB	2023-10-17	2024-08-21
Pretty URL touchdownhotels.com/ IP 38.207.215.198 ASN #174 COGENT-174 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-17 09:48 Last Seen2024-08-21 04:25 Times Seen30 Hash 786868e40d452bfc6e250264a6a093af 986360d6b8b80165239788b96c6f4cedf318d7d9 9a7447abb789c46d8d820ea5ad65e638543ee3e493cfe3954cbb98eae29e9498 Loading...

	66.bd168888.top/jx.js	ScriptElement	2.0 kB	2023-11-05	2023-11-12
Pretty URL 66.bd168888.top/jx.js IP 38.238.128.26 ASN #174 COGENT-174 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-05 01:32 Last Seen2023-11-12 21:10 Times Seen14 Hash 201e1d9c197a914f4e1a0dfeee830e5a b4458a080955aa62323ed83b3d9f9f37bf88a5ab 9e63a37b51bccb1ece0f534b168a659ce5611276151165a5302a749697702d93 Loading...

	caishen.bdbyyo.com/matomo.js	ScriptElement	66 kB	2023-03-08	2025-06-29
Pretty URL caishen.bdbyyo.com/matomo.js IP 38.207.223.77 ASN #174 COGENT-174 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:51 Last Seen2025-06-29 04:14 Times Seen4244 Hash a3a7245d6daf7d31d2069c0ba05879dd ec1bf464889e71aec1ced6d8361a26c76e4a1460 d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693 Loading...

	facai.bd168888.top/	ScriptElement	0 B	0001-01-01	2025-06-29
Pretty URL facai.bd168888.top/ IP 38.238.128.26 ASN #174 COGENT-174 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-29 04:57 Times Seen5189442 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Write - 50484e4da7f4f3b9dfeb1bb38c8a5e0f	77 B	2023-03-08 15:51	2025-06-26 06:49
Pretty Observations First Seen2023-03-08 15:51 Last Seen2025-06-26 06:49 Times Seen130 Hash 50484e4da7f4f3b9dfeb1bb38c8a5e0f cdb1227b7bf7dfd6921322cf909efc82df479bf1 37a1d07ee3837021c9924f90ae09d6b768732d87912f02ef5fcbf3cbd3b55690 Loading...

	#2 Write - 9b2ff9be407e58d1de18c774df8e86ed	101 B	2023-03-11 16:11	2025-06-25 23:43
Pretty Observations First Seen2023-03-11 16:11 Last Seen2025-06-25 23:43 Times Seen104 Hash 9b2ff9be407e58d1de18c774df8e86ed b872968c676dd384b84f99ad9228d60e0297b55e 68e66e637128436fb9058af122dec18e310595a74c7e76dc58fd082f2588c561 Loading...

	#3 Write - e0640210c6c0fb718c181673e3dd819e	170 B	2023-11-05 01:32	2024-08-20 20:52
Pretty Observations First Seen2023-11-05 01:32 Last Seen2024-08-20 20:52 Times Seen14 Hash e0640210c6c0fb718c181673e3dd819e 6d440bfea5bdcf0ce20dbd50b487cd201573f34a 2d7c39715b2bd02ecde0feeb750970ff05460f9296bad4f7921ca81befb679a4 Loading...

	#4 Write - 0a3a0b592b9c285e050805307cee87c2	6 B	2023-03-07 01:02	2025-06-29 04:57
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-06-29 04:57 Times Seen85575 Hash 0a3a0b592b9c285e050805307cee87c2 125a168e24b2bd38aadb84cbb5f87f316b073c41 aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23 Loading...

	#5 Write - 78ac2aa5ccc29c90a345c90aab40b442	103 B	2023-03-07 01:06	2025-06-29 04:06
Pretty Observations First Seen2023-03-07 01:06 Last Seen2025-06-29 04:06 Times Seen2890 Hash 78ac2aa5ccc29c90a345c90aab40b442 cac604932faa4add2955602b41de8a8bff362ebd 53db339b0b80637f13dfc63813d7366c899cebe0db896602886ece619163d82e Loading...

HTTP Transactions (73)

URL IP Response Size

GET touchdownhotels.com/elden-ring-crack-activation-code-skidrow-dlcproduct-key-free-download-x64/

38.207.215.198

302 Moved Temporarily

75 B

URL User Request GET HTTP/1.1
touchdownhotels.com/elden-ring-crack-activation-code-skidrow-dlcproduct-key-free-download-x64/
IP
38.207.215.198:80
ASN
#174 COGENT-174

File type
HTML document, ASCII text, with no line terminators
Size
75 B (75 bytes)
Hash
b250e545d71ff6c758e4075bbc4655a5
bbed4337dfc6e721a6b1ea8a71654d6556114751
41d10e4915887be3b130896c28a8c328974fd7d34e0ac4b5ffb7486db8fd9d88

HTTP Headers

GET /elden-ring-crack-activation-code-skidrow-dlcproduct-key-free-download-x64/ HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 06 Nov 2023 17:48:40 GMT
Content-Type: text/html; charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: /

GET touchdownhotels.com/

38.207.215.198

6.0 kB

URL User Request GET
touchdownhotels.com/
IP
38.207.215.198:0
ASN
#174 COGENT-174

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (917), with CRLF, LF line terminators
Size
6.0 kB (6049 bytes)
Hash
4f52b5bda10e5600e1a8dd2182991d30
6698bfec19e74d0f6b70d05125d354fe93c3ae55
0a584a95231f7629b2ff110698f038bbd3837261a3308abe844e5f57aeb53aad

HTTP Headers

GET / HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:42 GMT
Content-Type: text/html; charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip

GET touchdownhotels.com/?uploads/news/css/base.css

38.207.215.198

200 OK

2.9 kB

URL GET HTTP/1.1
touchdownhotels.com/?uploads/news/css/base.css
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
HTML document text\012- assembler source, ISO-8859 text
Size
2.9 kB (2939 bytes)
Hash
9479c03174a8c79a7a86e9c12a517cb7
f1704fc1b4e1240f5caea334e6a7a4a587a85ef3
a2b98438cec911b28e24bb22811c47a52b33bd3c1de85a3bdf151c3eed6842aa

HTTP Headers

GET /?uploads/news/css/base.css HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:42 GMT
Content-Type: text/css;charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip

GET touchdownhotels.com/?uploads/news/css/index.css

38.207.215.198

200 OK

4.6 kB

URL GET HTTP/1.1
touchdownhotels.com/?uploads/news/css/index.css
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
HTML document, ISO-8859 text
Size
4.6 kB (4626 bytes)
Hash
6ff826bac9357163c0b8b5b2c6e473d4
d87e947c7c80e3825b89c793af1174387ba664f3
a7ca13a9494d94fdb5da90f5fd9eba47cf4e19be23982e36721c02511dbbf5c9

HTTP Headers

GET /?uploads/news/css/index.css HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:42 GMT
Content-Type: text/css;charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip

GET touchdownhotels.com/?uploads/news/js/responsiveslides.min.js

38.207.215.198

200 OK

1.6 kB

URL GET HTTP/1.1
touchdownhotels.com/?uploads/news/js/responsiveslides.min.js
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
HTML document text\012- HTML document, ASCII text, with very long lines (521)
Size
1.6 kB (1562 bytes)
Hash
8e8cf7b797129dc945533f0793a0bc39
d28d756988ba9d2a99d5fa55c66562a8c165d5b4
0af73dc56a19a471014b38e2cfb71579296b0a6cf117fb020b20b2a22cf9020f

HTTP Headers

GET /?uploads/news/js/responsiveslides.min.js HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:42 GMT
Content-Type: application/javascript;charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip

GET touchdownhotels.com/?uploads/news/js/jquery.SuperSlide.js

38.207.215.198

200 OK

4.3 kB

URL GET HTTP/1.1
touchdownhotels.com/?uploads/news/js/jquery.SuperSlide.js
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
HTML document, ISO-8859 text, with very long lines (11467)
Size
4.3 kB (4276 bytes)
Hash
34b0e9383399a90545ab582156a4a098
e2e78e5eaf673d41c1f062110384e275ca4f9d73
b2d89c43f3d68b2e925bcab83df966f7d57cea07587ba88bb84fa7109740c0b6

HTTP Headers

GET /?uploads/news/js/jquery.SuperSlide.js HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:42 GMT
Content-Type: application/javascript;charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip

GET touchdownhotels.com/?uploads/js/easyAnalyse.js

38.207.215.198

200 OK

569 B

URL GET HTTP/1.1
touchdownhotels.com/?uploads/js/easyAnalyse.js
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
HTML document, ASCII text
Size
569 B (569 bytes)
Hash
4e0212d18b76276906eb4d8c61d3149c
ecd439bbc321056d10c1234f22de845157a0bc50
c11cbf811ecb3fefdb7ef9bb145692eda54d556b13b7743b3c1f37e977217962

HTTP Headers

GET /?uploads/js/easyAnalyse.js HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:42 GMT
Content-Type: application/javascript;charset=gbk
Content-Length: 569
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

GET touchdownhotels.com/?uploads/news/js/homeTjAucList.js

38.207.215.198

200 OK

1.0 kB

URL GET HTTP/1.1
touchdownhotels.com/?uploads/news/js/homeTjAucList.js
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
HTML document, ISO-8859 text
Size
1.0 kB (1018 bytes)
Hash
ebd9e78b0a8f184d039e2b81fed5acf9
82359968007b660d29ad974b57257e4d38316e76
6b0fc7c298895de4713d3962e7deb89f7894aeb80dbb6360921daa29e2ecf544

HTTP Headers

GET /?uploads/news/js/homeTjAucList.js HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:42 GMT
Content-Type: application/javascript;charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip

