Analysis

  • max time kernel
    145s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02-10-2024 01:22

General

  • Target

    083c0a7961f296522b9f867e022dfe48_JaffaCakes118.html

  • Size

    103KB

  • MD5

    083c0a7961f296522b9f867e022dfe48

  • SHA1

    9dc18f45cf2e4caa40c0ff002370f95349a245c2

  • SHA256

    bdcf08abd671d05c5c26809a5c6acead38f08b8d80644445a737bbf554aef7d6

  • SHA512

    2b98cd71bf0502b85414026818ccdf1ae0ab9023fcf9b9fe7025e6afe18ddbf264e5a109d1950b004d65b802650df2b3e10f7e93e6a3c730143af3f00f878bf1

  • SSDEEP

    768:nlqGQO57+LKZwWjeTA81BLJvYNoIHvdiGdTrSGZSdlYdlaL:nlqGQO57+LKZXNoIH1iGdTrSGZQke

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\083c0a7961f296522b9f867e022dfe48_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1856
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcc0da46f8,0x7ffcc0da4708,0x7ffcc0da4718
      2⤵
        PID:1536
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,12352692227513405498,15428098648208425516,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
        2⤵
          PID:4856
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,12352692227513405498,15428098648208425516,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:3968
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,12352692227513405498,15428098648208425516,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2904 /prefetch:8
          2⤵
            PID:3284
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,12352692227513405498,15428098648208425516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
            2⤵
              PID:4136
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,12352692227513405498,15428098648208425516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
              2⤵
                PID:4852
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,12352692227513405498,15428098648208425516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4260 /prefetch:1
                2⤵
                  PID:1588
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,12352692227513405498,15428098648208425516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4576 /prefetch:1
                  2⤵
                    PID:1832
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,12352692227513405498,15428098648208425516,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6220 /prefetch:8
                    2⤵
                      PID:4500
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,12352692227513405498,15428098648208425516,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6220 /prefetch:8
                      2⤵
                      • Suspicious behavior: EnumeratesProcesses
                      PID:436
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,12352692227513405498,15428098648208425516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1
                      2⤵
                        PID:4340
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,12352692227513405498,15428098648208425516,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5900 /prefetch:1
                        2⤵
                          PID:3144
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,12352692227513405498,15428098648208425516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4212 /prefetch:1
                          2⤵
                            PID:2448
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,12352692227513405498,15428098648208425516,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2176 /prefetch:1
                            2⤵
                              PID:2848
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,12352692227513405498,15428098648208425516,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2
                              2⤵
                              • Suspicious behavior: EnumeratesProcesses
                              PID:4428
                          • C:\Windows\System32\CompPkgSrv.exe
                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                            1⤵
                              PID:3760
                            • C:\Windows\System32\CompPkgSrv.exe
                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                              1⤵
                                PID:4484

