6514b345465786d232a61f8aca8e3b60e2bf8a3e45f237086e55caac0c19cb4d

max time kernel
855s
max time network
887s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
16/01/2025, 17:12 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JaffaCakes118_1d93e8597dd860cf81cd913c4b997818.html
Size

25KB
MD5

1d93e8597dd860cf81cd913c4b997818
SHA1

a7dacf6a32b194720a87130a16f2222c44f036eb
SHA256

6514b345465786d232a61f8aca8e3b60e2bf8a3e45f237086e55caac0c19cb4d
SHA512

c35592acafe20b18914ba7ee31201faa7534136df292d7c14436fb3bcbdd5f07b96b3b63897509068b8263ec4e12f55e192de027996dac8e63e08712fb891e98
SSDEEP

384:PqlIcCtF4JVGTHyk9v1o99t5W9ISFaTGHx6QckT/gbpLOXguLZ:sZtSF5zg9ExLZ

Score

1^/10

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.android.chrome

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.android.chrome

com.android.chrome
1⤵
- Checks CPU information
- Checks memory information
PID:4347

Network

DNS

android.apis.google.com

Remote address:

1.1.1.1:53

Request

android.apis.google.com

IN A

Response

android.apis.google.com

IN CNAME

clients.l.google.com

clients.l.google.com

IN A

172.217.169.78
DNS

android.apis.google.com

Remote address:

1.1.1.1:53

Request

android.apis.google.com

IN A

Response

android.apis.google.com

IN CNAME

clients.l.google.com

clients.l.google.com

IN A

172.217.169.78
DNS

accounts.google.com

Remote address:

1.1.1.1:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

64.233.184.84
DNS

accounts.google.com

Remote address:

1.1.1.1:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

108.177.15.84
POST

https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard

Remote address:

108.177.15.84:443

Request

POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/2.0
host: accounts.google.com
content-length: 1
origin: https://www.google.com
content-type: application/x-www-form-urlencoded
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

www.clippings.de

Remote address:

1.1.1.1:53

Request

www.clippings.de

IN A

Response
DNS

www.clippings.de

Remote address:

1.1.1.1:53

Request

www.clippings.de

IN A

Response
DNS

www.clippings.de

Remote address:

1.1.1.1:53

Request

www.clippings.de

IN A

Response
DNS

hostads.cn

Remote address:

1.1.1.1:53

Request

hostads.cn

IN A

Response

hostads.cn

IN A

101.33.116.226
DNS

www.clippings.de

Remote address:

1.1.1.1:53

Request

www.clippings.de

IN A

Response
GET

http://hostads.cn/

Remote address:

101.33.116.226:80

Request

GET / HTTP/1.1
Host: hostads.cn
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
GET

http://hostads.cn/product/templates/css/productlist_roll.css

Remote address:

101.33.116.226:80

Request

GET /product/templates/css/productlist_roll.css HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:31 GMT
Content-Type: text/css
Last-Modified: Wed, 27 Oct 2010 05:32:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"4cc7b970-772"
Expires: Fri, 17 Jan 2025 05:13:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET

http://hostads.cn/news/templates/css/newspicmemo.css

Remote address:

101.33.116.226:80

Request

GET /news/templates/css/newspicmemo.css HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:32 GMT
Content-Type: text/css
Content-Length: 780
Last-Modified: Fri, 09 Jan 2009 01:20:18 GMT
Connection: keep-alive
ETag: "4966a652-30c"
Expires: Fri, 17 Jan 2025 05:13:32 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
GET

http://hostads.cn/menu/templates/images/bottommenu_1/A.css

Remote address:

101.33.116.226:80

Request

GET /menu/templates/images/bottommenu_1/A.css HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:32 GMT
Content-Type: text/css
Content-Length: 489
Last-Modified: Wed, 27 Oct 2010 02:17:28 GMT
Connection: keep-alive
ETag: "4cc78bb8-1e9"
Expires: Fri, 17 Jan 2025 05:13:32 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
GET

http://hostads.cn/product/pics/20210701/1625133088.jpg

Remote address:

101.33.116.226:80

Request

GET /product/pics/20210701/1625133088.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:32 GMT
Content-Type: image/jpeg
Content-Length: 65853
Last-Modified: Thu, 01 Jul 2021 09:51:28 GMT
Connection: keep-alive
ETag: "60dd9020-1013d"
Expires: Sat, 15 Feb 2025 17:13:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/product/pics/20210701/1625129032.jpg

Remote address:

101.33.116.226:80

Request

GET /product/pics/20210701/1625129032.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:38 GMT
Content-Type: image/jpeg
Content-Length: 80626
Last-Modified: Thu, 01 Jul 2021 08:43:52 GMT
Connection: keep-alive
ETag: "60dd8048-13af2"
Expires: Sat, 15 Feb 2025 17:13:38 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/news/pics/20201118/1605686676.jpg

Remote address:

101.33.116.226:80

Request

GET /news/pics/20201118/1605686676.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:43 GMT
Content-Type: image/jpeg
Content-Length: 147506
Last-Modified: Wed, 18 Nov 2020 08:04:36 GMT
Connection: keep-alive
ETag: "5fb4d594-24032"
Expires: Sat, 15 Feb 2025 17:13:43 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/news/pics/20201117/1605595721.jpg

Remote address:

101.33.116.226:80

Request

GET /news/pics/20201117/1605595721.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:55 GMT
Content-Type: image/jpeg
Content-Length: 158404
Last-Modified: Tue, 17 Nov 2020 06:48:41 GMT
Connection: keep-alive
ETag: "5fb37249-26ac4"
Expires: Sat, 15 Feb 2025 17:13:55 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/base/templates/css/common.css

Remote address:

101.33.116.226:80

Request

GET /base/templates/css/common.css HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:18 GMT
Content-Type: text/css
Last-Modified: Sun, 12 May 2019 04:24:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5cd79fe2-f3a"
Expires: Fri, 17 Jan 2025 05:13:18 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET

http://hostads.cn/product/pics/20210702/1625162609.jpg

Remote address:

101.33.116.226:80

Request

GET /product/pics/20210702/1625162609.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:31 GMT
Content-Type: image/jpeg
Content-Length: 62311
Last-Modified: Thu, 01 Jul 2021 18:03:29 GMT
Connection: keep-alive
ETag: "60de0371-f367"
Expires: Sat, 15 Feb 2025 17:13:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/product/pics/20210701/1625124800.jpg

Remote address:

101.33.116.226:80

Request

GET /product/pics/20210701/1625124800.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:42 GMT
Content-Type: image/jpeg
Content-Length: 78841
Last-Modified: Thu, 01 Jul 2021 07:33:20 GMT
Connection: keep-alive
ETag: "60dd6fc0-133f9"
Expires: Sat, 15 Feb 2025 17:13:42 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/news/pics/20201117/1605599136.jpg

Remote address:

101.33.116.226:80

Request

GET /news/pics/20201117/1605599136.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:51 GMT
Content-Type: image/jpeg
Content-Length: 187214
Last-Modified: Tue, 17 Nov 2020 07:45:36 GMT
Connection: keep-alive
ETag: "5fb37fa0-2db4e"
Expires: Sat, 15 Feb 2025 17:13:51 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
DNS

ssl.google-analytics.com

Remote address:

1.1.1.1:53

Request

ssl.google-analytics.com

IN A

Response

ssl.google-analytics.com

IN A

172.217.169.72
GET

http://hostads.cn/base/js/base.js

Remote address:

101.33.116.226:80

Request

GET /base/js/base.js HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: */*
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:18 GMT
Content-Type: application/javascript
Last-Modified: Sat, 11 May 2019 17:54:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5cd70c3a-13339"
Expires: Fri, 17 Jan 2025 05:13:18 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET

http://hostads.cn/product/js/productlist_roll.js

Remote address:

101.33.116.226:80

Request

GET /product/js/productlist_roll.js HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: */*
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:31 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 Apr 2010 05:51:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"4bbc1d56-1b85"
Expires: Fri, 17 Jan 2025 05:13:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET

http://hostads.cn/product/pics/20210701/1625130732.jpg

Remote address:

101.33.116.226:80

Request

GET /product/pics/20210701/1625130732.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:37 GMT
Content-Type: image/jpeg
Content-Length: 85440
Last-Modified: Thu, 01 Jul 2021 09:12:12 GMT
Connection: keep-alive
ETag: "60dd86ec-14dc0"
Expires: Sat, 15 Feb 2025 17:13:37 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/news/pics/20201117/1605602396.jpg

Remote address:

101.33.116.226:80

Request

GET /news/pics/20201117/1605602396.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:48 GMT
Content-Type: image/jpeg
Content-Length: 171249
Last-Modified: Tue, 17 Nov 2020 08:39:56 GMT
Connection: keep-alive
ETag: "5fb38c5c-29cf1"
Expires: Sat, 15 Feb 2025 17:13:48 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/news/pics/20201116/1605518254.jpg