GET touchdownhotels.com/?uploads/news/js/jquery.min.js

38.207.215.198

200 OK

34 kB

URL GET HTTP/1.1
touchdownhotels.com/?uploads/news/js/jquery.min.js
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
HTML document, ASCII text, with very long lines (65376)
Size
34 kB (34543 bytes)
Hash
4283d6ced85535be509e5e7cfd8e7a5b
3ccb4650d5070d0b9c1dc075b9ad341293e9255b
25d612abfbfed1e0ff53303bbde9c75c82f778c7edb2c692d0a067b6fb9a848c

HTTP Headers

GET /?uploads/news/js/jquery.min.js HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:42 GMT
Content-Type: application/javascript;charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip

GET 66.bd168888.top/jx.js

38.238.128.26

200 OK

875 B

URL GET HTTP/1.1
66.bd168888.top/jx.js
IP
38.238.128.26:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
HTML document, ASCII text, with very long lines (539)
Size
875 B (875 bytes)
Hash
201e1d9c197a914f4e1a0dfeee830e5a
b4458a080955aa62323ed83b3d9f9f37bf88a5ab
9e63a37b51bccb1ece0f534b168a659ce5611276151165a5302a749697702d93

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET /jx.js HTTP/1.1
Host: 66.bd168888.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:43 GMT
Content-Type: application/javascript
Last-Modified: Sat, 04 Nov 2023 10:07:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"654617ed-7f3"
Expires: Tue, 07 Nov 2023 05:48:43 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

GET touchdownhotels.com/?uploads/news/img/qrcode222.png

38.207.215.198

200 OK

12 kB

URL GET HTTP/1.1
touchdownhotels.com/?uploads/news/img/qrcode222.png
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
data
Size
12 kB (11784 bytes)
Hash
f3a419643af70130f5baef72e7808894
0c8bad3970fcca7fefb27ba20deffa48dae9ba4f
18bb17b033688255bcda32bd1c9dd0f65833bd58ba18d35ab757289016183ff8

HTTP Headers

GET /?uploads/news/img/qrcode222.png HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:43 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

GET touchdownhotels.com/?uploads/news/img/newsyheader.png

38.207.215.198

200 OK

17 kB

URL GET HTTP/1.1
touchdownhotels.com/?uploads/news/img/newsyheader.png
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
data
Size
17 kB (17362 bytes)
Hash
d0ccdbef6b6e7f6f3448e2926c8c5f47
9fd63dcd771c11cf0f9a9606241b94a468522f6d
b101a77de23568fc2b97535c67cbdf91be25025d6f0c1f76a896c2123c6505ce

HTTP Headers

GET /?uploads/news/img/newsyheader.png HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:43 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

GET wsfile.dahe.cn/image/jpeg/20220524/1653387078231531.jpg

27.148.145.164

200 OK

33 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/1653387078231531.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5], baseline, precision 8, 152x267, components 3\012- data
Size
33 kB (32669 bytes)
Hash
23d9f79708c75d0e42ad6b2096d48bd8
357743f027902724f4a752fcbc924b33e4b42b0e
1dd16893467df811e1c039eead0c1defbc17d9cbe191ce9d74b93616f89bdd6d

HTTP Headers

GET /image/jpeg/20220524/1653387078231531.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/jpeg
Content-Length: 32669
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1653387078231531.jpg"
Content-Transfer-Encoding: binary
ETag: "FjV3Q_AnkCck9KdS_LySSzPktCsO"
Last-Modified: Tue, 24 May 2022 10:11:18 GMT
X-Log: mc.g;IO
X-Reqid: AbYCAOnRpY05KoIX
X-Qiniu-Zone: 0
X-Via: 1.1 PSbjwjBGP2bp147:0 (Cdn Cache Server V2.0), 1.1 PS-XIY-01kDf206:4 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fc_PS-FOC-01HpL34_20910-28272

GET wsfile.dahe.cn/image/jpeg/20220524/1653387056170202.jpg

27.148.145.164

200 OK

22 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/1653387056170202.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=17], baseline, precision 8, 186x102, components 3\012- data
Size
22 kB (22430 bytes)
Hash
546e313d1f00c9e23d140b23e2cc7d63
00c3e7cfa1f8ab91f78d5cb648bcb43006439622
1c0cabe792f3821bfdb1d8457e6ab3eda74511a5701600637e5d3a4c779760a1

HTTP Headers

GET /image/jpeg/20220524/1653387056170202.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/jpeg
Content-Length: 22430
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1653387056170202.jpg"
Content-Transfer-Encoding: binary
ETag: "FgDD58-h-KuR941ctki8tDAGQ5Yi"
Last-Modified: Tue, 24 May 2022 10:10:56 GMT
X-Log: mc.g;IO
X-Reqid: sJAAALcsp3Y5KoIX
X-Qiniu-Zone: 0
X-Via: 1.1 PSbjwjBGP2ku230:3 (Cdn Cache Server V2.0), 1.1 PS-000-01bTh203:3 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fc_PS-FOC-01HpL34_20919-16255

GET wsfile.dahe.cn/image/jpeg/20220524/165338704367269.jpg

27.148.145.164

200 OK

40 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/165338704367269.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=16], baseline, precision 8, 369x102, components 3\012- data
Size
40 kB (40511 bytes)
Hash
7e07417f9d7a4a8aeec13322a0652f76
6ea1cf699597fde2023c4e539f133b1835ee7086
5f443961bc224afa0bd6930489c37498cdac4d296ca16819959ba56702f57f3f

HTTP Headers

GET /image/jpeg/20220524/165338704367269.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/jpeg
Content-Length: 40511
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="165338704367269.jpg"
Content-Transfer-Encoding: binary
ETag: "Fm6hz2mVl_3iAjxOU58TOxg17nCG"
Last-Modified: Tue, 24 May 2022 10:10:43 GMT
X-Log: mc.g;IO
X-Reqid: d2YAAEnIYuHXIR4X
X-Qiniu-Zone: 0
X-Via: 1.1 PS-CZX-013cP174:10 (Cdn Cache Server V2.0), 1.1 PS-000-01THk172:3 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fc_PS-FOC-01HpL34_21484-55074

GET touchdownhotels.com/?uploads/news/img/top_line.png

38.207.215.198

200 OK

1.4 kB

URL GET HTTP/1.1
touchdownhotels.com/?uploads/news/img/top_line.png
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
data
Size
1.4 kB (1415 bytes)
Hash
f1c07f1a9efedc1e68caeb3b644cbcae
7da88dbf30d994258d4d45d8a413a6ba3a526ac9
6526b73f6f425d8c16c371105a440438911b6cbce812992c255e21b10efaadd2

HTTP Headers

GET /?uploads/news/img/top_line.png HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/?uploads/news/css/base.css
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

GET touchdownhotels.com/?uploads/news/img/search_btn.png

38.207.215.198

200 OK

543 B

URL GET HTTP/1.1
touchdownhotels.com/?uploads/news/img/search_btn.png
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
data
Size
543 B (543 bytes)
Hash
1f918ff8f3cd48245335770320b46dc1
7c3bdd0d8bd5104712d1b74dc470914ea2e2a4af
a35915389a2d3e7f59739729a266877f24c9e3f4f147f2a168e0266baa842227

HTTP Headers

GET /?uploads/news/img/search_btn.png HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/?uploads/news/css/base.css
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

ocsp.digicert.cn/

47.246.48.205

471 B

URL
ocsp.digicert.cn/
IP
47.246.48.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
cc74cf3fc04bd38c3734fba3ffabca49
ca69fc584d60551c43da5d3c1abba93ad67b3d22
f4331efe67e8d52fa07592ce86af2b8739a7df7149e4d3bb86c4868364d77a9e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Mon, 06 Nov 2023 17:48:44 GMT
Ali-Swift-Global-Savetime: 1699292924
Via: cache19.l2de2[48,47,200-0,M], cache19.l2de2[49,0], cache7.nl2[56,56,200-0,M], cache7.nl2[58,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 06 Nov 2023 17:48:44 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff6309b16992929244655342e

GET wsfile.dahe.cn/image/jpeg/20220524/1653387006395666.jpg

27.148.145.164

200 OK

54 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/1653387006395666.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=14], baseline, precision 8, 277x158, components 3\012- data
Size
54 kB (53862 bytes)
Hash
6c211168805fcd8551a2c2aa3a1f549a
413e8b2122a3f09cf6ab3dc4f9950c56f2e651b8
e88d99afee96588cd80ce663c3de449738eb0b573439475c67821e35cd48133c

HTTP Headers

GET /image/jpeg/20220524/1653387006395666.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/jpeg
Content-Length: 53862
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1653387006395666.jpg"
Content-Transfer-Encoding: binary
ETag: "FkE-iyEio_Cc9qs9xPmVDFby5lG4"
Last-Modified: Tue, 24 May 2022 10:10:06 GMT
X-Log: mc.g;IO
X-Reqid: AbYCAOnE8ERDemQX
X-Qiniu-Zone: 0
X-Via: 1.1 PSbjwjBGP2cu229:2 (Cdn Cache Server V2.0), 1.1 PSfjqzdx7ox97:2 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fc_PS-FOC-01HpL34_21454-13939

GET www.henanamc.com.cn/uploads/img/sanjiao.png

180.76.164.11

200 OK

205 B

URL GET HTTP/1.1
www.henanamc.com.cn/uploads/img/sanjiao.png
IP
180.76.164.11:80
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
http://touchdownhotels.com/

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
205 B (205 bytes)
Hash
0efceaab08eb3d519ae49dd9d98464c8
c2d30e2920bee34d507217f14f24c4a55236f72d
35e5eb34fdec63a35a950867cdf075791fe3062fd9db20ef2c0d2562ab9cae40

HTTP Headers

GET /uploads/img/sanjiao.png HTTP/1.1
Host: www.henanamc.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/png
Content-Length: 205
Last-Modified: Fri, 16 Mar 2018 06:55:44 GMT
Connection: keep-alive
ETag: "5aab6a70-cd"
Set-Cookie: HttpOnly
Secure
;Max-Age=600
HttpOnly=true
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1;mode=block
X-Content-Type-Option: nosniff
Accept-Ranges: bytes

