POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116404406%26tm%3D1752411640%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
200 OK 0 B URL POST HTTPS
px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116404406%26tm%3D1752411640%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP / ASN
111.63.205.135
#24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Information
Issuer GlobalSign nv-sa
Subject *.wpk.quark.cn
Fingerprint AD:F6:E9:09:AA:9C:EB:99:E9:D4:95:0D:7F:0A:EF:1A:2F:64:8D:49
Validity Wed, 26 Mar 2025 08:26:31 GMT - Mon, 27 Apr 2026 08:26:30 GMT
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116404406%26tm%3D1752411640%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2427
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: tfstk=g2KthCvDszX6o4tOKdu3n1zI0_HoE2vZJCJ7msfglBdp3IQclNXGDZO1thbcf1ALdTXAGx5b56dpTCEgmG1gHipvwIQqQsffMIvXSFnoqdJN0i1jZ0mk3h_rKhCbiisNA7wHFumoqdJ10iGoZ0xcG3eR6ssbctaIpT5CCsOf1wNCeTSfcI_1AW6Phsw_5NZIpt5CGisXGpMdn61X_MuOOR1zDFK3ZVDSZsZbcHBO5gv11o6evOQONda0cowPBNCWC6l_7SZCyC_v0YEp9nCAo_7aFR1vyB-Of3MbyiTBs3Iyq3x-drPlwt4tpna4uN6Ea8rHW16zb6BdZAHTur7dL9CopvU4uN6Fp_DtBrzVJ95..; isg=BBUVRikp0SeugPXbqp9oItYBJxjPEskkCRfe75e60Qzb7jXgX2LZ9COsvGrYdeHc; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; xlly_s=1; __sdid=AAQMwjnWreD0cLX6QC4YABFrS4GNS+SLNi/Je/nntAROFjHpr06RlUnBZ/Qf3ypmMbg=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sun, 13 Jul 2025 13:00:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116387406%26tm%3D1752411638%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
200 OK 0 B URL POST HTTPS
px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116387406%26tm%3D1752411638%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP / ASN
111.63.205.135
#24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Information
Issuer GlobalSign nv-sa
Subject *.wpk.quark.cn
Fingerprint AD:F6:E9:09:AA:9C:EB:99:E9:D4:95:0D:7F:0A:EF:1A:2F:64:8D:49
Validity Wed, 26 Mar 2025 08:26:31 GMT - Mon, 27 Apr 2026 08:26:30 GMT
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116387406%26tm%3D1752411638%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2446
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: tfstk=g2KthCvDszX6o4tOKdu3n1zI0_HoE2vZJCJ7msfglBdp3IQclNXGDZO1thbcf1ALdTXAGx5b56dpTCEgmG1gHipvwIQqQsffMIvXSFnoqdJN0i1jZ0mk3h_rKhCbiisNA7wHFumoqdJ10iGoZ0xcG3eR6ssbctaIpT5CCsOf1wNCeTSfcI_1AW6Phsw_5NZIpt5CGisXGpMdn61X_MuOOR1zDFK3ZVDSZsZbcHBO5gv11o6evOQONda0cowPBNCWC6l_7SZCyC_v0YEp9nCAo_7aFR1vyB-Of3MbyiTBs3Iyq3x-drPlwt4tpna4uN6Ea8rHW16zb6BdZAHTur7dL9CopvU4uN6Fp_DtBrzVJ95..; isg=BBUVRikp0SeugPXbqp9oItYBJxjPEskkCRfe75e60Qzb7jXgX2LZ9COsvGrYdeHc; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; xlly_s=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sun, 13 Jul 2025 13:00:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
GET 127.0.0.1:9125/desktop_share_visiting?pwd_id=8510b49&passcode=&__dt=5088&__t=1752411638924
0 B URL GET HTTP
127.0.0.1:9125/desktop_share_visiting?pwd_id=8510b49&passcode=&__dt=5088&__t=1752411638924
IP / ASN
0.0.0.0
#0
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_share_visiting?pwd_id=8510b49&passcode=&__dt=5088&__t=1752411638924 HTTP/1.1