                              Network

                              • flag-us
                                DNS
                                133.211.185.52.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                133.211.185.52.in-addr.arpa
                                IN PTR
                                Response
                              • flag-us
                                DNS
                                hostads.cn
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                hostads.cn
                                IN A
                                Response
                                hostads.cn
                                IN A
                                101.33.116.226
                              • flag-us
                                DNS
                                pligg.tac-bf2.fr
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                pligg.tac-bf2.fr
                                IN A
                                Response
                              • flag-hk
                                GET
                                http://hostads.cn/
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET / HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                Upgrade-Insecure-Requests: 1
                                DNT: 1
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:22:56 GMT
                                Content-Type: text/html
                                Transfer-Encoding: chunked
                                Connection: keep-alive
                                Vary: Accept-Encoding
                                Content-Encoding: gzip
                              • flag-hk
                                GET
                                http://hostads.cn/base/templates/css/common.css
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /base/templates/css/common.css HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: text/css,*/*;q=0.1
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:22:57 GMT
                                Content-Type: text/css
                                Last-Modified: Sun, 12 May 2019 04:24:02 GMT
                                Transfer-Encoding: chunked
                                Connection: keep-alive
                                Vary: Accept-Encoding
                                ETag: W/"5cd79fe2-f3a"
                                Expires: Wed, 02 Oct 2024 13:22:57 GMT
                                Cache-Control: max-age=43200
                                Content-Encoding: gzip
                              • flag-hk
                                GET
                                http://hostads.cn/menu/js/dropmenu47.js
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /menu/js/dropmenu47.js HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: */*
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:22:57 GMT
                                Content-Type: application/javascript
                                Content-Length: 720
                                Last-Modified: Tue, 29 Jun 2021 18:51:55 GMT
                                Connection: keep-alive
                                ETag: "60db6bcb-2d0"
                                Expires: Wed, 02 Oct 2024 13:22:57 GMT
                                Cache-Control: max-age=43200
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/product/js/productlist_roll.js
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /product/js/productlist_roll.js HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: */*
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:22:57 GMT
                                Content-Type: application/javascript
                                Last-Modified: Wed, 07 Apr 2010 05:51:18 GMT
                                Transfer-Encoding: chunked
                                Connection: keep-alive
                                Vary: Accept-Encoding
                                ETag: W/"4bbc1d56-1b85"
                                Expires: Wed, 02 Oct 2024 13:22:57 GMT
                                Cache-Control: max-age=43200
                                Content-Encoding: gzip
                              • flag-hk
                                GET
                                http://hostads.cn/product/pics/20210701/1625130732.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /product/pics/20210701/1625130732.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:22:58 GMT
                                Content-Type: image/jpeg
                                Content-Length: 85440
                                Last-Modified: Thu, 01 Jul 2021 09:12:12 GMT
                                Connection: keep-alive
                                ETag: "60dd86ec-14dc0"
                                Expires: Fri, 01 Nov 2024 01:22:58 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/news/pics/20201118/1605686676.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /news/pics/20201118/1605686676.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:23:03 GMT
                                Content-Type: image/jpeg
                                Content-Length: 147506
                                Last-Modified: Wed, 18 Nov 2020 08:04:36 GMT
                                Connection: keep-alive
                                ETag: "5fb4d594-24032"
                                Expires: Fri, 01 Nov 2024 01:23:03 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/news/pics/20201117/1605602396.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /news/pics/20201117/1605602396.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:23:08 GMT
                                Content-Type: image/jpeg
                                Content-Length: 171249
                                Last-Modified: Tue, 17 Nov 2020 08:39:56 GMT
                                Connection: keep-alive
                                ETag: "5fb38c5c-29cf1"
                                Expires: Fri, 01 Nov 2024 01:23:08 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/news/pics/20201117/1605593055.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /news/pics/20201117/1605593055.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:23:13 GMT
                                Content-Type: image/jpeg
                                Content-Length: 146535
                                Last-Modified: Tue, 17 Nov 2020 06:04:15 GMT
                                Connection: keep-alive
                                ETag: "5fb367df-23c67"
                                Expires: Fri, 01 Nov 2024 01:23:13 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/news/pics/20201117/1605588110.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /news/pics/20201117/1605588110.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:23:17 GMT
                                Content-Type: image/jpeg
                                Content-Length: 146252
                                Last-Modified: Tue, 17 Nov 2020 04:41:50 GMT
                                Connection: keep-alive
                                ETag: "5fb3548e-23b4c"
                                Expires: Fri, 01 Nov 2024 01:23:17 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/news/pics/20201116/1605518254.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /news/pics/20201116/1605518254.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:23:22 GMT
                                Content-Type: image/jpeg
                                Content-Length: 168297
                                Last-Modified: Mon, 16 Nov 2020 09:17:34 GMT
                                Connection: keep-alive
                                ETag: "5fb243ae-29169"
                                Expires: Fri, 01 Nov 2024 01:23:22 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/news/pics/20201116/1605504958.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /news/pics/20201116/1605504958.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:23:27 GMT
                                Content-Type: image/jpeg
                                Content-Length: 143593
                                Last-Modified: Mon, 16 Nov 2020 05:35:58 GMT
                                Connection: keep-alive
                                ETag: "5fb20fbe-230e9"
                                Expires: Fri, 01 Nov 2024 01:23:27 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/news/pics/20201116/1605462464.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /news/pics/20201116/1605462464.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:23:30 GMT
                                Content-Type: image/jpeg
                                Content-Length: 158575
                                Last-Modified: Sun, 15 Nov 2020 17:47:44 GMT
                                Connection: keep-alive
                                ETag: "5fb169c0-26b6f"