GET www.henanamc.com.cn/uploads/news/img/asset_bot01.png

180.76.164.11

200 OK

1.6 kB

URL GET HTTP/1.1
www.henanamc.com.cn/uploads/news/img/asset_bot01.png
IP
180.76.164.11:80
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
http://touchdownhotels.com/

File type
PNG image data, 37 x 37, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1633 bytes)
Hash
64884cc14ef2c964ad516e258e3a83ec
167626938fd77e80c007c7e43a353ee101740360
4ffb0f883fbb3d972c32236bcd5bce90fc39448c49e66fac81a82fc5b17d2eaf

HTTP Headers

GET /uploads/news/img/asset_bot01.png HTTP/1.1
Host: www.henanamc.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/png
Content-Length: 1633
Last-Modified: Tue, 01 Jun 2021 07:18:15 GMT
Connection: keep-alive
ETag: "60b5df37-661"
Set-Cookie: HttpOnly
Secure
;Max-Age=600
HttpOnly=true
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1;mode=block
X-Content-Type-Option: nosniff
Accept-Ranges: bytes

GET www.henanamc.com.cn/uploads/news/img/asset_top01.png

180.76.164.11

200 OK

1.8 kB

URL GET HTTP/1.1
www.henanamc.com.cn/uploads/news/img/asset_top01.png
IP
180.76.164.11:80
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
http://touchdownhotels.com/

File type
PNG image data, 37 x 37, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1754 bytes)
Hash
7e3a07a75e6df2c3e9fb1f1b542e84bb
0e1c7d93cbce9ac066641987924a98837a4cfb9c
f17333d82411b1e8378cb340810fce535f74e8d60b36acb14e31cd5bf2088d6e

HTTP Headers

GET /uploads/news/img/asset_top01.png HTTP/1.1
Host: www.henanamc.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/png
Content-Length: 1754
Last-Modified: Tue, 01 Jun 2021 07:18:16 GMT
Connection: keep-alive
ETag: "60b5df38-6da"
Set-Cookie: HttpOnly
Secure
;Max-Age=600
HttpOnly=true
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1;mode=block
X-Content-Type-Option: nosniff
Accept-Ranges: bytes

GET wsfile.dahe.cn/image/jpeg/20220524/1653387066091261.jpg

27.148.145.164

200 OK

81 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/1653387066091261.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 444x267, components 3\012- data
Size
81 kB (81420 bytes)
Hash
ad06c8e6b76454e7557c2f3eb5ab9b96
473311c654fd26dcf90c34c51e3ddcdf0ee74cf8
853d62ed13781bf7289e22656890cf93e1a17f54d9b868d80c17dc53fed207b5

HTTP Headers

GET /image/jpeg/20220524/1653387066091261.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/jpeg
Content-Length: 81420
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1653387066091261.jpg"
Content-Transfer-Encoding: binary
ETag: "FkczEcZU_Sbc-Qw0xR493N8O50z4"
Last-Modified: Tue, 24 May 2022 10:11:06 GMT
X-Log: mc.g;IO
X-Reqid: sJAAANnNX-fXIR4X
X-Qiniu-Zone: 0
X-Via: 1.1 PS-CZX-013cP174:10 (Cdn Cache Server V2.0), 1.1 PS-000-01jaE49:0 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fc_PS-FOC-01HpL34_21040-16861

GET wsfile.dahe.cn/image/jpeg/20220524/1653386976468477.jpg

27.148.145.164

200 OK

34 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/1653386976468477.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=14], baseline, precision 8, 186x102, components 3\012- data
Size
34 kB (34282 bytes)
Hash
fa273fe9a9d012c2cb43ed92067d1c03
70cef726c6bc96ccb712140f844620e2c5c3079c
f0df596ff8a8415feb096a7aa41f4dd459c530ac810c5ec1f7af9f46ef90d540

HTTP Headers

GET /image/jpeg/20220524/1653386976468477.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/jpeg
Content-Length: 34282
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1653386976468477.jpg"
Content-Transfer-Encoding: binary
ETag: "FnDO9ybGvJbMtxIUD4RGIOLFwwec"
Last-Modified: Tue, 24 May 2022 10:09:36 GMT
X-Log: mc.g;IO
X-Reqid: AbYCAP4Z9JCcjmoX
X-Qiniu-Zone: 0
X-Via: 1.1 PSbjwjBGPzm117:6 (Cdn Cache Server V2.0), 1.1 PSfjfzdx3yr21:1 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fc_PS-FOC-01HpL34_21484-55076

GET wsfile.dahe.cn/image/jpeg/20220524/1653386985994173.jpg

27.148.145.164

200 OK

56 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/1653386985994173.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=14], baseline, precision 8, 369x102, components 3\012- data
Size
56 kB (55456 bytes)
Hash
35e9a4dbadebc0072039080885d834f6
0bb622eee75463cc322d09efdd3e84c24c823071
3033d632f3fd1da06120e09777eac222f873a1898c2c264bf579b0811b8bffdf

HTTP Headers

GET /image/jpeg/20220524/1653386985994173.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/jpeg
Content-Length: 55456
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1653386985994173.jpg"
Content-Transfer-Encoding: binary
ETag: "Fgu2Iu7nVGPMMi0J790-hMJMgjBx"
Last-Modified: Tue, 24 May 2022 10:09:46 GMT
X-Log: mc.g;IO
X-Reqid: gCMAAP7D0o2cjmoX
X-Qiniu-Zone: 0
X-Via: 1.1 PSbjwjBGPzm117:6 (Cdn Cache Server V2.0), 1.1 PSfjfzdx3ei22:4 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fc_PS-FOC-01HpL34_20919-16260

GET wsfile.dahe.cn/image/jpeg/20220524/1653386996956352.jpg

27.148.145.164

200 OK

52 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/1653386996956352.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=14], baseline, precision 8, 277x158, components 3\012- data
Size
52 kB (51728 bytes)
Hash
ee0352493f8e6029c5862d0dbc8714b6
240ee4e1f5e038fa7e63d3af628cdaeca92568a8
9bca89f93514409b8434dac58d0af1a4d225532d568977e72b0ffd102ee435be

HTTP Headers

GET /image/jpeg/20220524/1653386996956352.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/jpeg
Content-Length: 51728
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1653386996956352.jpg"
Content-Transfer-Encoding: binary
ETag: "FiQO5OH14Dj6fmPTr2KM2uypJWio"
Last-Modified: Tue, 24 May 2022 10:09:57 GMT
X-Log: mc.g;IO
X-Reqid: dZwBAKHww93zYXUX
X-Qiniu-Zone: 0
X-Via: 1.1 PSbjwjBGP2cu229:5 (Cdn Cache Server V2.0), 1.1 PS-XIY-01kDf206:4 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fc_PS-FOC-01HpL34_20910-28275

GET touchdownhotels.com/?uploads/news/img/focus_bg.png

38.207.215.198

200 OK

6.8 kB

URL GET HTTP/1.1
touchdownhotels.com/?uploads/news/img/focus_bg.png
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
data
Size
6.8 kB (6837 bytes)
Hash
efde11670970eb66beb90dcf64ec9e51
01806643a0a2ffb17cb20b258c928e8232bfa416
9049905f0903181050929f4dabdbe941852c4edf455f5ff98049aec0702eb3e2

HTTP Headers

GET /?uploads/news/img/focus_bg.png HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/?uploads/news/css/index.css
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

GET touchdownhotels.com/?uploads/news/img/focus_left.png

38.207.215.198

200 OK

820 B

URL GET HTTP/1.1
touchdownhotels.com/?uploads/news/img/focus_left.png
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
data
Size
820 B (820 bytes)
Hash
74cc85ba3522c5a7d701516064597fe0
6cc7d7f039705face886a69c3edfcea6aa357254
91a79435d0e8a1ce9cb6f9b4dcc32edca50f9414d02f8734232706ad91ba1226

HTTP Headers

GET /?uploads/news/img/focus_left.png HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/?uploads/news/css/index.css
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

GET wsfile.dahe.cn/image/jpeg/20220524/1653386966492765.jpg

27.148.145.164

200 OK

91 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/1653386966492765.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 408x408, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12], baseline, precision 8, 444x267, components 3\012- data
Size
91 kB (90591 bytes)
Hash
5df8ef7919bb76e4671c83c7fa5caddc
242f8672a4e07956cba7c9da65c2e85ea73d9a66
341052689bc180f5b8769c64f31bd4e9bf1ca4848785a6cc5b1692ec1ddf97ed

HTTP Headers

GET /image/jpeg/20220524/1653386966492765.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/jpeg
Content-Length: 90591
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1653386966492765.jpg"
Content-Transfer-Encoding: binary
ETag: "FiQvhnKk4HlWy6fJ2mXC6F6nPZpm"
Last-Modified: Tue, 24 May 2022 10:09:26 GMT
X-Log: mc.g;IO
X-Reqid: OwgAAA6KNiLq1B0X
X-Qiniu-Zone: 0
X-Via: 1.1 PS-CZX-01FnO175:9 (Cdn Cache Server V2.0), 1.1 PS-XIY-01mKE205:1 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fc_PS-FOC-01HpL34_21484-55075

ocsp.digicert.cn/

47.246.48.205

471 B

URL
ocsp.digicert.cn/
IP
47.246.48.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
cc74cf3fc04bd38c3734fba3ffabca49
ca69fc584d60551c43da5d3c1abba93ad67b3d22
f4331efe67e8d52fa07592ce86af2b8739a7df7149e4d3bb86c4868364d77a9e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Mon, 06 Nov 2023 17:48:44 GMT
Ali-Swift-Global-Savetime: 1699292924
Via: cache8.l2de2[275,275,200-0,M], cache8.l2de2[276,0], cache4.nl2[283,282,200-0,M], cache4.nl2[284,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 06 Nov 2023 17:48:44 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff6309816992929244683234e

ocsp.digicert.cn/

47.246.48.205

471 B

URL
ocsp.digicert.cn/
IP
47.246.48.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
cc74cf3fc04bd38c3734fba3ffabca49
ca69fc584d60551c43da5d3c1abba93ad67b3d22
f4331efe67e8d52fa07592ce86af2b8739a7df7149e4d3bb86c4868364d77a9e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Mon, 06 Nov 2023 17:48:44 GMT
Ali-Swift-Global-Savetime: 1699292924
Via: cache8.l2de2[278,277,200-0,M], cache8.l2de2[278,0], cache5.nl2[286,286,200-0,M], cache5.nl2[289,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 06 Nov 2023 17:48:44 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff6309916992929244662153e