Host: 127.0.0.1:9125
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D1752411638972%26tm%3D1752411638%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
200 OK 0 B URL POST HTTPS
px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D1752411638972%26tm%3D1752411638%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP / ASN
111.63.205.135
#24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Information
Issuer GlobalSign nv-sa
Subject *.wpk.quark.cn
Fingerprint AD:F6:E9:09:AA:9C:EB:99:E9:D4:95:0D:7F:0A:EF:1A:2F:64:8D:49
Validity Wed, 26 Mar 2025 08:26:31 GMT - Mon, 27 Apr 2026 08:26:30 GMT
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D1752411638972%26tm%3D1752411638%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 4899
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: tfstk=g2KthCvDszX6o4tOKdu3n1zI0_HoE2vZJCJ7msfglBdp3IQclNXGDZO1thbcf1ALdTXAGx5b56dpTCEgmG1gHipvwIQqQsffMIvXSFnoqdJN0i1jZ0mk3h_rKhCbiisNA7wHFumoqdJ10iGoZ0xcG3eR6ssbctaIpT5CCsOf1wNCeTSfcI_1AW6Phsw_5NZIpt5CGisXGpMdn61X_MuOOR1zDFK3ZVDSZsZbcHBO5gv11o6evOQONda0cowPBNCWC6l_7SZCyC_v0YEp9nCAo_7aFR1vyB-Of3MbyiTBs3Iyq3x-drPlwt4tpna4uN6Ea8rHW16zb6BdZAHTur7dL9CopvU4uN6Fp_DtBrzVJ95..; isg=BBUVRikp0SeugPXbqp9oItYBJxjPEskkCRfe75e60Qzb7jXgX2LZ9COsvGrYdeHc; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; xlly_s=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sun, 13 Jul 2025 13:00:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
GET 127.0.0.1:9130/desktop_info?__dt=5448&__t=1752411639284
0 B URL GET HTTP
127.0.0.1:9130/desktop_info?__dt=5448&__t=1752411639284
IP / ASN
0.0.0.0
#0
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=5448&__t=1752411639284 HTTP/1.1
Host: 127.0.0.1:9130
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/10.css
200 OK 0 B URL GET HTTPS
g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/10.css
IP / ASN
23.36.77.80
#20940 Akamai International B.V.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Information
Issuer DigiCert Inc
Subject air.alistatic.com
Fingerprint 78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F
Validity Thu, 05 Jun 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.53/10.css HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 0
Server: Tengine
x-oss-request-id: 6873ADF8B0CAA23631312A25
Accept-Ranges: bytes
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 0
x-oss-storage-class: Standard
Cache-Control: max-age=2592000,s-maxage=86400
Content-MD5: 1B2M2Y8AsgTpgAmY7PhCfg==
x-bucket-code: 3
Ups-Target-Key: cdn-relay.vipserver
X-protocol: HTTP/1.1
EagleEye-TraceId: 211b41d917524116404447786e1f32
Strict-Transport-Security: max-age=0
s-brt: 7
s-rt: 8
Date: Sun, 13 Jul 2025 13:00:40 GMT
Connection: keep-alive
SERVED-FROM: 23.36.77.76
Network_Info: NO_OSLO_50304
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: FW_IP
FW_IP: 23.36.77.80
GET g.alicdn.com/secdev/sufei_data/3.9.14/index.js
200 OK 18 kB URL GET HTTPS
g.alicdn.com/secdev/sufei_data/3.9.14/index.js
IP / ASN
23.36.77.80
#20940 Akamai International B.V.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type JavaScript source, ASCII text, with very long lines (17754), with no line terminators
First Seen 2023-09-23
Last Seen 2025-08-11
