Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

4557b4f335...8.html

windows7-x64

3

4557b4f335...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    145s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/10/2024, 02:19 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4557b4f335478f4b5ebfbc921c3436aa_JaffaCakes118.html

  • Size

    11KB

  • MD5

    4557b4f335478f4b5ebfbc921c3436aa

  • SHA1

    7c5572041afdb1551c4410effa9b77859bb44868

  • SHA256

    a25e7ca9688e56d2a72268d52c3368184fae0f9297a297c5508a894bedf29809

  • SHA512

    98cc647a62c68aad2e9f3d60f72929448125dd64f2b2ce2b01302434b76187a11e62733c2ab862573ea14e48d498a971f1498f6ac20d4e42c65f526ad20cd2a5

  • SSDEEP

    192:2ValIsr0r57Mlx+T8v/w1whqJkR1O5uBuLbdU8d:salIcIQlxX/gGO5guLZ

Score
3/10
discovery

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\4557b4f335478f4b5ebfbc921c3436aa_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:5088
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff83b1346f8,0x7ff83b134708,0x7ff83b134718
      2⤵
        PID:4504
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,2400806594264452537,8882407822329800093,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2
        2⤵
          PID:316
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,2400806594264452537,8882407822329800093,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:4872
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,2400806594264452537,8882407822329800093,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2900 /prefetch:8
          2⤵
            PID:4236
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,2400806594264452537,8882407822329800093,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
            2⤵
              PID:3204
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,2400806594264452537,8882407822329800093,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
              2⤵
                PID:3552
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,2400806594264452537,8882407822329800093,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4296 /prefetch:1
                2⤵
                  PID:1368
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,2400806594264452537,8882407822329800093,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1996 /prefetch:2
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:2928
              • C:\Windows\System32\CompPkgSrv.exe
                C:\Windows\System32\CompPkgSrv.exe -Embedding
                1⤵
                  PID:4972
                • C:\Windows\System32\CompPkgSrv.exe
                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                  1⤵
                    PID:2304