GET caishen.bdbyyo.com/matomo.js

38.207.223.77

200 OK

24 kB

URL GET HTTP/1.1
caishen.bdbyyo.com/matomo.js
IP
38.207.223.77:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
ASCII text, with very long lines (1601)
Size
24 kB (24085 bytes)
Hash
a3a7245d6daf7d31d2069c0ba05879dd
ec1bf464889e71aec1ced6d8361a26c76e4a1460
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

HTTP Headers

GET /matomo.js HTTP/1.1
Host: caishen.bdbyyo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: application/javascript
Last-Modified: Tue, 01 Aug 2023 09:51:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64c8d5a9-10132"
Expires: Tue, 07 Nov 2023 05:48:44 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

GET wsfile.dahe.cn/image/jpeg/20220524/1653386954858784.jpg

27.148.145.164

200 OK

46 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/1653386954858784.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=14], baseline, precision 8, 152x267, components 3\012- data
Size
46 kB (46315 bytes)
Hash
775df27fee64251b62f389d511054d5a
4208fb0ea6bd7d4947edc8f05cce56ef53bcd49d
44f14904bf79095d266182b323de3e8efd29ba7406fb26bce70c6f155b95b22a

HTTP Headers

GET /image/jpeg/20220524/1653386954858784.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/jpeg
Content-Length: 46315
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1653386954858784.jpg"
Content-Transfer-Encoding: binary
ETag: "FkII-w6mvX1JR-3I8FzOVu9TvNSd"
Last-Modified: Tue, 24 May 2022 10:09:14 GMT
X-Log: mc.g;IO
X-Reqid: sJAAAC_mnpacjmoX
X-Qiniu-Zone: 0
X-Via: 1.1 PSshhlBGPqw105:3 (Cdn Cache Server V2.0), 1.1 PSfjfzdx3yr21:1 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fc_PS-FOC-01HpL34_21454-13941

GET wsfile.dahe.cn/image/jpeg/20220524/1653387196947849.jpg

27.148.145.164

200 OK

45 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/1653387196947849.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=14], baseline, precision 8, 232x102, components 3\012- data
Size
45 kB (45410 bytes)
Hash
4417bbe3cb5a2554c06aa8244e9d6ca8
9ad407f8a4270cd45579cbfb63787465ce25357e
d2dc93f20a12e366d3118d3a647d7b6aab82d3de93d8c137ae0e3cb251901558

HTTP Headers

GET /image/jpeg/20220524/1653387196947849.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/jpeg
Content-Length: 45410
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1653387196947849.jpg"
Content-Transfer-Encoding: binary
ETag: "FprUB_ikJwzUVXnL-2N4dGXOJTV-"
Last-Modified: Tue, 24 May 2022 10:13:17 GMT
X-Log: mc.g;IO
X-Reqid: dZwBAGWVFhUcdm0X
X-Qiniu-Zone: 0
X-Via: 1.1 PS-CZX-01FnO175:7 (Cdn Cache Server V2.0), 1.1 PSfjqzdx7ox97:5 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fc_PS-FOC-01HpL34_20919-16261

GET wsfile.dahe.cn/image/jpeg/20220524/1653386927759347.jpg

27.148.145.164

200 OK

40 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/1653386927759347.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=14], baseline, precision 8, 232x102, components 3\012- data
Size
40 kB (40109 bytes)
Hash
180fdea7bb72fe8ea017ea1fa2d91b43
ddb6291a6a0595ec891c9d304cc4ddde7e4bbad5
21b9c0f7ea55dd942c2744ade39958387e86059e19d1fc5b659c6a564d5770ea

HTTP Headers

GET /image/jpeg/20220524/1653386927759347.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/jpeg
Content-Length: 40109
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1653386927759347.jpg"
Content-Transfer-Encoding: binary
ETag: "Ft22KRpqBZXsiRydMEzE3d5-S7rV"
Last-Modified: Tue, 24 May 2022 10:08:52 GMT
X-Log: mc.g;IO
X-Reqid: sJAAAMNzpNEZvmQX
X-Qiniu-Zone: 0
X-Via: 1.1 PS-000-01Sjs43:9 (Cdn Cache Server V2.0), 1.1 PS-HFE-016ks31:0 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fc_PS-FOC-01HpL34_21484-55078

GET touchdownhotels.com/?uploads/news/img/focus_right.png

38.207.215.198

200 OK

821 B

URL GET HTTP/1.1
touchdownhotels.com/?uploads/news/img/focus_right.png
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
data
Size
821 B (821 bytes)
Hash
b56c592252822d78a721baa89e12cce1
61e696e7fba113d6044e9570d17a44c5ad5ff538
a2cbbbda5a4629475b53dde89fd7e5c66dbcf8cc35d5065c62f014f55a9a0833

HTTP Headers

GET /?uploads/news/img/focus_right.png HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/?uploads/news/css/index.css
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

GET wsfile.dahe.cn/image/jpeg/20220524/1653387087383226.jpg

27.148.145.164

200 OK

43 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/1653387087383226.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=14], baseline, precision 8, 232x157, components 3\012- data
Size
43 kB (43267 bytes)
Hash
3e793771c5b25ce30997655c60b197b4
206f5eb7533ae2bc323c3329f06f6bc993f14685
eba7c02af1c2ee6a91d933ce33ab22dbcb460d617ee5b27a758d39bf63738ad8

HTTP Headers

GET /image/jpeg/20220524/1653387087383226.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/jpeg
Content-Length: 43267
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1653387087383226.jpg"
Content-Transfer-Encoding: binary
ETag: "FiBvXrdTOuK8MjwzKfBva8mT8UaF"
Last-Modified: Tue, 24 May 2022 10:11:27 GMT
X-Log: mc.g;IO
X-Reqid: sJAAABlSV6sFwmQX
X-Qiniu-Zone: 0
X-Via: 1.1 PS-000-01hsM197:4 (Cdn Cache Server V2.0), 1.1 PS-000-012K3202:9 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fc_PS-FOC-01HpL34_20910-28278

ocsp.digicert.cn/

47.246.48.205

471 B

URL
ocsp.digicert.cn/
IP
47.246.48.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
cc74cf3fc04bd38c3734fba3ffabca49
ca69fc584d60551c43da5d3c1abba93ad67b3d22
f4331efe67e8d52fa07592ce86af2b8739a7df7149e4d3bb86c4868364d77a9e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Mon, 06 Nov 2023 17:48:44 GMT
Ali-Swift-Global-Savetime: 1699292924
Via: cache8.l2de2[511,510,200-0,M], cache8.l2de2[513,0], cache7.nl2[525,525,200-0,M], cache7.nl2[527,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 06 Nov 2023 17:48:44 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff6309b16992929244635337e

GET wsfile.dahe.cn/image/jpeg/20220524/1653387152688155.jpg

27.148.145.164

200 OK

34 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/1653387152688155.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, manufacturer=Canon, model=Canon EOS 5D Mark IV, xresolution=185, yresolution=193, resolutionunit=2, software=www.meitu.com, datetime=2018:04:18 11:33:49], baseline, precision 8, 186x102, components 3\012- data
Size
34 kB (33742 bytes)
Hash
29e0249bde6a29f365811b065ea030f3
3d5dac6672c882fc9cc1b23cf1bedeebbd949762
4c0a83d64a38e4ceb033b35c1a76aeb41875c9e2a01142b2bb4f7e40015e72d1

HTTP Headers

GET /image/jpeg/20220524/1653387152688155.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/jpeg
Content-Length: 33742
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1653387152688155.jpg"
Content-Transfer-Encoding: binary
ETag: "Fj1drGZyyIL8nMGyPPG-3uu9lJdi"
Last-Modified: Tue, 24 May 2022 10:12:32 GMT
X-Log: mc.g;IO
X-Reqid: dZwBAPqxk7CcjmoX
X-Qiniu-Zone: 0
X-Via: 1.1 PSbjwjBGP2ku230:5 (Cdn Cache Server V2.0), 1.1 PSfjfzdx2yd92:0 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fc_PS-FOC-01HpL34_21484-55079

GET wsfile.dahe.cn/image/png/20220524/1653387024710587.png

27.148.145.164

200 OK

102 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/png/20220524/1653387024710587.png
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
PNG image data, 277 x 158, 8-bit/color RGBA, non-interlaced\012- data
Size
102 kB (101673 bytes)
Hash
7802f3eaa230152f3bebb20a78c7232d
785295d25493177ed6a281a2a21a5e3c88618936
be4ecd020785e83b933db0f92df92910722291ea16a00151bafa591a0aba8899

HTTP Headers

GET /image/png/20220524/1653387024710587.png HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:45 GMT
Content-Type: image/png
Content-Length: 101673
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1653387024710587.png"
Content-Transfer-Encoding: binary
ETag: "FnhSldJUkxd-1qKBoqIaXjyIYYk2"
Last-Modified: Tue, 24 May 2022 10:10:24 GMT
X-Log: mc.g;IO
X-Reqid: gCMAAIdbUF96BWUX
X-Qiniu-Zone: 0
X-Via: 1.1 PSbjwjBGP2bp147:9 (Cdn Cache Server V2.0), 1.1 PS-000-01bTh203:8 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fc_PS-FOC-01HpL34_21454-13942