                                Expires: Fri, 01 Nov 2024 01:23:30 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/diy/pics/20101016/1287196120.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /diy/pics/20101016/1287196120.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:23:33 GMT
                                Content-Type: image/jpeg
                                Content-Length: 10932
                                Last-Modified: Wed, 27 Oct 2010 01:39:06 GMT
                                Connection: keep-alive
                                ETag: "4cc782ba-2ab4"
                                Expires: Fri, 01 Nov 2024 01:23:33 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-gb
                                GET
                                http://pagead2.googlesyndication.com/pagead/show_ads.js
                                msedge.exe
                                Remote address:
                                142.250.187.194:80
                                Request
                                GET /pagead/show_ads.js HTTP/1.1
                                Host: pagead2.googlesyndication.com
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: */*
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
                                Timing-Allow-Origin: *
                                Cross-Origin-Resource-Policy: cross-origin
                                Vary: Accept-Encoding
                                Date: Wed, 02 Oct 2024 01:22:56 GMT
                                Expires: Wed, 02 Oct 2024 01:22:56 GMT
                                Cache-Control: private, max-age=3600
                                Content-Type: text/javascript; charset=UTF-8
                                ETag: 4521823051691364861
                                X-Content-Type-Options: nosniff
                                Content-Disposition: attachment; filename="f.txt"
                                Content-Encoding: gzip
                                Server: cafe
                                Content-Length: 10595
                                X-XSS-Protection: 0
                              • flag-hk
                                GET
                                http://hostads.cn/base/js/base.js
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /base/js/base.js HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: */*
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:22:57 GMT
                                Content-Type: application/javascript
                                Last-Modified: Sat, 11 May 2019 17:54:02 GMT
                                Transfer-Encoding: chunked
                                Connection: keep-alive
                                Vary: Accept-Encoding
                                ETag: W/"5cd70c3a-13339"
                                Expires: Wed, 02 Oct 2024 13:22:57 GMT
                                Cache-Control: max-age=43200
                                Content-Encoding: gzip
                              • flag-us
                                DNS
                                googleads.g.doubleclick.net
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                googleads.g.doubleclick.net
                                IN A
                                Response
                                googleads.g.doubleclick.net
                                IN A
                                142.250.187.194
                              • flag-gb
                                GET
                                http://www.google-analytics.com/ga.js
                                msedge.exe
                                Remote address:
                                142.250.179.238:80
                                Request
                                GET /ga.js HTTP/1.1
                                Host: www.google-analytics.com
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                Intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
                                DNT: 1
                                Accept: */*
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                X-Content-Type-Options: nosniff
                                Content-Encoding: gzip
                                Cross-Origin-Resource-Policy: cross-origin
                                Server: Golfe2
                                Content-Length: 17168
                                Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:215:0
                                Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting
                                Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:215:0"}],}
                                Date: Wed, 02 Oct 2024 00:49:32 GMT
                                Expires: Wed, 02 Oct 2024 02:49:32 GMT
                                Cache-Control: public, max-age=7200
                                Age: 2004
                                Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
                                Content-Type: text/javascript
                                Vary: Accept-Encoding
                              • flag-us
                                DNS
                                240.221.184.93.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                240.221.184.93.in-addr.arpa
                                IN PTR
                                Response
                              • flag-us
                                DNS
                                23.159.190.20.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                23.159.190.20.in-addr.arpa
                                IN PTR
                                Response
                              • flag-us
                                DNS
                                194.187.250.142.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                194.187.250.142.in-addr.arpa
                                IN PTR
                                Response
                                194.187.250.142.in-addr.arpa
                                IN PTR
                                lhr25s33-in-f21e100net
                              • flag-us
                                DNS
                                226.116.33.101.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                226.116.33.101.in-addr.arpa
                                IN PTR
                                Response
                              • flag-us
                                DNS
                                238.179.250.142.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                238.179.250.142.in-addr.arpa
                                IN PTR
                                Response
                                238.179.250.142.in-addr.arpa
                                IN PTR
                                lhr25s31-in-f141e100net
                              • flag-hk
                                GET
                                http://hostads.cn/base/js/common.js
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /base/js/common.js HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: */*
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:22:57 GMT
                                Content-Type: application/javascript
                                Last-Modified: Sun, 12 May 2019 12:49:44 GMT
                                Transfer-Encoding: chunked
                                Connection: keep-alive
                                Vary: Accept-Encoding
                                ETag: W/"5cd81668-2f8c"
                                Expires: Wed, 02 Oct 2024 13:22:57 GMT
                                Cache-Control: max-age=43200
                                Content-Encoding: gzip
                              • flag-hk
                                GET
                                http://hostads.cn/product/templates/css/productclass_dolphin.css
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /product/templates/css/productclass_dolphin.css HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: text/css,*/*;q=0.1
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:22:57 GMT
                                Content-Type: text/css
                                Content-Length: 534
                                Last-Modified: Fri, 22 Oct 2010 01:44:52 GMT
                                Connection: keep-alive
                                ETag: "4cc0ec94-216"
                                Expires: Wed, 02 Oct 2024 13:22:57 GMT
                                Cache-Control: max-age=43200
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/news/templates/css/newspicmemo.css
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /news/templates/css/newspicmemo.css HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: text/css,*/*;q=0.1
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:22:57 GMT
                                Content-Type: text/css
                                Content-Length: 780
                                Last-Modified: Fri, 09 Jan 2009 01:20:18 GMT
                                Connection: keep-alive