                  Network

                  • flag-us
                    DNS
                    8.8.8.8.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    8.8.8.8.in-addr.arpa
                    IN PTR
                    Response
                    8.8.8.8.in-addr.arpa
                    IN PTR
                    dnsgoogle
                  • flag-us
                    DNS
                    232.168.11.51.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    232.168.11.51.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    www.clippings.de
                    msedge.exe
                    Remote address:
                    8.8.8.8:53
                    Request
                    www.clippings.de
                    IN A
                    Response
                  • flag-us
                    DNS
                    hostads.cn
                    msedge.exe
                    Remote address:
                    8.8.8.8:53
                    Request
                    hostads.cn
                    IN A
                    Response
                    hostads.cn
                    IN A
                    101.33.116.226
                  • flag-hk
                    GET
                    http://hostads.cn/
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET / HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    Upgrade-Insecure-Requests: 1
                    DNT: 1
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:08 GMT
                    Content-Type: text/html
                    Transfer-Encoding: chunked
                    Connection: keep-alive
                    Vary: Accept-Encoding
                    Content-Encoding: gzip
                  • flag-hk
                    GET
                    http://hostads.cn/menu/js/dropmenu47.js
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /menu/js/dropmenu47.js HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: */*
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:10 GMT
                    Content-Type: application/javascript
                    Content-Length: 720
                    Last-Modified: Tue, 29 Jun 2021 18:51:55 GMT
                    Connection: keep-alive
                    ETag: "60db6bcb-2d0"
                    Expires: Tue, 15 Oct 2024 14:20:10 GMT
                    Cache-Control: max-age=43200
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/news/templates/css/newspicmemo.css
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /news/templates/css/newspicmemo.css HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: text/css,*/*;q=0.1
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:10 GMT
                    Content-Type: text/css
                    Content-Length: 780
                    Last-Modified: Fri, 09 Jan 2009 01:20:18 GMT
                    Connection: keep-alive
                    ETag: "4966a652-30c"
                    Expires: Tue, 15 Oct 2024 14:20:10 GMT
                    Cache-Control: max-age=43200
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/news/pics/20201116/1605540491.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /news/pics/20201116/1605540491.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:21:03 GMT
                    Content-Type: image/jpeg
                    Content-Length: 140347
                    Last-Modified: Mon, 16 Nov 2020 15:28:11 GMT
                    Connection: keep-alive
                    ETag: "5fb29a8b-2243b"
                    Expires: Thu, 14 Nov 2024 02:21:03 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/base/templates/css/common.css
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /base/templates/css/common.css HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: text/css,*/*;q=0.1
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:09 GMT
                    Content-Type: text/css
                    Last-Modified: Sun, 12 May 2019 04:24:02 GMT
                    Transfer-Encoding: chunked
                    Connection: keep-alive
                    Vary: Accept-Encoding
                    ETag: W/"5cd79fe2-f3a"
                    Expires: Tue, 15 Oct 2024 14:20:09 GMT
                    Cache-Control: max-age=43200
                    Content-Encoding: gzip
                  • flag-hk
                    GET
                    http://hostads.cn/product/templates/css/productclass_dolphin.css
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /product/templates/css/productclass_dolphin.css HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: text/css,*/*;q=0.1
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:10 GMT
                    Content-Type: text/css
                    Content-Length: 534
                    Last-Modified: Fri, 22 Oct 2010 01:44:52 GMT
                    Connection: keep-alive
                    ETag: "4cc0ec94-216"
                    Expires: Tue, 15 Oct 2024 14:20:10 GMT
                    Cache-Control: max-age=43200
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/product/pics/20210702/1625162609.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /product/pics/20210702/1625162609.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:10 GMT
                    Content-Type: image/jpeg
                    Content-Length: 62311
                    Last-Modified: Thu, 01 Jul 2021 18:03:29 GMT
                    Connection: keep-alive
                    ETag: "60de0371-f367"
                    Expires: Thu, 14 Nov 2024 02:20:10 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/product/pics/20210701/1625124800.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /product/pics/20210701/1625124800.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:27 GMT
                    Content-Type: image/jpeg
                    Content-Length: 78841
                    Last-Modified: Thu, 01 Jul 2021 07:33:20 GMT
                    Connection: keep-alive
                    ETag: "60dd6fc0-133f9"
                    Expires: Thu, 14 Nov 2024 02:20:27 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-us
                    DNS
                    172.214.232.199.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    172.214.232.199.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    172.214.232.199.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    172.214.232.199.in-addr.arpa
                    IN PTR
                  • flag-us
                    DNS
                    172.214.232.199.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    172.214.232.199.in-addr.arpa
                    IN PTR
                  • flag-us
                    DNS
                    72.32.126.40.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    72.32.126.40.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    72.32.126.40.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    72.32.126.40.in-addr.arpa
                    IN PTR
                  • flag-us
                    DNS
                    72.32.126.40.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    72.32.126.40.in-addr.arpa
                    IN PTR
                  • flag-us
                    DNS
                    95.221.229.192.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    95.221.229.192.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    95.221.229.192.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    95.221.229.192.in-addr.arpa
                    IN PTR
                  • flag-us
                    DNS
                    88.156.103.20.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    88.156.103.20.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    226.116.33.101.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    226.116.33.101.in-addr.arpa
                    IN PTR
                    Response
                  • flag-hk
                    GET
                    http://hostads.cn/base/js/common.js
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /base/js/common.js HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: */*
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:09 GMT
                    Content-Type: application/javascript
                    Last-Modified: Sun, 12 May 2019 12:49:44 GMT
                    Transfer-Encoding: chunked
                    Connection: keep-alive
                    Vary: Accept-Encoding
                    ETag: W/"5cd81668-2f8c"
                    Expires: Tue, 15 Oct 2024 14:20:09 GMT
                    Cache-Control: max-age=43200
                    Content-Encoding: gzip
                  • flag-hk
                    GET
                    http://hostads.cn/product/js/productlist_roll.js
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /product/js/productlist_roll.js HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: */*
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:10 GMT
                    Content-Type: application/javascript
                    Last-Modified: Wed, 07 Apr 2010 05:51:18 GMT