GET wsfile.dahe.cn/image/jpeg/20220524/1653387097010976.jpg

27.148.145.164

200 OK

21 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/1653387097010976.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 232x102, components 3\012- data
Size
21 kB (20899 bytes)
Hash
16574c9f03eb4d0d376069b4a6e403a2
de5cc85a281862ffbb99ccced6c29a7315efccbc
4232096c6985318a49ef5026532262cc177e883b9e8f4da426ff42bea77837f2

HTTP Headers

GET /image/jpeg/20220524/1653387097010976.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:45 GMT
Content-Type: image/jpeg
Content-Length: 20899
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1653387097010976.jpg"
Content-Transfer-Encoding: binary
ETag: "Ft5cyFooGGL_u5nMztbCmnMV78y8"
Last-Modified: Tue, 24 May 2022 10:11:37 GMT
X-Log: mc.g;IO
X-Reqid: sJAAAFXvIvqq3h0X
X-Qiniu-Zone: 0
X-Via: 1.1 PSbjwjBGPxe118:9 (Cdn Cache Server V2.0), 1.1 PS-WNZ-01oBq112:3 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fd_PS-FOC-01HpL34_20919-16262

GET touchdownhotels.com/?uploads/news/img/footer-logo3.png

38.207.215.198

200 OK

7.4 kB

URL GET HTTP/1.1
touchdownhotels.com/?uploads/news/img/footer-logo3.png
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
data
Size
7.4 kB (7428 bytes)
Hash
896dfbe3a775d053ed8a57886433916b
9411838afafc613795d1a6d5736bcde59c43122e
a42a63cca43838dc5bb994245e427186a6933d6c268716a2d89faa1c1dcb8780

HTTP Headers

GET /?uploads/news/img/footer-logo3.png HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:45 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

GET wsfile.dahe.cn/image/jpeg/20220524/1653387112492876.jpg

27.148.145.164

200 OK

46 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/1653387112492876.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=13], baseline, precision 8, 277x158, components 3\012- data
Size
46 kB (46468 bytes)
Hash
9368907f84ae74139712a06dd1bae1f1
c996a234f4e3c00d33c357fa18017d91f6f4d88a
d925ad7f6c69108f1ac10e766e5d1b604123406197e8818a6e282ef010c4f48a

HTTP Headers

GET /image/jpeg/20220524/1653387112492876.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:45 GMT
Content-Type: image/jpeg
Content-Length: 46468
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1653387112492876.jpg"
Content-Transfer-Encoding: binary
ETag: "FsmWojT048ANM8NX-hgBfZH29NiK"
Last-Modified: Tue, 24 May 2022 10:11:52 GMT
X-Log: mc.g;IO
X-Reqid: d2YAABfvemgUBB4X
X-Qiniu-Zone: 0
X-Via: 1.1 PS-CZX-013cP174:0 (Cdn Cache Server V2.0), 1.1 PS-WNZ-01oBq112:6 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fd_PS-FOC-01HpL34_21484-55080

GET wsfile.dahe.cn/image/jpeg/20220524/165338712227314.jpg

27.148.145.164

200 OK

53 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/165338712227314.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=14], baseline, precision 8, 277x158, components 3\012- data
Size
53 kB (53397 bytes)
Hash
88bd2bd2afd3bd67f4ee1033afefc14e
858680ed6914202288707c0e63c6330e9626663e
465dddd3d93d2af42ff52b1f84b85d92d429e0e0d9532a81089ea2e5f54308b1

HTTP Headers

GET /image/jpeg/20220524/165338712227314.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:45 GMT
Content-Type: image/jpeg
Content-Length: 53397
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="165338712227314.jpg"
Content-Transfer-Encoding: binary
ETag: "FoWGgO1pFCAiiHB8DmPGMw6WJmY-"
Last-Modified: Tue, 24 May 2022 10:12:02 GMT
X-Log: mc.g;IO
X-Reqid: gCMAAAt0i60FwmQX
X-Qiniu-Zone: 0
X-Via: 1.1 PSbjwjBGPxe118:0 (Cdn Cache Server V2.0), 1.1 PS-HET-01KeV42:3 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fd_PS-FOC-01HpL34_20910-28279

GET wsfile.dahe.cn/image/jpeg/20220524/165338713269513.jpg

27.148.145.164

200 OK

56 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/165338713269513.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=14], baseline, precision 8, 369x102, components 3\012- data
Size
56 kB (56422 bytes)
Hash
8444cbe13b3a1b3312345ef128354fa4
f143b0fa8c412383fd23483105ad6131fbe7f6f6
56a5faa854a0ad7962155399dcb4de44855defe74867d02bac58c7c74483b34e

HTTP Headers

GET /image/jpeg/20220524/165338713269513.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:45 GMT
Content-Type: image/jpeg
Content-Length: 56422
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="165338713269513.jpg"
Content-Transfer-Encoding: binary
ETag: "FvFDsPqMQSOD_SNIMQWtYTH75_b2"
Last-Modified: Tue, 24 May 2022 10:12:12 GMT
X-Log: mc.g;IO
X-Reqid: OwgAAIo_JPuq3h0X
X-Qiniu-Zone: 0
X-Via: 1.1 PSbjwjBGPxe118:9 (Cdn Cache Server V2.0), 1.1 PS-WNZ-01roT111:3 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fd_PS-FOC-01HpL34_21484-55081

GET touchdownhotels.com/?uploads/news/img/banner3.png

38.207.215.198

200 OK

514 kB

URL GET HTTP/1.1
touchdownhotels.com/?uploads/news/img/banner3.png
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
data
Size
514 kB (514176 bytes)
Hash
337b00246e113899fd35e9afd7e5bfdd
66ad147c2454351123ff35bc45458c356d226d21
7bdab246261dea357bb57268491673865c47a22457a58236c82decd84eccc2e4

HTTP Headers

GET /?uploads/news/img/banner3.png HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:43 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

GET touchdownhotels.com/?uploads/news/img/zyhn-banner123.jpg

38.207.215.198

200 OK

721 kB

URL GET HTTP/1.1
touchdownhotels.com/?uploads/news/img/zyhn-banner123.jpg
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
data
Size
721 kB (720840 bytes)
Hash
4b676ab48d0060fe7ee970a3bbe319ae
56d2c58adedb697b1af871ff1a06775a7dc96edd
3135a0d8317c94f1ec74a25df8c84ddd57630e80d33de7bdf738268f4cb8be9f

HTTP Headers

GET /?uploads/news/img/zyhn-banner123.jpg HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:43 GMT
Content-Type: image/jpg
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

POST caishen.bdbyyo.com/matomo.php?action_name=%E5%8D%8A%E5%B2%9B%E4%BD%93%E5%BD%A9%C2%B7(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E7%BD%91%E5%85%A5%E5%8F%A3&idsite=1&rec=1&r=708742&h=17&m=48&s=44&url=http%3A%2F%2Ftouchdownhotels.com%2F&_id=73813e4362f297f2&_idn=1&cs=GBK&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pv_id=dRoPlZ&pf_net=0&pf_srv=315&pf_tfr=1&pf_dm1=1686&uadata=%7B%7D

38.207.223.77

204 No Response

0 B

URL POST HTTP/1.1
caishen.bdbyyo.com/matomo.php?action_name=%E5%8D%8A%E5%B2%9B%E4%BD%93%E5%BD%A9%C2%B7(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E7%BD%91%E5%85%A5%E5%8F%A3&idsite=1&rec=1&r=708742&h=17&m=48&s=44&url=http%3A%2F%2Ftouchdownhotels.com%2F&_id=73813e4362f297f2&_idn=1&cs=GBK&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pv_id=dRoPlZ&pf_net=0&pf_srv=315&pf_tfr=1&pf_dm1=1686&uadata=%7B%7D
IP
38.207.223.77:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /matomo.php?action_name=%E5%8D%8A%E5%B2%9B%E4%BD%93%E5%BD%A9%C2%B7(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E7%BD%91%E5%85%A5%E5%8F%A3&idsite=1&rec=1&r=708742&h=17&m=48&s=44&url=http%3A%2F%2Ftouchdownhotels.com%2F&_id=73813e4362f297f2&_idn=1&cs=GBK&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024&pv_id=dRoPlZ&pf_net=0&pf_srv=315&pf_tfr=1&pf_dm1=1686&uadata=%7B%7D HTTP/1.1
Host: caishen.bdbyyo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: http://touchdownhotels.com
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/

HTTP/1.1 204 No Response
Server: nginx
Date: Mon, 06 Nov 2023 17:48:45 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Tk: N
Access-Control-Allow-Origin: http://touchdownhotels.com
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000

GET wsfile.dahe.cn/image/jpeg/20220524/1653387034558234.jpg

27.148.145.164

200 OK

51 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/1653387034558234.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, manufacturer=Canon, model=Canon EOS 5D Mark IV, xresolution=185, yresolution=193, resolutionunit=2, software=www.meitu.com, datetime=2021:04:16 10:39:31], baseline, precision 8, 277x158, components 3\012- data
Size
51 kB (50838 bytes)
Hash
1c52ebddf522f44f612a333330316c21
0b8e64939e6309c2f5aa4cd07e63960b4920eb3f
88934474783e0b43eb37ed1ed88f7e8036f6e7ceb6898039556f0bcec8bb01ed

HTTP Headers

GET /image/jpeg/20220524/1653387034558234.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:45 GMT
Content-Type: image/jpeg
Content-Length: 50838
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1653387034558234.jpg"
Content-Transfer-Encoding: binary
ETag: "FguOZJOeYwnC9apM0H5jlgtJIOs_"
Last-Modified: Tue, 24 May 2022 10:10:34 GMT
X-Log: mc.g;IO
X-Reqid: d2YAABacM5ZOZiEX
X-Qiniu-Zone: 0
X-Via: 1.1 PS-CZX-01FnO175:9 (Cdn Cache Server V2.0), 1.1 PS-WNZ-010AM110:1 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fd_PS-FOC-01HpL34_21454-13944