Remote address:

101.33.116.226:80

Request

GET /news/pics/20201116/1605518254.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:14:28 GMT
Content-Type: image/jpeg
Content-Length: 168297
Last-Modified: Mon, 16 Nov 2020 09:17:34 GMT
Connection: keep-alive
ETag: "5fb243ae-29169"
Expires: Sat, 15 Feb 2025 17:14:28 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/news/pics/20201116/1605504958.jpg

Remote address:

101.33.116.226:80

Request

GET /news/pics/20201116/1605504958.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:14:36 GMT
Content-Type: image/jpeg
Content-Length: 143593
Last-Modified: Mon, 16 Nov 2020 05:35:58 GMT
Connection: keep-alive
ETag: "5fb20fbe-230e9"
Expires: Sat, 15 Feb 2025 17:14:36 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/news/pics/20201116/1605462464.jpg

Remote address:

101.33.116.226:80

Request

GET /news/pics/20201116/1605462464.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:14:42 GMT
Content-Type: image/jpeg
Content-Length: 158575
Last-Modified: Sun, 15 Nov 2020 17:47:44 GMT
Connection: keep-alive
ETag: "5fb169c0-26b6f"
Expires: Sat, 15 Feb 2025 17:14:42 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/diy/pics/20101016/1287196120.jpg

Remote address:

101.33.116.226:80

Request

GET /diy/pics/20101016/1287196120.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:14:46 GMT
Content-Type: image/jpeg
Content-Length: 10932
Last-Modified: Wed, 27 Oct 2010 01:39:06 GMT
Connection: keep-alive
ETag: "4cc782ba-2ab4"
Expires: Sat, 15 Feb 2025 17:14:46 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/base/js/common.js

Remote address:

101.33.116.226:80

Request

GET /base/js/common.js HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: */*
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:18 GMT
Content-Type: application/javascript
Last-Modified: Sun, 12 May 2019 12:49:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5cd81668-2f8c"
Expires: Fri, 17 Jan 2025 05:13:18 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET

http://hostads.cn/base/js/form.js

Remote address:

101.33.116.226:80

Request

GET /base/js/form.js HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: */*
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:18 GMT
Content-Type: application/javascript
Last-Modified: Sat, 11 May 2019 17:54:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5cd70c3a-3fd4"
Expires: Fri, 17 Jan 2025 05:13:18 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET

http://hostads.cn/menu/templates/css/dropmenu47.css

Remote address:

101.33.116.226:80

Request

GET /menu/templates/css/dropmenu47.css HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:21 GMT
Content-Type: text/css
Last-Modified: Tue, 29 Jun 2021 18:51:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60db6bcb-526"
Expires: Fri, 17 Jan 2025 05:13:21 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET

http://hostads.cn/product/templates/css/productclass_dolphin.css

Remote address:

101.33.116.226:80

Request

GET /product/templates/css/productclass_dolphin.css HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:21 GMT
Content-Type: text/css
Content-Length: 534
Last-Modified: Fri, 22 Oct 2010 01:44:52 GMT
Connection: keep-alive
ETag: "4cc0ec94-216"
Expires: Fri, 17 Jan 2025 05:13:21 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
GET

http://hostads.cn/diy/pics/20210724/1627121985.jpg

Remote address:

101.33.116.226:80

Request

GET /diy/pics/20210724/1627121985.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:22 GMT
Content-Type: image/jpeg
Content-Length: 174180
Last-Modified: Sat, 24 Jul 2021 10:19:45 GMT
Connection: keep-alive
ETag: "60fbe941-2a864"
Expires: Sat, 15 Feb 2025 17:13:22 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/product/pics/20210701/1625126051.jpg

Remote address:

101.33.116.226:80

Request

GET /product/pics/20210701/1625126051.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:42 GMT
Content-Type: image/jpeg
Content-Length: 49512
Last-Modified: Thu, 01 Jul 2021 07:54:11 GMT
Connection: keep-alive
ETag: "60dd74a3-c168"
Expires: Sat, 15 Feb 2025 17:13:42 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/news/pics/20201117/1605603859.jpg

Remote address:

101.33.116.226:80

Request

GET /news/pics/20201117/1605603859.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:46 GMT
Content-Type: image/jpeg
Content-Length: 156906
Last-Modified: Tue, 17 Nov 2020 09:04:19 GMT
Connection: keep-alive
ETag: "5fb39213-264ea"
Expires: Sat, 15 Feb 2025 17:13:46 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/news/pics/20201117/1605593055.jpg