                    Transfer-Encoding: chunked
                    Connection: keep-alive
                    Vary: Accept-Encoding
                    ETag: W/"4bbc1d56-1b85"
                    Expires: Tue, 15 Oct 2024 14:20:10 GMT
                    Cache-Control: max-age=43200
                    Content-Encoding: gzip
                  • flag-hk
                    GET
                    http://hostads.cn/product/pics/20210701/1625130732.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /product/pics/20210701/1625130732.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:11 GMT
                    Content-Type: image/jpeg
                    Content-Length: 85440
                    Last-Modified: Thu, 01 Jul 2021 09:12:12 GMT
                    Connection: keep-alive
                    ETag: "60dd86ec-14dc0"
                    Expires: Thu, 14 Nov 2024 02:20:11 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/news/pics/20201118/1605686676.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /news/pics/20201118/1605686676.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:28 GMT
                    Content-Type: image/jpeg
                    Content-Length: 147506
                    Last-Modified: Wed, 18 Nov 2020 08:04:36 GMT
                    Connection: keep-alive
                    ETag: "5fb4d594-24032"
                    Expires: Thu, 14 Nov 2024 02:20:28 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/news/pics/20201117/1605595721.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /news/pics/20201117/1605595721.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:46 GMT
                    Content-Type: image/jpeg
                    Content-Length: 158404
                    Last-Modified: Tue, 17 Nov 2020 06:48:41 GMT
                    Connection: keep-alive
                    ETag: "5fb37249-26ac4"
                    Expires: Thu, 14 Nov 2024 02:20:46 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/news/pics/20201116/1605505945.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /news/pics/20201116/1605505945.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:21:08 GMT
                    Content-Type: image/jpeg
                    Content-Length: 113673
                    Last-Modified: Mon, 16 Nov 2020 05:52:25 GMT
                    Connection: keep-alive
                    ETag: "5fb21399-1bc09"
                    Expires: Thu, 14 Nov 2024 02:21:08 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/news/pics/20201116/1605463384.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /news/pics/20201116/1605463384.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:21:18 GMT
                    Content-Type: image/jpeg
                    Content-Length: 175321
                    Last-Modified: Sun, 15 Nov 2020 18:03:04 GMT
                    Connection: keep-alive
                    ETag: "5fb16d58-2acd9"
                    Expires: Thu, 14 Nov 2024 02:21:18 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/news/pics/20201116/1605461543.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /news/pics/20201116/1605461543.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:21:29 GMT
                    Content-Type: image/jpeg
                    Content-Length: 190496
                    Last-Modified: Sun, 15 Nov 2020 17:32:23 GMT
                    Connection: keep-alive
                    ETag: "5fb16627-2e820"
                    Expires: Thu, 14 Nov 2024 02:21:29 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/base/js/form.js
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /base/js/form.js HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: */*
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:09 GMT
                    Content-Type: application/javascript
                    Last-Modified: Sat, 11 May 2019 17:54:02 GMT
                    Transfer-Encoding: chunked
                    Connection: keep-alive
                    Vary: Accept-Encoding
                    ETag: W/"5cd70c3a-3fd4"
                    Expires: Tue, 15 Oct 2024 14:20:09 GMT
                    Cache-Control: max-age=43200
                    Content-Encoding: gzip
                  • flag-hk
                    GET
                    http://hostads.cn/diy/pics/20210724/1627121985.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /diy/pics/20210724/1627121985.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:10 GMT
                    Content-Type: image/jpeg
                    Content-Length: 174180
                    Last-Modified: Sat, 24 Jul 2021 10:19:45 GMT
                    Connection: keep-alive
                    ETag: "60fbe941-2a864"
                    Expires: Thu, 14 Nov 2024 02:20:10 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/news/pics/20201117/1605602396.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /news/pics/20201117/1605602396.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:30 GMT
                    Content-Type: image/jpeg
                    Content-Length: 171249
                    Last-Modified: Tue, 17 Nov 2020 08:39:56 GMT
                    Connection: keep-alive
                    ETag: "5fb38c5c-29cf1"
                    Expires: Thu, 14 Nov 2024 02:20:30 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/news/pics/20201117/1605590873.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /news/pics/20201117/1605590873.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:54 GMT
                    Content-Type: image/jpeg
                    Content-Length: 166874
                    Last-Modified: Tue, 17 Nov 2020 05:27:53 GMT
                    Connection: keep-alive
                    ETag: "5fb35f59-28bda"
                    Expires: Thu, 14 Nov 2024 02:20:54 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/news/pics/20201116/1605504958.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /news/pics/20201116/1605504958.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:21:16 GMT
                    Content-Type: image/jpeg
                    Content-Length: 143593
                    Last-Modified: Mon, 16 Nov 2020 05:35:58 GMT
                    Connection: keep-alive
                    ETag: "5fb20fbe-230e9"
                    Expires: Thu, 14 Nov 2024 02:21:16 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/diy/pics/20101016/1287196120.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /diy/pics/20101016/1287196120.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:21:32 GMT
                    Content-Type: image/jpeg
                    Content-Length: 10932
                    Last-Modified: Wed, 27 Oct 2010 01:39:06 GMT
                    Connection: keep-alive
                    ETag: "4cc782ba-2ab4"
                    Expires: Thu, 14 Nov 2024 02:21:32 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/base/js/blockui.js
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /base/js/blockui.js HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: */*
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:09 GMT
                    Content-Type: application/javascript
                    Last-Modified: Sat, 11 May 2019 17:39:58 GMT
                    Transfer-Encoding: chunked
                    Connection: keep-alive
                    Vary: Accept-Encoding
                    ETag: W/"5cd708ee-312b"
                    Expires: Tue, 15 Oct 2024 14:20:09 GMT
                    Cache-Control: max-age=43200
                    Content-Encoding: gzip
                  • flag-hk
                    GET
                    http://hostads.cn/diy/pics/20101026/1288073960.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /diy/pics/20101026/1288073960.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:10 GMT
                    Content-Type: image/jpeg
                    Content-Length: 4477
                    Last-Modified: Tue, 26 Oct 2010 06:19:22 GMT
                    Connection: keep-alive
                    ETag: "4cc672ea-117d"
                    Expires: Thu, 14 Nov 2024 02:20:10 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/product/templates/css/productlist_roll.css
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /product/templates/css/productlist_roll.css HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: text/css,*/*;q=0.1
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:10 GMT
                    Content-Type: text/css
                    Last-Modified: Wed, 27 Oct 2010 05:32:32 GMT
                    Transfer-Encoding: chunked
                    Connection: keep-alive
                    Vary: Accept-Encoding
                    ETag: W/"4cc7b970-772"
                    Expires: Tue, 15 Oct 2024 14:20:10 GMT
                    Cache-Control: max-age=43200
                    Content-Encoding: gzip
                  • flag-hk
                    GET