GET touchdownhotels.com/?uploads/news/img/bot_line.png

38.207.215.198

200 OK

526 B

URL GET HTTP/1.1
touchdownhotels.com/?uploads/news/img/bot_line.png
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
data
Size
526 B (526 bytes)
Hash
06fb9f44bd5d4876d0569572b07c19a5
729f673387a6e1cc89271bc509afe7b38b68cff1
f84a6c0c1f435135232ff62bf50f63986673db41009e60dffc7ee0445a94b6c1

HTTP Headers

GET /?uploads/news/img/bot_line.png HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/?uploads/news/css/base.css
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:45 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

GET wsfile.dahe.cn/image/jpeg/20220524/1653387163508812.jpg

27.148.145.164

200 OK

103 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/1653387163508812.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=10], baseline, precision 8, 444x267, components 3\012- data
Size
103 kB (102742 bytes)
Hash
e3387f5c17e9ee1a16047d4ca3877333
f0c89e231d2f87e2661443c4aedff679c29eefa7
d25f6ab4191f1d9641fcd0a343779ebd1e316d2809ee032bacdb19a94136a452

HTTP Headers

GET /image/jpeg/20220524/1653387163508812.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:45 GMT
Content-Type: image/jpeg
Content-Length: 102742
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1653387163508812.jpg"
Content-Transfer-Encoding: binary
ETag: "FvDIniMdL4fiZhRDxK7f9nnCnu-n"
Last-Modified: Tue, 24 May 2022 10:12:43 GMT
X-Log: mc.g;IO
X-Reqid: dZwBAPVwE2xDumQX
X-Qiniu-Zone: 0
X-Via: 1.1 PS-000-01AGh44:3 (Cdn Cache Server V2.0), 1.1 PS-HFE-01na347:6 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fd_PS-FOC-01HpL34_20919-16270

GET wsfile.dahe.cn/image/jpeg/20220524/1653387175705528.jpg

27.148.145.164

200 OK

37 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/1653387175705528.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=11, manufacturer=NIKON CORPORATION, model=NIKON D800, xresolution=175, yresolution=183, resolutionunit=2, software=www.meitu.com, datetime=2019:06:13 17:41:32], baseline, precision 8, 152x267, components 3\012- data
Size
37 kB (37252 bytes)
Hash
438280ae696e3a64431274c973e261d4
fe3b9d5c10a30dddcd7d7e2c3a6f5db2a874d8bf
d0fd1b78fcebf20a870589356a45fa245d204fec298ff3d15cbecc60a88eac94

HTTP Headers

GET /image/jpeg/20220524/1653387175705528.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:45 GMT
Content-Type: image/jpeg
Content-Length: 37252
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1653387175705528.jpg"
Content-Transfer-Encoding: binary
ETag: "Fv47nVwQow3dzX1-LDpvXbKodNi_"
Last-Modified: Tue, 24 May 2022 10:12:55 GMT
X-Log: mc.g;IO
X-Reqid: AbYCAI-nru0ZvmQX
X-Qiniu-Zone: 0
X-Via: 1.1 PS-CZX-013cP174:8 (Cdn Cache Server V2.0), 1.1 PS-HET-01KeV42:5 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fd_PS-FOC-01HpL34_21484-55085

GET wsfile.dahe.cn/image/jpeg/20220524/1653387186200529.jpg

27.148.145.164

200 OK

37 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/1653387186200529.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=10, manufacturer=Canon, model=Canon EOS-1D Mark IV, xresolution=161, yresolution=169, resolutionunit=2, software=www.meitu.com, datetime=2019:03:31 07:09:18], baseline, precision 8, 232x157, components 3\012- data
Size
37 kB (36848 bytes)
Hash
40c27e96b24a06a75998ad0b7d0a11f8
12db7b99f1b72524bfd7c47ba1783ec785779d4c
bf95f9e0c19f439d39efc13eddb5d801a650f6d8aa1c7c4a3a7d0d3342025c8b

HTTP Headers

GET /image/jpeg/20220524/1653387186200529.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:45 GMT
Content-Type: image/jpeg
Content-Length: 36848
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1653387186200529.jpg"
Content-Transfer-Encoding: binary
ETag: "FhLbe5nxtyUkv9fEe6F4PseFd51M"
Last-Modified: Tue, 24 May 2022 10:13:06 GMT
X-Log: mc.g;IO
X-Reqid: AbYCAB9OyLGcjmoX
X-Qiniu-Zone: 0
X-Via: 1.1 PSshhlBGPqw105:3 (Cdn Cache Server V2.0), 1.1 PS-000-01JeM43:7 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fd_PS-FOC-01HpL34_20910-28288

ocsp.digicert.cn/

47.246.48.205

471 B

URL
ocsp.digicert.cn/
IP
47.246.48.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
cc74cf3fc04bd38c3734fba3ffabca49
ca69fc584d60551c43da5d3c1abba93ad67b3d22
f4331efe67e8d52fa07592ce86af2b8739a7df7149e4d3bb86c4868364d77a9e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Mon, 06 Nov 2023 17:48:45 GMT
Ali-Swift-Global-Savetime: 1699292925
Via: cache26.l2de2[1281,1281,200-0,M], cache26.l2de2[1283,0], cache5.nl2[1289,1289,200-0,M], cache5.nl2[1290,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 06 Nov 2023 17:48:45 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff6309916992929244662150e

GET wsfile.dahe.cn/image/jpeg/20220524/165338694430528.jpg

27.148.145.164

200 OK

50 kB

URL GET HTTP/1.1
wsfile.dahe.cn/image/jpeg/20220524/165338694430528.jpg
IP
27.148.145.164:80
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=14], baseline, precision 8, 232x157, components 3\012- data
Size
50 kB (49991 bytes)
Hash
ecd8deee54a125edc871c4bcff9a072a
c31734ababcf9e06f5449bbd370d736ca3f0c01a
c303a703b409f2282ffe183688b18be2e1f77132a8ea6328665818379ba128bc

HTTP Headers

GET /image/jpeg/20220524/165338694430528.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:45 GMT
Content-Type: image/jpeg
Content-Length: 49991
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="165338694430528.jpg"
Content-Transfer-Encoding: binary
ETag: "FsMXNKurz54G9USbvTcNc2yj8MAa"
Last-Modified: Tue, 24 May 2022 10:09:04 GMT
X-Log: mc.g;IO
X-Reqid: sJAAAO0rgSTq1B0X
X-Qiniu-Zone: 0
X-Via: 1.1 PS-CZX-01FnO175:9 (Cdn Cache Server V2.0), 1.1 PS-WNZ-010AM110:6 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fd_PS-FOC-01HpL34_21040-16879

GET touchdownhotels.com/?uploads/news/img/banner2.png

38.207.215.198

200 OK

1.2 MB

URL GET HTTP/1.1
touchdownhotels.com/?uploads/news/img/banner2.png
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
data
Size
1.2 MB (1210834 bytes)
Hash
e3036db539014f837d732343afc85044
17380b1aa4e19461a789bec376d913df5d51965a
555216fbd69aa6248f462b4a5d5e85816a31ff15bb7c5d5e22142369f41ecb02

HTTP Headers

GET /?uploads/news/img/banner2.png HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:43 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

GET touchdownhotels.com/?uploads/news/img/banner1.png

38.207.215.198

200 OK

1.2 MB

URL GET HTTP/1.1
touchdownhotels.com/?uploads/news/img/banner1.png
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
data
Size
1.2 MB (1222344 bytes)
Hash
dba00655457f1a912210e03a6c542900
ed1e469280ad20e5d0a790339da983a4d61e1a0f
3004664ef7e7b4a891cece2225cc44432e973aa818092d0d5ab1acc910a6d42e

HTTP Headers

GET /?uploads/news/img/banner1.png HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:43 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

GET wsfile.dahe.cn/a1/image/png/1690418731455639.png

27.148.145.164

200 OK

1.2 MB

URL GET HTTP/1.1
wsfile.dahe.cn/a1/image/png/1690418731455639.png
IP
27.148.145.164:443
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/
Certificate
IssuerDigiCert Inc
Subject*.dahe.cn
Fingerprint3C:2E:5C:C2:03:FF:9D:4E:01:FF:05:6C:D6:C1:B4:FB:7E:A9:AF:AC
ValidityWed, 09 Nov 2022 00:00:00 GMT - Tue, 05 Dec 2023 23:59:59 GMT

File type
PNG image data, 1255 x 738, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 MB (1152949 bytes)
Hash
352663c78e558377a8c38c407b96c2a2
c47878cbd31d6bfe92f66bd2ea16b704aca6bcc4
a74e773a0c9d8f012080bfb4b685ffe6ede985f26296e93c16d1fa18b021f188

HTTP Headers

GET /a1/image/png/1690418731455639.png HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/png
Content-Length: 1152949
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1690418731455639.png"
Content-Transfer-Encoding: binary
ETag: "FsR4eMvTHWv-kvZr0uoWtwSsprzE"
Last-Modified: Thu, 27 Jul 2023 00:45:32 GMT
X-Log: mc.g;IO
X-Reqid: AbYCALB8iLCeHoAX
X-Via: 1.1 PSbjwjBGPzm117:2 (Cdn Cache Server V2.0), 1.1 PS-HET-01mmn43:0 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fc_PS-FOC-01yP035_25423-7779