Remote address:

101.33.116.226:80

Request

GET /news/pics/20201117/1605593055.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:14:06 GMT
Content-Type: image/jpeg
Content-Length: 146535
Last-Modified: Tue, 17 Nov 2020 06:04:15 GMT
Connection: keep-alive
ETag: "5fb367df-23c67"
Expires: Sat, 15 Feb 2025 17:14:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/news/pics/20201117/1605590873.jpg

Remote address:

101.33.116.226:80

Request

GET /news/pics/20201117/1605590873.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:14:12 GMT
Content-Type: image/jpeg
Content-Length: 166874
Last-Modified: Tue, 17 Nov 2020 05:27:53 GMT
Connection: keep-alive
ETag: "5fb35f59-28bda"
Expires: Sat, 15 Feb 2025 17:14:12 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/news/pics/20201117/1605588110.jpg

Remote address:

101.33.116.226:80

Request

GET /news/pics/20201117/1605588110.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:14:20 GMT
Content-Type: image/jpeg
Content-Length: 146252
Last-Modified: Tue, 17 Nov 2020 04:41:50 GMT
Connection: keep-alive
ETag: "5fb3548e-23b4c"
Expires: Sat, 15 Feb 2025 17:14:20 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/news/pics/20201116/1605540491.jpg

Remote address:

101.33.116.226:80

Request

GET /news/pics/20201116/1605540491.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:14:26 GMT
Content-Type: image/jpeg
Content-Length: 140347
Last-Modified: Mon, 16 Nov 2020 15:28:11 GMT
Connection: keep-alive
ETag: "5fb29a8b-2243b"
Expires: Sat, 15 Feb 2025 17:14:26 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/news/pics/20201116/1605505945.jpg

Remote address:

101.33.116.226:80

Request

GET /news/pics/20201116/1605505945.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:14:32 GMT
Content-Type: image/jpeg
Content-Length: 113673
Last-Modified: Mon, 16 Nov 2020 05:52:25 GMT
Connection: keep-alive
ETag: "5fb21399-1bc09"
Expires: Sat, 15 Feb 2025 17:14:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/news/pics/20201116/1605463384.jpg

Remote address:

101.33.116.226:80

Request

GET /news/pics/20201116/1605463384.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:14:40 GMT
Content-Type: image/jpeg
Content-Length: 175321
Last-Modified: Sun, 15 Nov 2020 18:03:04 GMT
Connection: keep-alive
ETag: "5fb16d58-2acd9"
Expires: Sat, 15 Feb 2025 17:14:40 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/news/pics/20201116/1605461543.jpg

Remote address:

101.33.116.226:80

Request

GET /news/pics/20201116/1605461543.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:14:46 GMT
Content-Type: image/jpeg
Content-Length: 190496
Last-Modified: Sun, 15 Nov 2020 17:32:23 GMT
Connection: keep-alive
ETag: "5fb16627-2e820"
Expires: Sat, 15 Feb 2025 17:14:46 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET

http://hostads.cn/base/js/blockui.js

Remote address:

101.33.116.226:80

Request

GET /base/js/blockui.js HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: */*
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:18 GMT
Content-Type: application/javascript
Last-Modified: Sat, 11 May 2019 17:39:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5cd708ee-312b"
Expires: Fri, 17 Jan 2025 05:13:18 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
GET

http://hostads.cn/menu/js/dropmenu47.js

Remote address:

101.33.116.226:80

Request

GET /menu/js/dropmenu47.js HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: */*
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:21 GMT
Content-Type: application/javascript
Content-Length: 720
Last-Modified: Tue, 29 Jun 2021 18:51:55 GMT
Connection: keep-alive
ETag: "60db6bcb-2d0"
Expires: Fri, 17 Jan 2025 05:13:21 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
GET

http://hostads.cn/diy/pics/20101026/1288073960.jpg

Remote address:

101.33.116.226:80

Request

GET /diy/pics/20101026/1288073960.jpg HTTP/1.1
Host: hostads.cn
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hostads.cn/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Jan 2025 17:13:21 GMT
Content-Type: image/jpeg
Content-Length: 4477
Last-Modified: Tue, 26 Oct 2010 06:19:22 GMT
Connection: keep-alive
ETag: "4cc672ea-117d"
Expires: Sat, 15 Feb 2025 17:13:21 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
DNS

update.googleapis.com

Remote address:

1.1.1.1:53

Request

update.googleapis.com

IN A

Response

update.googleapis.com

IN A

142.250.200.35
POST

https://update.googleapis.com/service/update2

Remote address:

142.250.200.35:443

Request

POST /service/update2 HTTP/1.1
Content-Length: 689
Content-Type: application/x-www-form-urlencoded
User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; Pixel 2 Build/RSR1.210722.013)
Host: update.googleapis.com
Connection: Keep-Alive
Accept-Encoding: gzip

Response

HTTP/1.1 200 OK

Content-Security-Policy: script-src 'report-sample' 'none';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 16 Jan 2025 17:13:22 GMT
Content-Type: text/xml; charset=UTF-8
X-Daynum: 6590
X-Daystart: 33202
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
DNS

update.googleapis.com

Remote address:

1.1.1.1:53

Request

update.googleapis.com

IN A

Response

update.googleapis.com

IN A

142.250.187.227
DNS

android.apis.google.com

Remote address:

1.1.1.1:53

Request

android.apis.google.com

IN A

Response

android.apis.google.com

IN CNAME

clients.l.google.com

clients.l.google.com

IN A

172.217.16.238

216.58.212.238:443

tls, https

695 B
40 B
1
1
216.58.212.238:443

tls, https

695 B
40 B
1
1
172.217.169.78:443

android.apis.google.com

tls

999 B
4.5kB
8
7
172.217.169.78:443

android.apis.google.com

tls

8.9kB
10.9kB
36
34
64.233.184.84:443

accounts.google.com

100 B
60 B
2
1
108.177.15.84:443

https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard

tls, http2

2.2kB
7.4kB
21
17

HTTP Request

POST https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
101.33.116.226:80