                    http://hostads.cn/product/pics/20210701/1625133088.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /product/pics/20210701/1625133088.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:10 GMT
                    Content-Type: image/jpeg
                    Content-Length: 65853
                    Last-Modified: Thu, 01 Jul 2021 09:51:28 GMT
                    Connection: keep-alive
                    ETag: "60dd9020-1013d"
                    Expires: Thu, 14 Nov 2024 02:20:10 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/product/pics/20210701/1625129032.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /product/pics/20210701/1625129032.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:22 GMT
                    Content-Type: image/jpeg
                    Content-Length: 80626
                    Last-Modified: Thu, 01 Jul 2021 08:43:52 GMT
                    Connection: keep-alive
                    ETag: "60dd8048-13af2"
                    Expires: Thu, 14 Nov 2024 02:20:22 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/product/pics/20210701/1625126051.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /product/pics/20210701/1625126051.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:26 GMT
                    Content-Type: image/jpeg
                    Content-Length: 49512
                    Last-Modified: Thu, 01 Jul 2021 07:54:11 GMT
                    Connection: keep-alive
                    ETag: "60dd74a3-c168"
                    Expires: Thu, 14 Nov 2024 02:20:26 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/news/pics/20201117/1605603859.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /news/pics/20201117/1605603859.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:29 GMT
                    Content-Type: image/jpeg
                    Content-Length: 156906
                    Last-Modified: Tue, 17 Nov 2020 09:04:19 GMT
                    Connection: keep-alive
                    ETag: "5fb39213-264ea"
                    Expires: Thu, 14 Nov 2024 02:20:29 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/news/pics/20201117/1605599136.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /news/pics/20201117/1605599136.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:38 GMT
                    Content-Type: image/jpeg
                    Content-Length: 187214
                    Last-Modified: Tue, 17 Nov 2020 07:45:36 GMT
                    Connection: keep-alive
                    ETag: "5fb37fa0-2db4e"
                    Expires: Thu, 14 Nov 2024 02:20:38 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/news/pics/20201117/1605593055.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /news/pics/20201117/1605593055.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:48 GMT
                    Content-Type: image/jpeg
                    Content-Length: 146535
                    Last-Modified: Tue, 17 Nov 2020 06:04:15 GMT
                    Connection: keep-alive
                    ETag: "5fb367df-23c67"
                    Expires: Thu, 14 Nov 2024 02:20:48 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/news/pics/20201117/1605588110.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /news/pics/20201117/1605588110.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:56 GMT
                    Content-Type: image/jpeg
                    Content-Length: 146252
                    Last-Modified: Tue, 17 Nov 2020 04:41:50 GMT
                    Connection: keep-alive
                    ETag: "5fb3548e-23b4c"
                    Expires: Thu, 14 Nov 2024 02:20:56 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/news/pics/20201116/1605518254.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /news/pics/20201116/1605518254.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:21:06 GMT
                    Content-Type: image/jpeg
                    Content-Length: 168297
                    Last-Modified: Mon, 16 Nov 2020 09:17:34 GMT
                    Connection: keep-alive
                    ETag: "5fb243ae-29169"
                    Expires: Thu, 14 Nov 2024 02:21:06 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/news/pics/20201116/1605462464.jpg
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /news/pics/20201116/1605462464.jpg HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:21:21 GMT
                    Content-Type: image/jpeg
                    Content-Length: 158575
                    Last-Modified: Sun, 15 Nov 2020 17:47:44 GMT
                    Connection: keep-alive
                    ETag: "5fb169c0-26b6f"
                    Expires: Thu, 14 Nov 2024 02:21:21 GMT
                    Cache-Control: max-age=2592000
                    Accept-Ranges: bytes
                  • flag-hk
                    GET
                    http://hostads.cn/base/js/base.js
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /base/js/base.js HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: */*
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:09 GMT
                    Content-Type: application/javascript
                    Last-Modified: Sat, 11 May 2019 17:54:02 GMT
                    Transfer-Encoding: chunked
                    Connection: keep-alive
                    Vary: Accept-Encoding
                    ETag: W/"5cd70c3a-13339"
                    Expires: Tue, 15 Oct 2024 14:20:09 GMT
                    Cache-Control: max-age=43200
                    Content-Encoding: gzip
                  • flag-hk
                    GET
                    http://hostads.cn/menu/templates/css/dropmenu47.css
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /menu/templates/css/dropmenu47.css HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: text/css,*/*;q=0.1
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:09 GMT
                    Content-Type: text/css
                    Last-Modified: Tue, 29 Jun 2021 18:51:55 GMT
                    Transfer-Encoding: chunked
                    Connection: keep-alive
                    Vary: Accept-Encoding
                    ETag: W/"60db6bcb-526"
                    Expires: Tue, 15 Oct 2024 14:20:09 GMT
                    Cache-Control: max-age=43200
                    Content-Encoding: gzip
                  • flag-hk
                    GET
                    http://hostads.cn/menu/templates/images/bottommenu_1/A.css
                    msedge.exe
                    Remote address:
                    101.33.116.226:80
                    Request
                    GET /menu/templates/images/bottommenu_1/A.css HTTP/1.1
                    Host: hostads.cn
                    Connection: keep-alive
                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                    DNT: 1
                    Accept: text/css,*/*;q=0.1
                    Referer: http://hostads.cn/
                    Accept-Encoding: gzip, deflate
                    Accept-Language: en-US,en;q=0.9
                    Response
                    HTTP/1.1 200 OK
                    Server: nginx
                    Date: Tue, 15 Oct 2024 02:20:10 GMT
                    Content-Type: text/css
                    Content-Length: 489
                    Last-Modified: Wed, 27 Oct 2010 02:17:28 GMT
                    Connection: keep-alive
                    ETag: "4cc78bb8-1e9"
                    Expires: Tue, 15 Oct 2024 14:20:10 GMT
                    Cache-Control: max-age=43200
                    Accept-Ranges: bytes
                  • flag-us
                    DNS
                    241.150.49.20.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    241.150.49.20.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    196.249.167.52.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    196.249.167.52.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    197.87.175.4.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    197.87.175.4.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    198.187.3.20.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    198.187.3.20.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    88.210.23.2.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    88.210.23.2.in-addr.arpa
                    IN PTR
                    Response
                    88.210.23.2.in-addr.arpa
                    IN PTR
                    a2-23-210-88deploystaticakamaitechnologiescom
                  • flag-us
                    DNS
                    55.36.223.20.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    55.36.223.20.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    19.229.111.52.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    19.229.111.52.in-addr.arpa
                    IN PTR
                    Response
                  • flag-us
                    DNS
                    tse1.mm.bing.net
                    Remote address:
                    8.8.8.8:53
                    Request
                    tse1.mm.bing.net
                    IN A