                                ETag: "4966a652-30c"
                                Expires: Wed, 02 Oct 2024 13:22:57 GMT
                                Cache-Control: max-age=43200
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/diy/pics/20101026/1288073960.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /diy/pics/20101026/1288073960.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:22:58 GMT
                                Content-Type: image/jpeg
                                Content-Length: 4477
                                Last-Modified: Tue, 26 Oct 2010 06:19:22 GMT
                                Connection: keep-alive
                                ETag: "4cc672ea-117d"
                                Expires: Fri, 01 Nov 2024 01:22:58 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/product/pics/20210702/1625162609.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /product/pics/20210702/1625162609.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:22:58 GMT
                                Content-Type: image/jpeg
                                Content-Length: 62311
                                Last-Modified: Thu, 01 Jul 2021 18:03:29 GMT
                                Connection: keep-alive
                                ETag: "60de0371-f367"
                                Expires: Fri, 01 Nov 2024 01:22:58 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/product/pics/20210701/1625129032.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /product/pics/20210701/1625129032.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:22:59 GMT
                                Content-Type: image/jpeg
                                Content-Length: 80626
                                Last-Modified: Thu, 01 Jul 2021 08:43:52 GMT
                                Connection: keep-alive
                                ETag: "60dd8048-13af2"
                                Expires: Fri, 01 Nov 2024 01:22:59 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/product/pics/20210701/1625124800.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /product/pics/20210701/1625124800.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:23:02 GMT
                                Content-Type: image/jpeg
                                Content-Length: 78841
                                Last-Modified: Thu, 01 Jul 2021 07:33:20 GMT
                                Connection: keep-alive
                                ETag: "60dd6fc0-133f9"
                                Expires: Fri, 01 Nov 2024 01:23:02 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/news/pics/20201117/1605603859.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /news/pics/20201117/1605603859.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:23:07 GMT
                                Content-Type: image/jpeg
                                Content-Length: 156906
                                Last-Modified: Tue, 17 Nov 2020 09:04:19 GMT
                                Connection: keep-alive
                                ETag: "5fb39213-264ea"
                                Expires: Fri, 01 Nov 2024 01:23:07 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/news/pics/20201117/1605595721.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /news/pics/20201117/1605595721.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:23:12 GMT
                                Content-Type: image/jpeg
                                Content-Length: 158404
                                Last-Modified: Tue, 17 Nov 2020 06:48:41 GMT
                                Connection: keep-alive
                                ETag: "5fb37249-26ac4"
                                Expires: Fri, 01 Nov 2024 01:23:12 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/news/pics/20201117/1605590873.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /news/pics/20201117/1605590873.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:23:17 GMT
                                Content-Type: image/jpeg
                                Content-Length: 166874
                                Last-Modified: Tue, 17 Nov 2020 05:27:53 GMT
                                Connection: keep-alive
                                ETag: "5fb35f59-28bda"
                                Expires: Fri, 01 Nov 2024 01:23:17 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/news/pics/20201116/1605540491.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /news/pics/20201116/1605540491.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:23:21 GMT
                                Content-Type: image/jpeg
                                Content-Length: 140347
                                Last-Modified: Mon, 16 Nov 2020 15:28:11 GMT
                                Connection: keep-alive
                                ETag: "5fb29a8b-2243b"
                                Expires: Fri, 01 Nov 2024 01:23:21 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/news/pics/20201116/1605463384.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /news/pics/20201116/1605463384.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:23:27 GMT
                                Content-Type: image/jpeg
                                Content-Length: 175321
                                Last-Modified: Sun, 15 Nov 2020 18:03:04 GMT
                                Connection: keep-alive
                                ETag: "5fb16d58-2acd9"
                                Expires: Fri, 01 Nov 2024 01:23:27 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/news/pics/20201116/1605461543.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /news/pics/20201116/1605461543.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:23:32 GMT
                                Content-Type: image/jpeg
                                Content-Length: 190496
                                Last-Modified: Sun, 15 Nov 2020 17:32:23 GMT
                                Connection: keep-alive
                                ETag: "5fb16627-2e820"
                                Expires: Fri, 01 Nov 2024 01:23:32 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/base/js/form.js
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /base/js/form.js HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: */*
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:22:57 GMT
                                Content-Type: application/javascript
                                Last-Modified: Sat, 11 May 2019 17:54:02 GMT
                                Transfer-Encoding: chunked
                                Connection: keep-alive
                                Vary: Accept-Encoding
                                ETag: W/"5cd70c3a-3fd4"
                                Expires: Wed, 02 Oct 2024 13:22:57 GMT
                                Cache-Control: max-age=43200
                                Content-Encoding: gzip
                              • flag-hk
                                GET
                                http://hostads.cn/menu/templates/images/bottommenu_1/A.css
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /menu/templates/images/bottommenu_1/A.css HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: text/css,*/*;q=0.1
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:22:58 GMT
                                Content-Type: text/css
                                Content-Length: 489
                                Last-Modified: Wed, 27 Oct 2010 02:17:28 GMT
                                Connection: keep-alive
                                ETag: "4cc78bb8-1e9"
                                Expires: Wed, 02 Oct 2024 13:22:58 GMT
                                Cache-Control: max-age=43200
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/diy/pics/20210724/1627121985.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /diy/pics/20210724/1627121985.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:22:58 GMT
                                Content-Type: image/jpeg
                                Content-Length: 174180
                                Last-Modified: Sat, 24 Jul 2021 10:19:45 GMT
                                Connection: keep-alive
                                ETag: "60fbe941-2a864"
                                Expires: Fri, 01 Nov 2024 01:22:58 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/news/pics/20201117/1605599136.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /news/pics/20201117/1605599136.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:23:08 GMT
                                Content-Type: image/jpeg
                                Content-Length: 187214
                                Last-Modified: Tue, 17 Nov 2020 07:45:36 GMT
                                Connection: keep-alive
                                ETag: "5fb37fa0-2db4e"
                                Expires: Fri, 01 Nov 2024 01:23:08 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/news/pics/20201116/1605505945.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /news/pics/20201116/1605505945.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:23:27 GMT