http://hostads.cn/news/pics/20201117/1605595721.jpg

http

14.0kB
374.1kB
194
236

HTTP Request

GET http://hostads.cn/

HTTP Response

200

HTTP Request

GET http://hostads.cn/product/templates/css/productlist_roll.css

HTTP Response

200

HTTP Request

GET http://hostads.cn/news/templates/css/newspicmemo.css

HTTP Response

200

HTTP Request

GET http://hostads.cn/menu/templates/images/bottommenu_1/A.css

HTTP Response

200

HTTP Request

GET http://hostads.cn/product/pics/20210701/1625133088.jpg

HTTP Response

200

HTTP Request

GET http://hostads.cn/product/pics/20210701/1625129032.jpg

HTTP Response

200

HTTP Request

GET http://hostads.cn/news/pics/20201118/1605686676.jpg

HTTP Response

200

HTTP Request

GET http://hostads.cn/news/pics/20201117/1605595721.jpg

HTTP Response

200
101.33.116.226:80

http://hostads.cn/news/pics/20201117/1605599136.jpg

http

10.4kB
256.9kB
147
166

HTTP Request

GET http://hostads.cn/base/templates/css/common.css

HTTP Response

200

HTTP Request

GET http://hostads.cn/product/pics/20210702/1625162609.jpg

HTTP Response

200

HTTP Request

GET http://hostads.cn/product/pics/20210701/1625124800.jpg

HTTP Response

200

HTTP Request

GET http://hostads.cn/news/pics/20201117/1605599136.jpg

HTTP Response

200
172.217.169.72:443

ssl.google-analytics.com

tls

1.6kB
7.3kB
13
13
101.33.116.226:80

http://hostads.cn/diy/pics/20101016/1287196120.jpg

http

18.6kB
801.5kB
274
443

HTTP Request

GET http://hostads.cn/base/js/base.js

HTTP Response

200

HTTP Request

GET http://hostads.cn/product/js/productlist_roll.js

HTTP Response

200

HTTP Request

GET http://hostads.cn/product/pics/20210701/1625130732.jpg

HTTP Response

200

HTTP Request

GET http://hostads.cn/news/pics/20201117/1605602396.jpg

HTTP Response

200

HTTP Request

GET http://hostads.cn/news/pics/20201116/1605518254.jpg

HTTP Response

200

HTTP Request

GET http://hostads.cn/news/pics/20201116/1605504958.jpg

HTTP Response

200

HTTP Request

GET http://hostads.cn/news/pics/20201116/1605462464.jpg

HTTP Response

200

HTTP Request

GET http://hostads.cn/diy/pics/20101016/1287196120.jpg

HTTP Response

200
101.33.116.226:80

http://hostads.cn/base/js/common.js

http

755 B
3.1kB
7
6

HTTP Request

GET http://hostads.cn/base/js/common.js

HTTP Response

200
101.33.116.226:80

http://hostads.cn/news/pics/20201116/1605461543.jpg

http

38.5kB
1.5MB
590
849

HTTP Request

GET http://hostads.cn/base/js/form.js

HTTP Response

200

HTTP Request

GET http://hostads.cn/menu/templates/css/dropmenu47.css

HTTP Response

200

HTTP Request

GET http://hostads.cn/product/templates/css/productclass_dolphin.css

HTTP Response

200

HTTP Request

GET http://hostads.cn/diy/pics/20210724/1627121985.jpg

HTTP Response

200

HTTP Request

GET http://hostads.cn/product/pics/20210701/1625126051.jpg

HTTP Response

200

HTTP Request

GET http://hostads.cn/news/pics/20201117/1605603859.jpg

HTTP Response

200

HTTP Request

GET http://hostads.cn/news/pics/20201117/1605593055.jpg

HTTP Response

200

HTTP Request

GET http://hostads.cn/news/pics/20201117/1605590873.jpg

HTTP Response

200

HTTP Request

GET http://hostads.cn/news/pics/20201117/1605588110.jpg

HTTP Response

200

HTTP Request

GET http://hostads.cn/news/pics/20201116/1605540491.jpg

HTTP Response

200

HTTP Request

GET http://hostads.cn/news/pics/20201116/1605505945.jpg

HTTP Response

200

HTTP Request

GET http://hostads.cn/news/pics/20201116/1605463384.jpg

HTTP Response

200

HTTP Request

GET http://hostads.cn/news/pics/20201116/1605461543.jpg

HTTP Response

200
101.33.116.226:80

http://hostads.cn/diy/pics/20101026/1288073960.jpg

http

1.8kB
8.7kB
13
10

HTTP Request

GET http://hostads.cn/base/js/blockui.js

HTTP Response

200

HTTP Request

GET http://hostads.cn/menu/js/dropmenu47.js

HTTP Response

200

HTTP Request

GET http://hostads.cn/diy/pics/20101026/1288073960.jpg

HTTP Response

200
142.250.200.35:443

https://update.googleapis.com/service/update2

tls, http

2.3kB
6.9kB
13
14

HTTP Request

POST https://update.googleapis.com/service/update2

HTTP Response

200
142.250.187.228:443

tls, https

843 B
40 B
2
1
142.250.187.228:443

www.google.com

tls

11.2kB
12.3kB
32
40
142.250.200.35:443

update.googleapis.com

tls

135 B
40 B
2
1
172.217.16.238:443

android.apis.google.com

tls

2.0kB
6.0kB
11
11

1.1.1.1:53

android.apis.google.com

dns

69 B
109 B
1
1

DNS Request

android.apis.google.com

DNS Response

172.217.169.78
224.0.0.251:5353

3.7kB
11
1.1.1.1:53

android.apis.google.com

dns

69 B
109 B
1
1

DNS Request

android.apis.google.com

DNS Response

172.217.169.78
1.1.1.1:53

accounts.google.com

dns

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

64.233.184.84
1.1.1.1:53

accounts.google.com

dns

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

108.177.15.84
1.1.1.1:53

www.clippings.de

dns

62 B
132 B
1
1

DNS Request

www.clippings.de
1.1.1.1:53

www.clippings.de

dns

62 B
132 B
1
1

DNS Request

www.clippings.de
1.1.1.1:53

www.clippings.de

dns

62 B
132 B
1
1

DNS Request

www.clippings.de
1.1.1.1:53

hostads.cn

dns

56 B
72 B
1
1

DNS Request

hostads.cn

DNS Response

101.33.116.226
1.1.1.1:53

www.clippings.de

dns

62 B
132 B
1
1

DNS Request

www.clippings.de
1.1.1.1:53

ssl.google-analytics.com

dns

70 B
86 B
1
1

DNS Request

ssl.google-analytics.com

DNS Response

172.217.169.72
1.1.1.1:53

update.googleapis.com

dns

67 B
83 B
1
1

DNS Request

update.googleapis.com

DNS Response

142.250.200.35
1.1.1.1:53

update.googleapis.com

dns

67 B
83 B
1
1

DNS Request

update.googleapis.com

DNS Response

142.250.187.227
1.1.1.1:53

android.apis.google.com

dns

69 B
109 B
1
1

DNS Request

android.apis.google.com

DNS Response

172.217.16.238

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request