Times Seen 70649
Size 18 kB (17754 bytes)
MD5 b9a5a9592db7e29feb4cc5e8814dea21
SHA1 7efbde36c1131ebd7b51ae536eb087a8cebdbb7e
SHA256 f4425a89ec24254262bc3d81a838890e5c9740428e28cd96e520c5bf8ddffa4c
Certificate Information
Issuer DigiCert Inc
Subject air.alistatic.com
Fingerprint 78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F
Validity Thu, 05 Jun 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT
GET /secdev/sufei_data/3.9.14/index.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7398
Server: Tengine
x-oss-request-id: 68625C8CD5460937354444FC
Accept-Ranges: bytes
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12593839585633272550
x-oss-storage-class: Standard
Content-Encoding: gzip
Content-MD5: mYdC0z0rPw0pY52mKJdpuQ==
x-oss-server-time: 21
x-bucket-code: 3
Ups-Target-Key: cdn-relay.vipserver
X-protocol: HTTP/1.1
EagleEye-TraceId: 211b427e17512766844763104e1fce
Strict-Transport-Security: max-age=0
s-brt: 28
s-rt: 28
SERVED-FROM: 2.23.186.216
Cache-Control: max-age=98865047
Expires: Wed, 30 Aug 2028 19:31:23 GMT
Date: Sun, 13 Jul 2025 13:00:36 GMT
Connection: keep-alive
Vary: Accept-Encoding
Network_Info: NO_OSLO_50304
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: FW_IP
FW_IP: 23.36.77.80
GET fourier.taobao.com/rp?ext=51&data=jm_null&random=49362744018555105&href=https%3A%2F%2Fpan.quark.cn%2Fs%2F8510b49&protocol=https:&callback=jsonpCallback
200 OK 1.4 kB URL GET HTTPS
fourier.taobao.com/rp?ext=51&data=jm_null&random=49362744018555105&href=https%3A%2F%2Fpan.quark.cn%2Fs%2F8510b49&protocol=https:&callback=jsonpCallback
IP / ASN
124.239.14.250
#4134 Chinanet
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type JavaScript source, ASCII text, with very long lines (1441), with no line terminators
First Seen 2023-07-13
Last Seen 2025-08-11
Times Seen 62749
Size 1.4 kB (1441 bytes)
MD5 8af8a0f23331af9be132b12dd8d9626d
SHA1 874603d29b0664147d9d19262587f5cf0bfa7bc2
SHA256 29b7217acb615f118fba97483fb6909f81af614d76294e7e1a4bc1d3d2506c9a
Certificate Information
Issuer GlobalSign nv-sa
Subject tfe.alibaba.com
Fingerprint 2A:E7:3A:AD:21:93:AF:7D:07:7B:ED:C0:D4:25:1B:59:27:BF:EA:34
Validity Wed, 19 Mar 2025 08:54:01 GMT - Mon, 05 Jan 2026 02:01:01 GMT
GET /rp?ext=51&data=jm_null&random=49362744018555105&href=https%3A%2F%2Fpan.quark.cn%2Fs%2F8510b49&protocol=https:&callback=jsonpCallback HTTP/1.1
Host: fourier.taobao.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 13 Jul 2025 13:00:37 GMT
content-type: application/javascript;charset=UTF-8
vary: Accept-Encoding
server: Tengine
cache-control: no-store
access-control-allow-credentials: true
use-raw: true
bxuuid: {"login-token":"605cc53227488159194196790dff0cca___273523___d628e90dd45e6d96d89afeef5c44e4e6"}
bxpunish: 1
x5-punish-cache: miss
content-encoding: gzip
X-Firefox-Spdy: h2
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116391950%26tm%3D1752411639%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Djsfsperf%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
200 OK 0 B URL POST HTTPS
px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116391950%26tm%3D1752411639%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Djsfsperf%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP / ASN