                                Content-Type: image/jpeg
                                Content-Length: 113673
                                Last-Modified: Mon, 16 Nov 2020 05:52:25 GMT
                                Connection: keep-alive
                                ETag: "5fb21399-1bc09"
                                Expires: Fri, 01 Nov 2024 01:23:27 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/menu/templates/css/dropmenu47.css
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /menu/templates/css/dropmenu47.css HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: text/css,*/*;q=0.1
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:22:57 GMT
                                Content-Type: text/css
                                Last-Modified: Tue, 29 Jun 2021 18:51:55 GMT
                                Transfer-Encoding: chunked
                                Connection: keep-alive
                                Vary: Accept-Encoding
                                ETag: W/"60db6bcb-526"
                                Expires: Wed, 02 Oct 2024 13:22:57 GMT
                                Cache-Control: max-age=43200
                                Content-Encoding: gzip
                              • flag-hk
                                GET
                                http://hostads.cn/product/templates/css/productlist_roll.css
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /product/templates/css/productlist_roll.css HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: text/css,*/*;q=0.1
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:22:57 GMT
                                Content-Type: text/css
                                Last-Modified: Wed, 27 Oct 2010 05:32:32 GMT
                                Transfer-Encoding: chunked
                                Connection: keep-alive
                                Vary: Accept-Encoding
                                ETag: W/"4cc7b970-772"
                                Expires: Wed, 02 Oct 2024 13:22:57 GMT
                                Cache-Control: max-age=43200
                                Content-Encoding: gzip
                              • flag-hk
                                GET
                                http://hostads.cn/product/pics/20210701/1625133088.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /product/pics/20210701/1625133088.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:22:58 GMT
                                Content-Type: image/jpeg
                                Content-Length: 65853
                                Last-Modified: Thu, 01 Jul 2021 09:51:28 GMT
                                Connection: keep-alive
                                ETag: "60dd9020-1013d"
                                Expires: Fri, 01 Nov 2024 01:22:58 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-hk
                                GET
                                http://hostads.cn/base/js/blockui.js
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /base/js/blockui.js HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: */*
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:22:57 GMT
                                Content-Type: application/javascript
                                Last-Modified: Sat, 11 May 2019 17:39:58 GMT
                                Transfer-Encoding: chunked
                                Connection: keep-alive
                                Vary: Accept-Encoding
                                ETag: W/"5cd708ee-312b"
                                Expires: Wed, 02 Oct 2024 13:22:57 GMT
                                Cache-Control: max-age=43200
                                Content-Encoding: gzip
                              • flag-hk
                                GET
                                http://hostads.cn/product/pics/20210701/1625126051.jpg
                                msedge.exe
                                Remote address:
                                101.33.116.226:80
                                Request
                                GET /product/pics/20210701/1625126051.jpg HTTP/1.1
                                Host: hostads.cn
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                Referer: http://hostads.cn/
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Server: nginx
                                Date: Wed, 02 Oct 2024 01:23:00 GMT
                                Content-Type: image/jpeg
                                Content-Length: 49512
                                Last-Modified: Thu, 01 Jul 2021 07:54:11 GMT
                                Connection: keep-alive
                                ETag: "60dd74a3-c168"
                                Expires: Fri, 01 Nov 2024 01:23:00 GMT
                                Cache-Control: max-age=2592000
                                Accept-Ranges: bytes
                              • flag-us
                                DNS
                                97.17.167.52.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                97.17.167.52.in-addr.arpa
                                IN PTR
                                Response
                              • flag-us
                                DNS
                                97.17.167.52.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                97.17.167.52.in-addr.arpa
                                IN PTR
                              • flag-us
                                DNS
                                154.239.44.20.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                154.239.44.20.in-addr.arpa
                                IN PTR
                                Response
                              • flag-us
                                DNS
                                26.165.165.52.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                26.165.165.52.in-addr.arpa
                                IN PTR
                                Response
                              • flag-us
                                DNS
                                198.187.3.20.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                198.187.3.20.in-addr.arpa
                                IN PTR
                                Response
                              • flag-us
                                DNS
                                172.210.232.199.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                172.210.232.199.in-addr.arpa
                                IN PTR
                                Response
                              • flag-us
                                DNS
                                tpc.googlesyndication.com
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                tpc.googlesyndication.com
                                IN A
                                Response
                                tpc.googlesyndication.com
                                IN A
                                142.250.200.33
                              • flag-gb
                                GET
                                https://tpc.googlesyndication.com/sodar/sodar2.js
                                msedge.exe
                                Remote address:
                                142.250.200.33:443
                                Request
                                GET /sodar/sodar2.js HTTP/2.0
                                host: tpc.googlesyndication.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                dnt: 1
                                sec-ch-ua-mobile: ?0
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                accept: */*
                                sec-fetch-site: cross-site
                                sec-fetch-mode: no-cors
                                sec-fetch-dest: script
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                              • flag-us
                                DNS
                                33.200.250.142.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                33.200.250.142.in-addr.arpa
                                IN PTR
                                Response
                                33.200.250.142.in-addr.arpa
                                IN PTR
                                lhr48s30-in-f11e100net
                              • flag-us
                                DNS
                                23.236.111.52.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                23.236.111.52.in-addr.arpa
                                IN PTR
                                Response
                              • 101.33.116.226:80
                                http://hostads.cn/diy/pics/20101016/1287196120.jpg
                                http
                                msedge.exe
                                35.6kB
                                1.2MB
                                617
                                898