                    Response
                    tse1.mm.bing.net
                    IN CNAME
                    mm-mm.bing.net.trafficmanager.net
                    mm-mm.bing.net.trafficmanager.net
                    IN CNAME
                    ax-0001.ax-msedge.net
                    ax-0001.ax-msedge.net
                    IN A
                    150.171.28.10
                    ax-0001.ax-msedge.net
                    IN A
                    150.171.27.10
                  • flag-us
                    GET
                    https://tse1.mm.bing.net/th?id=OADD2.10239340418577_1YCPJO6YBYEE06VWA&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                    Remote address:
                    150.171.28.10:443
                    Request
                    GET /th?id=OADD2.10239340418577_1YCPJO6YBYEE06VWA&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                    host: tse1.mm.bing.net
                    accept: */*
                    accept-encoding: gzip, deflate, br
                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                    Response
                    HTTP/2.0 200
                    cache-control: public, max-age=2592000
                    content-length: 944920
                    content-type: image/jpeg
                    x-cache: TCP_HIT
                    access-control-allow-origin: *
                    access-control-allow-headers: *
                    access-control-allow-methods: GET, POST, OPTIONS
                    timing-allow-origin: *
                    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                    x-msedge-ref: Ref A: C113D984A9634D9DB0C17B405B1528E2 Ref B: LON601060107031 Ref C: 2024-10-15T02:21:47Z
                    date: Tue, 15 Oct 2024 02:21:46 GMT
                  • flag-us
                    GET
                    https://tse1.mm.bing.net/th?id=OADD2.10239360259211_1RHQV0P5DTUS9XFSL&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                    Remote address:
                    150.171.28.10:443
                    Request
                    GET /th?id=OADD2.10239360259211_1RHQV0P5DTUS9XFSL&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                    host: tse1.mm.bing.net
                    accept: */*
                    accept-encoding: gzip, deflate, br
                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                    Response
                    HTTP/2.0 200
                    cache-control: public, max-age=2592000
                    content-length: 562299
                    content-type: image/jpeg
                    x-cache: TCP_HIT
                    access-control-allow-origin: *
                    access-control-allow-headers: *
                    access-control-allow-methods: GET, POST, OPTIONS
                    timing-allow-origin: *
                    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                    x-msedge-ref: Ref A: CD2D457D41ED4EA5AB4AF3172C3CBA68 Ref B: LON601060107031 Ref C: 2024-10-15T02:21:47Z
                    date: Tue, 15 Oct 2024 02:21:46 GMT
                  • flag-us
                    GET
                    https://tse1.mm.bing.net/th?id=OADD2.10239360284735_1J9G8ZRD0Q7KNETKQ&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                    Remote address:
                    150.171.28.10:443
                    Request
                    GET /th?id=OADD2.10239360284735_1J9G8ZRD0Q7KNETKQ&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                    host: tse1.mm.bing.net
                    accept: */*
                    accept-encoding: gzip, deflate, br
                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                    Response
                    HTTP/2.0 200
                    cache-control: public, max-age=2592000
                    content-length: 666327
                    content-type: image/jpeg
                    x-cache: TCP_HIT
                    access-control-allow-origin: *
                    access-control-allow-headers: *
                    access-control-allow-methods: GET, POST, OPTIONS
                    timing-allow-origin: *
                    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                    x-msedge-ref: Ref A: 673AF12387424242BCCCE325CE4BC088 Ref B: LON601060107031 Ref C: 2024-10-15T02:21:47Z
                    date: Tue, 15 Oct 2024 02:21:46 GMT
                  • flag-us
                    GET
                    https://tse1.mm.bing.net/th?id=OADD2.10239340418578_1AMTWIX1RFG5EZ1V6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                    Remote address:
                    150.171.28.10:443
                    Request
                    GET /th?id=OADD2.10239340418578_1AMTWIX1RFG5EZ1V6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                    host: tse1.mm.bing.net
                    accept: */*
                    accept-encoding: gzip, deflate, br
                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                    Response
                    HTTP/2.0 200
                    cache-control: public, max-age=2592000
                    content-length: 1061732
                    content-type: image/jpeg
                    x-cache: TCP_HIT
                    access-control-allow-origin: *
                    access-control-allow-headers: *
                    access-control-allow-methods: GET, POST, OPTIONS
                    timing-allow-origin: *
                    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                    x-msedge-ref: Ref A: E80E522B84374E35903C99912F709741 Ref B: LON601060107031 Ref C: 2024-10-15T02:21:47Z
                    date: Tue, 15 Oct 2024 02:21:46 GMT
                  • flag-us
                    GET
                    https://tse1.mm.bing.net/th?id=OADD2.10239360284736_11427X8L96F0YA4AW&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                    Remote address:
                    150.171.28.10:443
                    Request
                    GET /th?id=OADD2.10239360284736_11427X8L96F0YA4AW&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                    host: tse1.mm.bing.net
                    accept: */*
                    accept-encoding: gzip, deflate, br
                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                    Response
                    HTTP/2.0 200
                    cache-control: public, max-age=2592000
                    content-length: 679182
                    content-type: image/jpeg
                    x-cache: TCP_HIT
                    access-control-allow-origin: *
                    access-control-allow-headers: *
                    access-control-allow-methods: GET, POST, OPTIONS
                    timing-allow-origin: *
                    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                    x-msedge-ref: Ref A: C5A9FD2C4DB5463B81AFA1B38D7B9229 Ref B: LON601060107031 Ref C: 2024-10-15T02:21:47Z
                    date: Tue, 15 Oct 2024 02:21:46 GMT
                  • flag-us
                    GET
                    https://tse1.mm.bing.net/th?id=OADD2.10239360259212_1BAR08KBTVWDNYB0F&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                    Remote address:
                    150.171.28.10:443
                    Request
                    GET /th?id=OADD2.10239360259212_1BAR08KBTVWDNYB0F&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                    host: tse1.mm.bing.net
                    accept: */*
                    accept-encoding: gzip, deflate, br
                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                    Response
                    HTTP/2.0 200
                    cache-control: public, max-age=2592000
                    content-length: 439394
                    content-type: image/jpeg
                    x-cache: TCP_HIT
                    access-control-allow-origin: *
                    access-control-allow-headers: *
                    access-control-allow-methods: GET, POST, OPTIONS
                    timing-allow-origin: *
                    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                    x-msedge-ref: Ref A: 0F5B82A7662F4F82A7F0BD96658A8CEF Ref B: LON601060107031 Ref C: 2024-10-15T02:21:47Z
                    date: Tue, 15 Oct 2024 02:21:47 GMT
                  • flag-us
                    DNS
                    10.28.171.150.in-addr.arpa
                    Remote address:
                    8.8.8.8:53
                    Request
                    10.28.171.150.in-addr.arpa
                    IN PTR
                    Response
                  • 101.33.116.226:80
                    http://hostads.cn/news/pics/20201116/1605540491.jpg
                    http
                    msedge.exe
                    3.3kB
                     31.2kB
                     28
                    28