111.63.205.135
#24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Information
Issuer GlobalSign nv-sa
Subject *.wpk.quark.cn
Fingerprint AD:F6:E9:09:AA:9C:EB:99:E9:D4:95:0D:7F:0A:EF:1A:2F:64:8D:49
Validity Wed, 26 Mar 2025 08:26:31 GMT - Mon, 27 Apr 2026 08:26:30 GMT
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116391950%26tm%3D1752411639%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Djsfsperf%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1624
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: tfstk=g2KthCvDszX6o4tOKdu3n1zI0_HoE2vZJCJ7msfglBdp3IQclNXGDZO1thbcf1ALdTXAGx5b56dpTCEgmG1gHipvwIQqQsffMIvXSFnoqdJN0i1jZ0mk3h_rKhCbiisNA7wHFumoqdJ10iGoZ0xcG3eR6ssbctaIpT5CCsOf1wNCeTSfcI_1AW6Phsw_5NZIpt5CGisXGpMdn61X_MuOOR1zDFK3ZVDSZsZbcHBO5gv11o6evOQONda0cowPBNCWC6l_7SZCyC_v0YEp9nCAo_7aFR1vyB-Of3MbyiTBs3Iyq3x-drPlwt4tpna4uN6Ea8rHW16zb6BdZAHTur7dL9CopvU4uN6Fp_DtBrzVJ95..; isg=BBUVRikp0SeugPXbqp9oItYBJxjPEskkCRfe75e60Qzb7jXgX2LZ9COsvGrYdeHc; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; xlly_s=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sun, 13 Jul 2025 13:00:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/3.css
200 OK 14 kB URL GET HTTPS
g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/3.css
IP / ASN
23.36.77.80
#20940 Akamai International B.V.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type ASCII text, with very long lines (13514), with no line terminators
First Seen 2024-05-02
Last Seen 2025-07-30
Times Seen 49
Size 14 kB (13514 bytes)
MD5 0ac2198205f34d354c11485ae483c9c8
SHA1 593836e8870490f35c0096d00abc39cdcb0589ff
SHA256 ab2fd211e3bfdab9fc5f75dfcfb7070f020136efb358936910679153f0252bf0
Certificate Information
Issuer DigiCert Inc
Subject air.alistatic.com
Fingerprint 78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F
Validity Thu, 05 Jun 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.53/3.css HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Server: Tengine
x-oss-request-id: 6867A80176D42039373F1BD1
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6503920091607059610
x-oss-storage-class: Standard
Content-MD5: CsIZggXzTTVMEUha5IPJyA==
x-oss-server-time: 6
Content-Encoding: gzip
x-bucket-code: 3
Ups-Target-Key: cdn-relay.vipserver
X-protocol: HTTP/1.1
EagleEye-TraceId: 211b800a17516236810297225e1e38
Strict-Transport-Security: max-age=0
s-brt: 12
s-rt: 13
Content-Length: 2090
Cache-Control: max-age=1804041, s-maxage=86400
Expires: Sun, 03 Aug 2025 10:08:01 GMT
Date: Sun, 13 Jul 2025 13:00:40 GMT
Connection: keep-alive
Vary: Accept-Encoding
SERVED-FROM: 23.36.77.68
Network_Info: NO_OSLO_50304
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: FW_IP
FW_IP: 23.36.77.80
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/assets/6fb04f2419f89b5ea8956d35b9679b8b.svg
200 OK 9.4 kB URL GET HTTPS
g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/assets/6fb04f2419f89b5ea8956d35b9679b8b.svg
IP / ASN
23.36.77.80
#20940 Akamai International B.V.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type SVG Scalable Vector Graphics image
First Seen 2023-08-16
Last Seen 2025-07-30
Times Seen 81
Size 9.4 kB (9366 bytes)