                                HTTP Request

                                GET http://hostads.cn/

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/base/templates/css/common.css

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/menu/js/dropmenu47.js

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/product/js/productlist_roll.js

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/product/pics/20210701/1625130732.jpg

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/news/pics/20201118/1605686676.jpg

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/news/pics/20201117/1605602396.jpg

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/news/pics/20201117/1605593055.jpg

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/news/pics/20201117/1605588110.jpg

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/news/pics/20201116/1605518254.jpg

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/news/pics/20201116/1605504958.jpg

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/news/pics/20201116/1605462464.jpg

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/diy/pics/20101016/1287196120.jpg

                                HTTP Response

                                200
                              • 142.250.187.194:80
                                http://pagead2.googlesyndication.com/pagead/show_ads.js
                                http
                                msedge.exe
                                834 B
                                11.8kB
                                11
                                14

                                HTTP Request

                                GET http://pagead2.googlesyndication.com/pagead/show_ads.js

                                HTTP Response

                                200
                              • 101.33.116.226:80
                                http://hostads.cn/base/js/base.js
                                http
                                msedge.exe
                                1.7kB
                                31.9kB
                                27
                                28

                                HTTP Request

                                GET http://hostads.cn/base/js/base.js

                                HTTP Response

                                200
                              • 142.250.179.238:80
                                http://www.google-analytics.com/ga.js
                                http
                                msedge.exe
                                1.0kB
                                18.8kB
                                13
                                19

                                HTTP Request

                                GET http://www.google-analytics.com/ga.js

                                HTTP Response

                                200
                              • 101.33.116.226:80
                                http://hostads.cn/news/pics/20201116/1605461543.jpg
                                http
                                msedge.exe
                                37.2kB
                                1.3MB
                                652
                                913

                                HTTP Request

                                GET http://hostads.cn/base/js/common.js

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/product/templates/css/productclass_dolphin.css

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/news/templates/css/newspicmemo.css

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/diy/pics/20101026/1288073960.jpg

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/product/pics/20210702/1625162609.jpg

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/product/pics/20210701/1625129032.jpg

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/product/pics/20210701/1625124800.jpg

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/news/pics/20201117/1605603859.jpg

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/news/pics/20201117/1605595721.jpg

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/news/pics/20201117/1605590873.jpg

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/news/pics/20201116/1605540491.jpg

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/news/pics/20201116/1605463384.jpg

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/news/pics/20201116/1605461543.jpg

                                HTTP Response

                                200
                              • 101.33.116.226:80
                                http://hostads.cn/news/pics/20201116/1605505945.jpg
                                http
                                msedge.exe
                                16.7kB
                                498.3kB
                                297
                                364

                                HTTP Request

                                GET http://hostads.cn/base/js/form.js

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/menu/templates/images/bottommenu_1/A.css

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/diy/pics/20210724/1627121985.jpg

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/news/pics/20201117/1605599136.jpg

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/news/pics/20201116/1605505945.jpg