                    HTTP Request

                    GET http://hostads.cn/

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/menu/js/dropmenu47.js

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/news/templates/css/newspicmemo.css

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/news/pics/20201116/1605540491.jpg

                    HTTP Response

                    200
                  • 101.33.116.226:80
                    http://hostads.cn/product/pics/20210701/1625124800.jpg
                    http
                    msedge.exe
                    6.3kB
                     139.8kB
                     94
                    106

                    HTTP Request

                    GET http://hostads.cn/base/templates/css/common.css

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/product/templates/css/productclass_dolphin.css

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/product/pics/20210702/1625162609.jpg

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/product/pics/20210701/1625124800.jpg

                    HTTP Response

                    200
                  • 101.33.116.226:80
                    http://hostads.cn/news/pics/20201116/1605461543.jpg
                    http
                    msedge.exe
                    28.5kB
                     907.0kB
                     516
                    656

                    HTTP Request

                    GET http://hostads.cn/base/js/common.js

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/product/js/productlist_roll.js

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/product/pics/20210701/1625130732.jpg

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/news/pics/20201118/1605686676.jpg

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/news/pics/20201117/1605595721.jpg

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/news/pics/20201116/1605505945.jpg

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/news/pics/20201116/1605463384.jpg

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/news/pics/20201116/1605461543.jpg

                    HTTP Response

                    200
                  • 101.33.116.226:80
                    http://hostads.cn/diy/pics/20101016/1287196120.jpg
                    http
                    msedge.exe
                    24.8kB
                     695.9kB
                     443
                    509

                    HTTP Request

                    GET http://hostads.cn/base/js/form.js

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/diy/pics/20210724/1627121985.jpg

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/news/pics/20201117/1605602396.jpg

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/news/pics/20201117/1605590873.jpg

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/news/pics/20201116/1605504958.jpg

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/diy/pics/20101016/1287196120.jpg

                    HTTP Response

                    200
                  • 101.33.116.226:80
                    http://hostads.cn/news/pics/20201116/1605462464.jpg
                    http
                    msedge.exe
                    38.9kB
                     1.2MB
                     682
                    876

                    HTTP Request

                    GET http://hostads.cn/base/js/blockui.js

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/diy/pics/20101026/1288073960.jpg

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/product/templates/css/productlist_roll.css

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/product/pics/20210701/1625133088.jpg

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/product/pics/20210701/1625129032.jpg

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/product/pics/20210701/1625126051.jpg

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/news/pics/20201117/1605603859.jpg

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/news/pics/20201117/1605599136.jpg

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/news/pics/20201117/1605593055.jpg

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/news/pics/20201117/1605588110.jpg

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/news/pics/20201116/1605518254.jpg

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/news/pics/20201116/1605462464.jpg

                    HTTP Response

                    200
                  • 101.33.116.226:80
                    http://hostads.cn/menu/templates/images/bottommenu_1/A.css
                    http
                    msedge.exe
                    2.4kB
                     33.5kB
                     22
                    30