GET wsfile.dahe.cn/a1/image/jpg/1691468181388809.jpg

27.148.145.164

200 OK

319 kB

URL GET HTTP/1.1
wsfile.dahe.cn/a1/image/jpg/1691468181388809.jpg
IP
27.148.145.164:443
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/
Certificate
IssuerDigiCert Inc
Subject*.dahe.cn
Fingerprint3C:2E:5C:C2:03:FF:9D:4E:01:FF:05:6C:D6:C1:B4:FB:7E:A9:AF:AC
ValidityWed, 09 Nov 2022 00:00:00 GMT - Tue, 05 Dec 2023 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1291x667, components 3\012- data
Size
319 kB (319227 bytes)
Hash
a8bc15c7b3f721ff758a98f6f60df14c
990dd5eac6e250998c592fe7b908879084d094ed
a39fe0f1c89961eff44b0f7b13e76273b324eb18a6b37149fc67855ad519b3a2

HTTP Headers

GET /a1/image/jpg/1691468181388809.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:45 GMT
Content-Type: image/jpeg
Content-Length: 319227
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1691468181388809.jpg"
Content-Transfer-Encoding: binary
ETag: "FpkN1erG4lCZjFkv57kIh5CE0JTt"
Last-Modified: Tue, 08 Aug 2023 04:16:21 GMT
X-Log: mc.g;IO
X-Reqid: dZwBAKbDx-Qe1HsX
X-Via: 1.1 PS-CZX-01FnO175:4 (Cdn Cache Server V2.0), 1.1 PSfjqzdx7ns98:3 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fd_PS-FOC-01yP035_25460-1738

GET wsfile.dahe.cn/a1/image/png/1699020430568602.png

27.148.145.164

200 OK

951 kB

URL GET HTTP/1.1
wsfile.dahe.cn/a1/image/png/1699020430568602.png
IP
27.148.145.164:443
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/
Certificate
IssuerDigiCert Inc
Subject*.dahe.cn
Fingerprint3C:2E:5C:C2:03:FF:9D:4E:01:FF:05:6C:D6:C1:B4:FB:7E:A9:AF:AC
ValidityWed, 09 Nov 2022 00:00:00 GMT - Tue, 05 Dec 2023 23:59:59 GMT

File type
PNG image data, 1440 x 810, 8-bit/color RGBA, non-interlaced\012- data
Size
951 kB (951212 bytes)
Hash
1146212f2f7d0a27bf41c507485a6a54
8234e3965cf9bfa5a3ec4ec412a63d015714ec77
d908b2b0d810e0ab78646e6283fdaf871774b5940b3f7b69bab66624082a1d95

HTTP Headers

GET /a1/image/png/1699020430568602.png HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:45 GMT
Content-Type: image/png
Content-Length: 951212
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1699020430568602.png"
Content-Transfer-Encoding: binary
ETag: "FoI045Zc-b-lo-xOxBKmPQFXFOx3"
Last-Modified: Fri, 03 Nov 2023 14:07:11 GMT
X-Log: mc.g;IO
X-Reqid: dZwBACajNQXNS5QX
X-Via: 1.1 PS-CZX-013cP174:9 (Cdn Cache Server V2.0), 1.1 PS-WNZ-01oBq112:0 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fd_PS-FOC-01yP035_25551-2163

GET facai.bd168888.top/

38.238.128.26

200 OK

3.4 kB

URL GET HTTP/2
facai.bd168888.top/
IP
38.238.128.26:443
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/
Certificate
IssuerLet's Encrypt
Subjectxkuaa.com
Fingerprint92:25:52:66:98:14:28:10:1A:DF:85:D7:C6:84:4B:61:8B:BD:57:AD
ValiditySat, 28 Oct 2023 06:58:51 GMT - Fri, 26 Jan 2024 06:58:50 GMT

File type
gzip compressed data, from Unix\012- data
Size
3.4 kB (3359 bytes)
Hash
72e44834fb6d9f66413763e52cf73275
061d75569f8b4e39714ae226300fdfdcc0ed72d6
ad90d7f8e81c43043495a79e48fdf4f14424e4c798087f01f415edcae143419b

HTTP Headers

GET / HTTP/1.1
Host: facai.bd168888.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 06 Nov 2023 17:48:45 GMT
content-type: text/html
last-modified: Sat, 04 Nov 2023 09:55:10 GMT
vary: Accept-Encoding
etag: W/"654614fe-14bc"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET wsfile.dahe.cn/a1/image/jpg/1691233146458000.jpg

27.148.145.164

200 OK

2.3 MB

URL GET HTTP/1.1
wsfile.dahe.cn/a1/image/jpg/1691233146458000.jpg
IP
27.148.145.164:443
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/
Certificate
IssuerDigiCert Inc
Subject*.dahe.cn
Fingerprint3C:2E:5C:C2:03:FF:9D:4E:01:FF:05:6C:D6:C1:B4:FB:7E:A9:AF:AC
ValidityWed, 09 Nov 2022 00:00:00 GMT - Tue, 05 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=15], baseline, precision 8, 6292x3539, components 3\012- data
Size
2.3 MB (2337160 bytes)
Hash
0a726dd39cef4aa440c106804d0fbeb0
0080c19a6c29c38e62f112e4f1a298bb354f97a4
bf924411001651fbf181e9fdba0b6efce3e0872f4007df95934629f9a4f6fe8c

HTTP Headers

GET /a1/image/jpg/1691233146458000.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/jpeg
Content-Length: 2337160
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1691233146458000.jpg"
Content-Transfer-Encoding: binary
ETag: "FgCAwZpsKcOOYvES5PGimLs1T5ek"
Last-Modified: Sat, 05 Aug 2023 10:59:09 GMT
X-Log: mc.g;IO
X-Reqid: sJAAAKfI0U54BHkX
X-Via: 1.1 PSbjwjBGP2bp147:6 (Cdn Cache Server V2.0), 1.1 PS-XIY-01kDf206:8 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fc_PS-FOC-01zyJ69_17739-63998

GET wsfile.dahe.cn/a1/image/jpg/1690376558825718.jpg

27.148.145.164

200 OK

427 kB

URL GET HTTP/1.1
wsfile.dahe.cn/a1/image/jpg/1690376558825718.jpg
IP
27.148.145.164:443
ASN
#133774 Fuzhou

Requested by
http://touchdownhotels.com/
Certificate
IssuerDigiCert Inc
Subject*.dahe.cn
Fingerprint3C:2E:5C:C2:03:FF:9D:4E:01:FF:05:6C:D6:C1:B4:FB:7E:A9:AF:AC
ValidityWed, 09 Nov 2022 00:00:00 GMT - Tue, 05 Dec 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6], baseline, precision 8, 1597x899, components 3\012- data
Size
427 kB (427023 bytes)
Hash
87e24cf33ac98c954c969bef7aa59e1a
482662f8b53ac581086df912754c9a8be5c4d2dc
cb25e548d0be19f488c39210fb943a001e9138ec93242857fcaef8f8e5955efb

HTTP Headers

GET /a1/image/jpg/1690376558825718.jpg HTTP/1.1
Host: wsfile.dahe.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Nov 2023 17:48:45 GMT
Content-Type: image/jpeg
Content-Length: 427023
Connection: keep-alive
Server: nginx/1.21.0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
Cache-Control: public, max-age=31536000
Content-Disposition: inline; filename="1690376558825718.jpg"
Content-Transfer-Encoding: binary
ETag: "FkgmYvi1OsWBCG35EnVMmovlxNLc"
Last-Modified: Wed, 26 Jul 2023 13:02:39 GMT
X-Log: mc.g;IO
X-Reqid: AbYCAEo8mTs7-XUX
X-Via: 1.1 PSshhlBGPqw105:4 (Cdn Cache Server V2.0), 1.1 PSfjfzdx2lx91:2 (Cdn Cache Server V2.0), 1.1 PS-FOC-01yP035:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 654926fd_PS-FOC-01zyJ69_17164-27451

GET facai.bd168888.top/static/css/min.css

38.238.128.26

200 OK

88 kB

URL GET HTTP/2
facai.bd168888.top/static/css/min.css
IP
38.238.128.26:443
ASN
#174 COGENT-174

Requested by
https://facai.bd168888.top/
Certificate
IssuerLet's Encrypt
Subjectxkuaa.com
Fingerprint92:25:52:66:98:14:28:10:1A:DF:85:D7:C6:84:4B:61:8B:BD:57:AD
ValiditySat, 28 Oct 2023 06:58:51 GMT - Fri, 26 Jan 2024 06:58:50 GMT

File type
gzip compressed data, from Unix\012- data
Size
88 kB (87781 bytes)
Hash
009d86e443dd4ab3fe103bb0581a9796
ee4debf4e3e22d15b2b60769b30126bbe6ece7da
746743d2317ad716117848f7293418be79291359a8b21827fdde22528d5f16eb

HTTP Headers

GET /static/css/min.css HTTP/1.1
Host: facai.bd168888.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facai.bd168888.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Nov 2023 17:48:45 GMT
content-type: text/css
last-modified: Fri, 10 Mar 2023 14:49:20 GMT
vary: Accept-Encoding
etag: W/"640b4370-527f"
expires: Tue, 07 Nov 2023 05:48:45 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET facai.bd168888.top/static/images/lohqrkdmgghbcps.jpg

38.238.128.26

200 OK

298 kB

URL GET HTTP/2
facai.bd168888.top/static/images/lohqrkdmgghbcps.jpg
IP
38.238.128.26:443
ASN
#174 COGENT-174

Requested by
https://facai.bd168888.top/
Certificate
IssuerLet's Encrypt
Subjectxkuaa.com
Fingerprint92:25:52:66:98:14:28:10:1A:DF:85:D7:C6:84:4B:61:8B:BD:57:AD
ValiditySat, 28 Oct 2023 06:58:51 GMT - Fri, 26 Jan 2024 06:58:50 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 3840x2160, components 3\012- data
Size
298 kB (297607 bytes)
Hash
c034c586205df7e4c907d6184b2b212a
57cf465698c6d9e3f6c69f23e19b2be7fa0e6651
b01124957c860db7fe6dea9e33e9c040a43f3fb47020eba73147ca23be2b15d4