                                HTTP Response

                                200
                              • 101.33.116.226:80
                                http://hostads.cn/product/pics/20210701/1625133088.jpg
                                http
                                msedge.exe
                                3.7kB
                                70.3kB
                                45
                                57

                                HTTP Request

                                GET http://hostads.cn/menu/templates/css/dropmenu47.css

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/product/templates/css/productlist_roll.css

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/product/pics/20210701/1625133088.jpg

                                HTTP Response

                                200
                              • 101.33.116.226:80
                                http://hostads.cn/product/pics/20210701/1625126051.jpg
                                http
                                msedge.exe
                                2.6kB
                                56.7kB
                                38
                                46

                                HTTP Request

                                GET http://hostads.cn/base/js/blockui.js

                                HTTP Response

                                200

                                HTTP Request

                                GET http://hostads.cn/product/pics/20210701/1625126051.jpg

                                HTTP Response

                                200
                              • 142.250.200.33:443
                                https://tpc.googlesyndication.com/sodar/sodar2.js
                                tls, http2
                                msedge.exe
                                1.8kB
                                13.2kB
                                15
                                18

                                HTTP Request

                                GET https://tpc.googlesyndication.com/sodar/sodar2.js
                              • 52.111.243.31:443
                                322 B
                                7
                              • 8.8.8.8:53
                                133.211.185.52.in-addr.arpa
                                dns
                                73 B
                                147 B
                                1
                                1

                                DNS Request

                                133.211.185.52.in-addr.arpa

                              • 8.8.8.8:53
                                hostads.cn
                                dns
                                msedge.exe
                                56 B
                                72 B
                                1
                                1

                                DNS Request

                                hostads.cn

                                DNS Response

                                101.33.116.226

                              • 8.8.8.8:53
                                pligg.tac-bf2.fr
                                dns
                                msedge.exe
                                62 B
                                120 B
                                1
                                1

                                DNS Request

                                pligg.tac-bf2.fr

                              • 8.8.8.8:53
                                googleads.g.doubleclick.net
                                dns
                                msedge.exe
                                73 B
                                89 B
                                1
                                1

                                DNS Request

                                googleads.g.doubleclick.net

                                DNS Response

                                142.250.187.194

                              • 8.8.8.8:53
                                240.221.184.93.in-addr.arpa
                                dns
                                73 B
                                144 B
                                1
                                1

                                DNS Request

                                240.221.184.93.in-addr.arpa

                              • 8.8.8.8:53
                                23.159.190.20.in-addr.arpa
                                dns
                                72 B
                                158 B
                                1
                                1

                                DNS Request

                                23.159.190.20.in-addr.arpa

                              • 8.8.8.8:53
                                194.187.250.142.in-addr.arpa
                                dns
                                74 B
                                112 B
                                1
                                1

                                DNS Request

                                194.187.250.142.in-addr.arpa

                              • 8.8.8.8:53
                                226.116.33.101.in-addr.arpa
                                dns
                                73 B
                                130 B
                                1
                                1

                                DNS Request

                                226.116.33.101.in-addr.arpa

                              • 8.8.8.8:53
                                238.179.250.142.in-addr.arpa
                                dns
                                74 B
                                113 B
                                1
                                1

                                DNS Request

                                238.179.250.142.in-addr.arpa

                              • 224.0.0.251:5353
                                msedge.exe
                                510 B
                                8
                              • 8.8.8.8:53
                                97.17.167.52.in-addr.arpa
                                dns
                                142 B
                                145 B
                                2
                                1

                                DNS Request

                                97.17.167.52.in-addr.arpa

                                DNS Request

                                97.17.167.52.in-addr.arpa

                              • 8.8.8.8:53
                                154.239.44.20.in-addr.arpa
                                dns
                                72 B
                                158 B
                                1
                                1

                                DNS Request

                                154.239.44.20.in-addr.arpa

                              • 8.8.8.8:53
                                26.165.165.52.in-addr.arpa
                                dns
                                72 B
                                146 B
                                1
                                1

                                DNS Request

                                26.165.165.52.in-addr.arpa

                              • 8.8.8.8:53
                                198.187.3.20.in-addr.arpa
                                dns
                                71 B
                                157 B
                                1
                                1

                                DNS Request

                                198.187.3.20.in-addr.arpa

                              • 8.8.8.8:53
                                172.210.232.199.in-addr.arpa
                                dns
                                74 B
                                128 B
                                1
                                1

                                DNS Request

                                172.210.232.199.in-addr.arpa

                              • 8.8.8.8:53
                                tpc.googlesyndication.com
                                dns
                                msedge.exe
                                71 B
                                87 B
                                1
                                1

                                DNS Request

                                tpc.googlesyndication.com

                                DNS Response

                                142.250.200.33

                              • 142.250.200.33:443
                                tpc.googlesyndication.com
                                https
                                msedge.exe
                                4.1kB
                                12.5kB
                                13
                                14
                              • 8.8.8.8:53
                                33.200.250.142.in-addr.arpa
                                dns
                                73 B
                                111 B
                                1
                                1

                                DNS Request

                                33.200.250.142.in-addr.arpa

                              • 8.8.8.8:53
                                23.236.111.52.in-addr.arpa
                                dns
                                72 B
                                158 B
                                1
                                1

                                DNS Request

                                23.236.111.52.in-addr.arpa

                              MITRE ATT&CK Enterprise v15

                              Replay Monitor

                              Loading Replay Monitor...