                    HTTP Request

                    GET http://hostads.cn/base/js/base.js

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/menu/templates/css/dropmenu47.css

                    HTTP Response

                    200

                    HTTP Request

                    GET http://hostads.cn/menu/templates/images/bottommenu_1/A.css

                    HTTP Response

                    200
                  • 150.171.28.10:443
                    tse1.mm.bing.net
                    tls, http2
                    1.2kB
                     6.9kB
                     15
                    13
                  • 150.171.28.10:443
                    tse1.mm.bing.net
                    tls, http2
                    1.2kB
                     6.9kB
                     15
                    13
                  • 150.171.28.10:443
                    https://tse1.mm.bing.net/th?id=OADD2.10239360259212_1BAR08KBTVWDNYB0F&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                    tls, http2
                    156.7kB
                     4.5MB
                     3295
                    3290

                    HTTP Request

                    GET https://tse1.mm.bing.net/th?id=OADD2.10239340418577_1YCPJO6YBYEE06VWA&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                    HTTP Request

                    GET https://tse1.mm.bing.net/th?id=OADD2.10239360259211_1RHQV0P5DTUS9XFSL&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                    HTTP Request

                    GET https://tse1.mm.bing.net/th?id=OADD2.10239360284735_1J9G8ZRD0Q7KNETKQ&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                    HTTP Request

                    GET https://tse1.mm.bing.net/th?id=OADD2.10239340418578_1AMTWIX1RFG5EZ1V6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                    HTTP Request

                    GET https://tse1.mm.bing.net/th?id=OADD2.10239360284736_11427X8L96F0YA4AW&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                    HTTP Response

                    200

                    HTTP Response

                    200

                    HTTP Response

                    200

                    HTTP Response

                    200

                    HTTP Response

                    200

                    HTTP Request

                    GET https://tse1.mm.bing.net/th?id=OADD2.10239360259212_1BAR08KBTVWDNYB0F&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                    HTTP Response

                    200
                  • 150.171.28.10:443
                    tse1.mm.bing.net
                    tls, http2
                    1.2kB
                     6.9kB
                     15
                    13
                  • 150.171.28.10:443
                    tse1.mm.bing.net
                    tls, http2
                    1.2kB
                     6.9kB
                     15
                    13
                  • 8.8.8.8:53
                    8.8.8.8.in-addr.arpa
                    dns
                    66 B
                     90 B
                     1
                    1

                    DNS Request

                    8.8.8.8.in-addr.arpa

                  • 8.8.8.8:53
                    232.168.11.51.in-addr.arpa
                    dns
                    72 B
                     158 B
                     1
                    1

                    DNS Request

                    232.168.11.51.in-addr.arpa

                  • 8.8.8.8:53
                    www.clippings.de
                    dns
                    msedge.exe
                    62 B
                     132 B
                     1
                    1

                    DNS Request

                    www.clippings.de

                  • 8.8.8.8:53
                    hostads.cn
                    dns
                    msedge.exe
                    56 B
                     72 B
                     1
                    1

                    DNS Request

                    hostads.cn

                    DNS Response

                    101.33.116.226

                  • 8.8.8.8:53
                    172.214.232.199.in-addr.arpa
                    dns
                    222 B
                     128 B
                     3
                    1

                    DNS Request

                    172.214.232.199.in-addr.arpa

                    DNS Request

                    172.214.232.199.in-addr.arpa

                    DNS Request

                    172.214.232.199.in-addr.arpa

                  • 8.8.8.8:53
                    72.32.126.40.in-addr.arpa
                    dns
                    213 B
                     157 B
                     3
                    1

                    DNS Request

                    72.32.126.40.in-addr.arpa

                    DNS Request

                    72.32.126.40.in-addr.arpa

                    DNS Request

                    72.32.126.40.in-addr.arpa

                  • 8.8.8.8:53
                    95.221.229.192.in-addr.arpa
                    dns
                    146 B
                     144 B
                     2
                    1

                    DNS Request

                    95.221.229.192.in-addr.arpa

                    DNS Request

                    95.221.229.192.in-addr.arpa

                  • 8.8.8.8:53
                    226.116.33.101.in-addr.arpa
                    dns
                    73 B
                     130 B
                     1
                    1

                    DNS Request

                    226.116.33.101.in-addr.arpa

                  • 8.8.8.8:53
                    88.156.103.20.in-addr.arpa
                    dns
                    72 B
                     158 B
                     1
                    1

                    DNS Request

                    88.156.103.20.in-addr.arpa

                  • 8.8.8.8:53
                    241.150.49.20.in-addr.arpa
                    dns
                    72 B
                     158 B
                     1
                    1

                    DNS Request

                    241.150.49.20.in-addr.arpa

                  • 224.0.0.251:5353
                    308 B
                     5
                  • 8.8.8.8:53
                    196.249.167.52.in-addr.arpa
                    dns
                    73 B
                     147 B
                     1
                    1

                    DNS Request

                    196.249.167.52.in-addr.arpa

                  • 8.8.8.8:53
                    197.87.175.4.in-addr.arpa
                    dns
                    71 B
                     157 B
                     1
                    1