HTTP Headers

GET /static/images/lohqrkdmgghbcps.jpg HTTP/1.1
Host: facai.bd168888.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facai.bd168888.top/static/css/min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Nov 2023 17:48:45 GMT
content-type: image/jpeg
content-length: 297607
last-modified: Fri, 10 Mar 2023 14:49:22 GMT
etag: "640b4372-48a87"
expires: Wed, 06 Dec 2023 17:48:45 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET touchdownhotels.com/favicon.ico

38.207.215.198

200 OK

4.4 kB

URL GET HTTP/1.1
touchdownhotels.com/favicon.ico
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
data
Size
4.4 kB (4361 bytes)
Hash
8ffe524ac15fdf50586ef5dfb5d27d7a
ecc6d0a08adbb4627f534dcd69f73be2ed0313e6
c42cb39154a0e5ca20c3f786bf42474e7f4f3dc87f4a6dfed0c85a0591439d29

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5; _pk_id.1.8f39=73813e4362f297f2.1699292925.; _pk_ses.1.8f39=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:47 GMT
Content-Type: image/ico
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: HttpOnly
Secure
;Max-Age=600
HttpOnly=true

GET facai.bd168888.top/static/picture/photo1.png

38.238.128.26

200 OK

563 kB

URL GET HTTP/2
facai.bd168888.top/static/picture/photo1.png
IP
38.238.128.26:443
ASN
#174 COGENT-174

Requested by
https://facai.bd168888.top/
Certificate
IssuerLet's Encrypt
Subjectxkuaa.com
Fingerprint92:25:52:66:98:14:28:10:1A:DF:85:D7:C6:84:4B:61:8B:BD:57:AD
ValiditySat, 28 Oct 2023 06:58:51 GMT - Fri, 26 Jan 2024 06:58:50 GMT

File type
PNG image data, 1920 x 321, 8-bit/color RGBA, non-interlaced\012- data
Size
563 kB (563438 bytes)
Hash
3fe3e16bdbe3a44482fdb29beba5ae56
06a07ade76628c6eaf7301e4a9c3624e7579d9c1
80a238557f1aea82397cdcd77e3b21c58211c725632a2194b3c3584a986a28b2

HTTP Headers

GET /static/picture/photo1.png HTTP/1.1
Host: facai.bd168888.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facai.bd168888.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Nov 2023 17:48:45 GMT
content-type: image/png
content-length: 563438
last-modified: Fri, 10 Mar 2023 14:49:22 GMT
etag: "640b4372-898ee"
expires: Wed, 06 Dec 2023 17:48:45 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET facai.bd168888.top/static/picture/photo2.png

38.238.128.26

200 OK

421 kB

URL GET HTTP/2
facai.bd168888.top/static/picture/photo2.png
IP
38.238.128.26:443
ASN
#174 COGENT-174

Requested by
https://facai.bd168888.top/
Certificate
IssuerLet's Encrypt
Subjectxkuaa.com
Fingerprint92:25:52:66:98:14:28:10:1A:DF:85:D7:C6:84:4B:61:8B:BD:57:AD
ValiditySat, 28 Oct 2023 06:58:51 GMT - Fri, 26 Jan 2024 06:58:50 GMT

File type
PNG image data, 750 x 455, 8-bit/color RGBA, non-interlaced\012- data
Size
421 kB (420741 bytes)
Hash
4bd9368d94d11b2da46116976ebaeb03
a9c73b3a38ce269da84e59cfc1be4b5e3c758356
0e9e1e5dcad3f85c599bf821162dd4a72bd59227347406f42a3221fb81c00b4a

HTTP Headers

GET /static/picture/photo2.png HTTP/1.1
Host: facai.bd168888.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facai.bd168888.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 06 Nov 2023 17:48:45 GMT
content-type: image/png
content-length: 420741
last-modified: Fri, 10 Mar 2023 14:49:22 GMT
etag: "640b4372-66b85"
expires: Wed, 06 Dec 2023 17:48:45 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET touchdownhotels.com/?uploads/news/img/banner5.png

38.207.215.198

200 OK

1.3 MB

URL GET HTTP/1.1
touchdownhotels.com/?uploads/news/img/banner5.png
IP
38.207.215.198:80
ASN
#174 COGENT-174

Requested by
http://touchdownhotels.com/

File type
data
Size
1.3 MB (1260787 bytes)
Hash
e8b84064b64de61661016ed752d5c16c
cbd5be32b5a7f4a1614f19a0e5a0c432bebc1292
39deb249593451b68fef9825b1e2c05051ffd06db6a798495f75fb1ff6c0fbf0

HTTP Headers

GET /?uploads/news/img/banner5.png HTTP/1.1
Host: touchdownhotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Cookie: PHPSESSID=2r56uc7cseh7duup25uook5fq5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Nov 2023 17:48:44 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

GET hm.baidu.com/hm.js?0cce79fe3ab674da516c3e643e5fcf9b

103.235.46.191

200 OK

11 kB

URL GET HTTP/1.1
hm.baidu.com/hm.js?0cce79fe3ab674da516c3e643e5fcf9b
IP
103.235.46.191:443
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
http://touchdownhotels.com/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
ASCII text, with very long lines (619)
Size
11 kB (11257 bytes)
Hash
67a47fc86634b14e4e3b2d893ad0e3ff
a90e5f45e2fe11d8e5c20e5cf86e0f1ee1415fe2
852e8889e3aafa03963103b04db02002e23656f9345d3161c020ccdcabb485c9

HTTP Headers

GET /hm.js?0cce79fe3ab674da516c3e643e5fcf9b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Mon, 06 Nov 2023 17:48:45 GMT
Etag: 3021f6a932df36bc2038b6742c56c39e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2C7CF8A6A87FF449; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

GET hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1943130780&si=0cce79fe3ab674da516c3e643e5fcf9b&v=1.3.0&lv=1&sn=35914&r=0&ww=1280&u=http%3A%2F%2Ftouchdownhotels.com%2F&tt=%E5%8D%8A%E5%B2%9B%E4%BD%93%E5%BD%A9%C2%B7(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E7%BD%91%E5%85%A5%E5%8F%A3

103.235.46.191

200 OK

43 B

URL GET HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1943130780&si=0cce79fe3ab674da516c3e643e5fcf9b&v=1.3.0&lv=1&sn=35914&r=0&ww=1280&u=http%3A%2F%2Ftouchdownhotels.com%2F&tt=%E5%8D%8A%E5%B2%9B%E4%BD%93%E5%BD%A9%C2%B7(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E7%BD%91%E5%85%A5%E5%8F%A3
IP
103.235.46.191:443
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
http://touchdownhotels.com/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1943130780&si=0cce79fe3ab674da516c3e643e5fcf9b&v=1.3.0&lv=1&sn=35914&r=0&ww=1280&u=http%3A%2F%2Ftouchdownhotels.com%2F&tt=%E5%8D%8A%E5%B2%9B%E4%BD%93%E5%BD%A9%C2%B7(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E7%BD%91%E5%85%A5%E5%8F%A3 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://touchdownhotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 06 Nov 2023 17:48:49 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=859042FCBD0054DC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

GET facai.bd168888.top/static/images/boblogo.png

38.238.128.26

200 OK

84 kB

URL GET HTTP/2
facai.bd168888.top/static/images/boblogo.png
IP
38.238.128.26:443
ASN
#174 COGENT-174

Requested by
https://facai.bd168888.top/
Certificate
IssuerLet's Encrypt
Subjectxkuaa.com
Fingerprint92:25:52:66:98:14:28:10:1A:DF:85:D7:C6:84:4B:61:8B:BD:57:AD
ValiditySat, 28 Oct 2023 06:58:51 GMT - Fri, 26 Jan 2024 06:58:50 GMT

File type
PNG image data, 690 x 238, 8-bit/color RGBA, non-interlaced\012- data
Size
84 kB (84169 bytes)
Hash
7b4a62a3133f13f2128c0e632b6aa317
c9652a1e6cc4d2210cf8383d63a4bea012ee24f1
b5af0e32e9c964cd776704e47e8d1ba17b8a0f75d0183559572c0e7aa29cfdd2

HTTP Headers

GET /static/images/boblogo.png HTTP/1.1
Host: facai.bd168888.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facai.bd168888.top/static/css/min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 06 Nov 2023 17:48:45 GMT
content-type: image/png
content-length: 84169
last-modified: Fri, 10 Mar 2023 14:49:20 GMT
etag: "640b4370-148c9"
expires: Wed, 06 Dec 2023 17:48:45 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET facai.bd168888.top/static/images/icon01.png

38.238.128.26

200 OK

1.4 kB

URL GET HTTP/2
facai.bd168888.top/static/images/icon01.png
IP
38.238.128.26:443
ASN
#174 COGENT-174

Requested by
https://facai.bd168888.top/
Certificate
IssuerLet's Encrypt
Subjectxkuaa.com
Fingerprint92:25:52:66:98:14:28:10:1A:DF:85:D7:C6:84:4B:61:8B:BD:57:AD
ValiditySat, 28 Oct 2023 06:58:51 GMT - Fri, 26 Jan 2024 06:58:50 GMT

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1361 bytes)
Hash
4d7bf947489da9b78fdd670d23d2e475
ae61860968a40cf84320f00f6a66332a0da7a7c5
cd9de1e15c10c61911c36f848266f63d35263c153c7b526b98aaab99954954f6

HTTP Headers

GET /static/images/icon01.png HTTP/1.1
Host: facai.bd168888.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://facai.bd168888.top/static/css/min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 06 Nov 2023 17:48:45 GMT
content-type: image/png
content-length: 1361
last-modified: Fri, 10 Mar 2023 14:49:22 GMT
etag: "640b4372-551"
expires: Wed, 06 Dec 2023 17:48:45 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (73)

URL User Request GET HTTP/1.1

IP