                              Downloads

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                Filesize

                                152B

                                MD5

                                ecf7ca53c80b5245e35839009d12f866

                                SHA1

                                a7af77cf31d410708ebd35a232a80bddfb0615bb

                                SHA256

                                882a513b71b26210ff251769b82b2c5d59a932f96d9ce606ca2fab6530a13687

                                SHA512

                                706722bd22ce27d854036b1b16e6a3cdb36284b66edc76238a79c2e11cee7d1307b121c898ad832eb1af73e4f08d991d64dc0bff529896ffb4ebe9b3dc381696

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                Filesize

                                152B

                                MD5

                                4dd2754d1bea40445984d65abee82b21

                                SHA1

                                4b6a5658bae9a784a370a115fbb4a12e92bd3390

                                SHA256

                                183b8e82a0deaa83d04736553671cedb738adc909f483b3c5f822a0e6be7477d

                                SHA512

                                92d44ee372ad33f892b921efa6cabc78e91025e89f05a22830763217826fa98d51d55711f85c8970ac58abf9adc6c85cc40878032cd6d2589ab226cd099f99e1

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                Filesize

                                192B

                                MD5

                                24fd909f291836b1c0cc35bc01d3ed8b

                                SHA1

                                436716b3bb1fded02d3c42098e585260e12191e6

                                SHA256

                                495ba2d2ab8f10f4ab3585c8bfcc8be4a04987a061c5341034be3a60c5d81fc5

                                SHA512

                                2395576156fd47f0b942dade0f76b2600e2ea4ff345755cec3232092539531727c517ce6c0e2e6ec3322c6ea70c2d3e6bae0a34662fc7b5c49355c5e87b03014

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                Filesize

                                613B

                                MD5

                                2dca09cd821914ab24b2e9d2eaec11f5

                                SHA1

                                0c253d1a9196eef7b4c63f51b76d6993e4d74e1c

                                SHA256

                                73ba4e52f259867215f64ce33c53bad6ac562736085c2e64de6aa16152ea36b6

                                SHA512

                                f9f49994438f908ee0a6cc51321a9994b74fe3a5bb9c1efcd598411337e4efd3d669be52444c1d78a5d533a0658045258f0c9b687dd1f161319727471617078e

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                Filesize

                                5KB

                                MD5

                                215d686932023dfe12d33d2ef938992b

                                SHA1

                                c7f725b263e4865554652745514e2c3b98156321

                                SHA256

                                ebc45ab518688256464c7d0952fdaa5316f60deb3c4050e4768d9e3a15c3293f

                                SHA512

                                c767dedfa7a7e8343f75517ed36d3cf49f904968a0eaab4e663e8f84c3b3131109abf1a7a94b0cdf4eeafea869393bd1d03cc91b2f1cf356abb2f698b60b0cec

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                Filesize

                                6KB

                                MD5

                                fa1486e5ee49b440b76b63d39073190f

                                SHA1

                                2aeef2a189e7410049e133554aeb7573959066b5

                                SHA256

                                e833a7c136cf185cca7ad04ed7ca36346aa71a2214c266853908846a646a9a8e

                                SHA512

                                3a60ac3344409e2643e213245aa1bdd38680c6d3903907879c508a29c7bea598f5f8c7bdd4018e8063de0f3abc2575924e7fefecc7120febf0f091b206f7e266

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                Filesize

                                16B

                                MD5

                                6752a1d65b201c13b62ea44016eb221f

                                SHA1

                                58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                SHA256

                                0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                SHA512

                                9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ca29c955-6bfc-42f3-8790-c5ac9ca51e0d.tmp

                                Filesize

                                10KB

                                MD5

                                c934ed779d9066c3c070b664caa0ec81

                                SHA1

                                d5cb50ea67c61db11176f5f7bae36e32f9e086d9

                                SHA256

                                b1655f8831d4074a71a92441cfa7d8aca102f247df13df1512ca6d7863aa5ab6

                                SHA512

                                0e1934b9bcb800ce597e473a02c8955465b12790eee786b09ee3032e50c2b5da916d1b1d0c31869790d8907dd9f036ce85cb45a796f86120cf6fcff79a32bb24

                              We care about your privacy.

                              This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.