MD5 6fb04f2419f89b5ea8956d35b9679b8b
SHA1 e6a402a458b2f9b90df5a194e58abcfc7b79f810
SHA256 8e7dde8834d2f4f5992a8d0105bb5ac36e77e937e2656c0b4da36feab864baad
Certificate Information
Issuer DigiCert Inc
Subject air.alistatic.com
Fingerprint 78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F
Validity Thu, 05 Jun 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.53/assets/6fb04f2419f89b5ea8956d35b9679b8b.svg HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Server: Tengine
x-oss-request-id: 6867A801B7AA22333041304C
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8792825221831085489
x-oss-storage-class: Standard
Content-MD5: b7BPJBn4m16olW01uWebiw==
x-oss-server-time: 7
x-bucket-code: 3
Ups-Target-Key: cdn-relay.vipserver
X-protocol: HTTP/1.1
EagleEye-TraceId: 211b800a17516236819733888e1c6b
Strict-Transport-Security: max-age=0
s-brt: 12
s-rt: 13
Content-Encoding: gzip
Content-Length: 3903
Cache-Control: max-age=1804041, s-maxage=86400
Date: Sun, 13 Jul 2025 13:00:40 GMT
Connection: keep-alive
Vary: Accept-Encoding
SERVED-FROM: 23.36.77.68
Network_Info: NO_OSLO_50304
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: FW_IP
FW_IP: 23.36.77.80
GET fourier.taobao.com/ts?url=&token=BFNTh3vTPwk8OfPdWFW2PAQr4d59COfKO01YaQVwr3KphHMmjdh3GrHSumzqPz_C&cna=&ext=1
200 OK 0 B URL GET HTTPS
fourier.taobao.com/ts?url=&token=BFNTh3vTPwk8OfPdWFW2PAQr4d59COfKO01YaQVwr3KphHMmjdh3GrHSumzqPz_C&cna=&ext=1
IP / ASN
124.239.14.250
#4134 Chinanet
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Information
Issuer GlobalSign nv-sa
Subject tfe.alibaba.com
Fingerprint 2A:E7:3A:AD:21:93:AF:7D:07:7B:ED:C0:D4:25:1B:59:27:BF:EA:34
Validity Wed, 19 Mar 2025 08:54:01 GMT - Mon, 05 Jan 2026 02:01:01 GMT
GET /ts?url=&token=BFNTh3vTPwk8OfPdWFW2PAQr4d59COfKO01YaQVwr3KphHMmjdh3GrHSumzqPz_C&cna=&ext=1 HTTP/1.1
Host: fourier.taobao.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 13 Jul 2025 13:00:37 GMT
content-type: image/gif
content-length: 0
server: Tengine
X-Firefox-Spdy: h2
GET pan.quark.cn/api/computerinfo?fr=pc&platform=pc&__dt=4280&__t=1752411638116
200 OK 38 B URL GET HTTPS
pan.quark.cn/api/computerinfo?fr=pc&platform=pc&__dt=4280&__t=1752411638116
IP / ASN
203.119.175.189
#37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type JSON text data
First Seen 2023-05-17
Last Seen 2025-07-30
Times Seen 75
Size 38 B (38 bytes)
MD5 8e8018db2ef2b18e8ce281dfd5bc12d1
SHA1 633dff1815e3d644dd4b467a73bde50e11257a87
SHA256 11a5c88b44bff43e035ef460f19a3137da784bbf8e25ee666b9822f5a278bd5f
Certificate Information
Issuer GlobalSign nv-sa
Subject *.alibaba.com
Fingerprint 5D:34:66:EE:A8:8C:B2:D4:AF:90:98:90:65:36:B3:C7:5F:E8:4D:5B
Validity Tue, 11 Mar 2025 05:07:02 GMT - Sun, 12 Apr 2026 05:01:06 GMT
GET /api/computerinfo?fr=pc&platform=pc&__dt=4280&__t=1752411638116 HTTP/1.1
Host: pan.quark.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/s/8510b49