                    DNS Request

                    197.87.175.4.in-addr.arpa

                  • 8.8.8.8:53
                    198.187.3.20.in-addr.arpa
                    dns
                    71 B
                     157 B
                     1
                    1

                    DNS Request

                    198.187.3.20.in-addr.arpa

                  • 8.8.8.8:53
                    88.210.23.2.in-addr.arpa
                    dns
                    70 B
                     133 B
                     1
                    1

                    DNS Request

                    88.210.23.2.in-addr.arpa

                  • 8.8.8.8:53
                    55.36.223.20.in-addr.arpa
                    dns
                    71 B
                     157 B
                     1
                    1

                    DNS Request

                    55.36.223.20.in-addr.arpa

                  • 8.8.8.8:53
                    19.229.111.52.in-addr.arpa
                    dns
                    72 B
                     158 B
                     1
                    1

                    DNS Request

                    19.229.111.52.in-addr.arpa

                  • 8.8.8.8:53
                    tse1.mm.bing.net
                    dns
                    62 B
                     170 B
                     1
                    1

                    DNS Request

                    tse1.mm.bing.net

                    DNS Response

                    150.171.28.10
                    150.171.27.10

                  • 8.8.8.8:53
                    10.28.171.150.in-addr.arpa
                    dns
                    72 B
                     158 B
                     1
                    1

                    DNS Request

                    10.28.171.150.in-addr.arpa

                  MITRE ATT&CK Enterprise v15

                  Replay Monitor

                  Loading Replay Monitor...

                  Downloads

                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                    Filesize

                    152B

                    MD5

                    6960857d16aadfa79d36df8ebbf0e423

                    SHA1

                    e1db43bd478274366621a8c6497e270d46c6ed4f

                    SHA256

                    f40b812ce44e391423eb66602ac0af138a1e948aa8c4116045fef671ef21cd32

                    SHA512

                    6deb2a63055a643759dd0ae125fb2f68ec04a443dbf8b066a812b42352bbcfa4517382ed0910c190c986a864559c3453c772e153ee2e9432fb2de2e1e49ca7fe

                    Download Submit

                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                    Filesize

                    152B

                    MD5

                    f426165d1e5f7df1b7a3758c306cd4ae

                    SHA1

                    59ef728fbbb5c4197600f61daec48556fec651c1

                    SHA256

                    b68dfc21866d0abe5c75d70acc54670421fa9b26baf98af852768676a901b841

                    SHA512

                    8d437fcb85acb0705bf080141e7a021740901248985a76299ea8c43e46ad78fb88c738322cf302f6a550caa5e79d85b36827e9b329b1094521b17cf638c015b6

                    Download Submit

                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                    Filesize

                    168B

                    MD5

                    ba9e9a1db8ab53951c89a1ba0c80f794

                    SHA1

                    a4464df3e3dce55d27be0f35ca39352a0ea3570f

                    SHA256

                    1bd17fe6254c93c6c3a872da3cbf309757490c47f2bc7a81aa1808797de17f9f

                    SHA512

                    9b4386ffbfc1d60ec6474e560fb7ac0bf014068438605fc358a0a36192561b009ffe9b090aadf2e4bcc9934ec8b2dd8512ebd751b54b7ad53b1a7f0761d31c03

                    Download Submit

                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                    Filesize

                    111B

                    MD5

                    807419ca9a4734feaf8d8563a003b048

                    SHA1

                    a723c7d60a65886ffa068711f1e900ccc85922a6

                    SHA256

                    aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

                    SHA512

                    f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

                    Download Submit

                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                    Filesize

                    6KB

                    MD5

                    3faacef8d5c38afbdeb3a3c625d52ae3

                    SHA1

                    b231612b14b27e360b402ca83b8fba4167fe15cb

                    SHA256

                    f5563ca453e2ff9639677b28da9f7ed00184535b45234eb7fea96bce1b3e4f13

                    SHA512

                    4f3c982b9b3c9c96384098c6a0440e10dec94e73e209776cee98a9ea765bd907c51a5f743836742de56949f37a1500f42e8360d1743cf9873bbe7a1821fc7646

                    Download Submit

                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                    Filesize

                    6KB

                    MD5

                    1f286404ea092f2aebf6f539d83ec9ca

                    SHA1

                    2f309912bfbf9122bcb60c85e3a106522a5ea30e

                    SHA256

                    8ee367d94a8985922b79e52d1729d8d0aa9ddcd336a5fa26608d8a33909bfb9a

                    SHA512

                    d67ce3518ba29e436518891a65480f004a36b06ff536da523197edff34f28633bfb1c31d36b6875368a9217dcb1e6eca677b19c7ec4803787c195ecfd8bed719

                    Download Submit

                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                    Filesize

                    10KB

                    MD5

                    f525c40a225f26c79be7955d6f12835e

                    SHA1

                    e260e5b13ce866acb79992c31f5faeaf7003f29d

                    SHA256

                    e261be0b56d197e2f8d5dad14b0bcc486e5df1bc6cce7c4bddfb394e1175a98f

                    SHA512

                    310bd4953bd8fe86785eaa07fa162bc9fcc2fd76fc9de71908b087d390717c69d92c992e6021da293ac9e67f775d26d4a91e3b2d9f7f37e7a2245f57a1dc8d20

                    Download Submit

                  We care about your privacy.

                  This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.