Cookie: ctoken=MtWyeD77vFvEcppIV52Ylmkx; web-grey-id=279d8fb0-14e1-58c7-64f3-0f2250c35341; web-grey-id.sig=q_A7uWoMYekjIjkx8lO5zsvUezD6-FAjF33FTZmXDSU; tfstk=g2KthCvDszX6o4tOKdu3n1zI0_HoE2vZJCJ7msfglBdp3IQclNXGDZO1thbcf1ALdTXAGx5b56dpTCEgmG1gHipvwIQqQsffMIvXSFnoqdJN0i1jZ0mk3h_rKhCbiisNA7wHFumoqdJ10iGoZ0xcG3eR6ssbctaIpT5CCsOf1wNCeTSfcI_1AW6Phsw_5NZIpt5CGisXGpMdn61X_MuOOR1zDFK3ZVDSZsZbcHBO5gv11o6evOQONda0cowPBNCWC6l_7SZCyC_v0YEp9nCAo_7aFR1vyB-Of3MbyiTBs3Iyq3x-drPlwt4tpna4uN6Ea8rHW16zb6BdZAHTur7dL9CopvU4uN6Fp_DtBrzVJ95..; isg=BBUVRikp0SeugPXbqp9oItYBJxjPEskkCRfe75e60Qzb7jXgX2LZ9COsvGrYdeHc; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; xlly_s=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 13 Jul 2025 13:00:38 GMT
content-type: application/json; charset=utf-8
content-length: 38
vary: Accept-Encoding, Origin
x-server-id: a132805fe77874e4b29c9334f3d6bf617efccfb643b4fef0f62a1d1c5235b4da4c427b534959585769e0864a7a6bbec4
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
strict-transport-security: max-age=31536000
x-readtime: 1
server: Tengine/Aserver
eagleeye-traceid: 213e366217524116385812980e1a19
timing-allow-origin: *
X-Firefox-Spdy: h2
POST drive-h.quark.cn/1/clouddrive/share/sharepage/token?pr=ucpro&fr=pc&uc_param_str=&__dt=4280&__t=1752411638116
404 Not Found 211 B URL POST HTTPS
drive-h.quark.cn/1/clouddrive/share/sharepage/token?pr=ucpro&fr=pc&uc_param_str=&__dt=4280&__t=1752411638116
IP / ASN
59.82.122.193
#37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type JSON text data
First Seen 2025-07-13
Last Seen 2025-07-13
Times Seen 1
Size 211 B (211 bytes)
MD5 ddf20479ae0f67726a7bbc0f8d2797fc
SHA1 33770b3ec99d7d6343218958af99fa683dd2cb4c
SHA256 a7e073bffd4bca8b31c9a43eedd73e22f836d78a5c6491ce2597e7c81fba9f71
Certificate Information
Issuer GlobalSign nv-sa
Subject *.alibaba.com
Fingerprint 5D:34:66:EE:A8:8C:B2:D4:AF:90:98:90:65:36:B3:C7:5F:E8:4D:5B
Validity Tue, 11 Mar 2025 05:07:02 GMT - Sun, 12 Apr 2026 05:01:06 GMT
POST /1/clouddrive/share/sharepage/token?pr=ucpro&fr=pc&uc_param_str=&__dt=4280&__t=1752411638116 HTTP/1.1
Host: drive-h.quark.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 75
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: tfstk=g2KthCvDszX6o4tOKdu3n1zI0_HoE2vZJCJ7msfglBdp3IQclNXGDZO1thbcf1ALdTXAGx5b56dpTCEgmG1gHipvwIQqQsffMIvXSFnoqdJN0i1jZ0mk3h_rKhCbiisNA7wHFumoqdJ10iGoZ0xcG3eR6ssbctaIpT5CCsOf1wNCeTSfcI_1AW6Phsw_5NZIpt5CGisXGpMdn61X_MuOOR1zDFK3ZVDSZsZbcHBO5gv11o6evOQONda0cowPBNCWC6l_7SZCyC_v0YEp9nCAo_7aFR1vyB-Of3MbyiTBs3Iyq3x-drPlwt4tpna4uN6Ea8rHW16zb6BdZAHTur7dL9CopvU4uN6Fp_DtBrzVJ95..; isg=BBUVRikp0SeugPXbqp9oItYBJxjPEskkCRfe75e60Qzb7jXgX2LZ9COsvGrYdeHc; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; xlly_s=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sun, 13 Jul 2025 13:00:40 GMT
content-type: application/json;charset=UTF-8
server: Tengine
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
x-application-context: clouddrive-api:dev,online,quark:9019
x-req-id: 9802sg-26b1662ab42a54
access-control-allow-origin: https://pan.quark.cn
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
set-cookie: __sdid=AAQMwjnWreD0cLX6QC4YABFrS4GNS+SLNi/Je/nntAROFjHpr06RlUnBZ/Qf3ypmMbg=; Max-Age=2592000; Expires=Tue, 12-Aug-2025 13:00:40 GMT; Domain=quark.cn; Path=/
content-encoding: gzip
eagleeye-traceid: 213d8d6217524116401665601e8a33
X-Firefox-Spdy: h2
GET 127.0.0.1:9127/desktop_info?__dt=5243&__t=1752411639079
0 B URL GET HTTP
127.0.0.1:9127/desktop_info?__dt=5243&__t=1752411639079
IP / ASN
0.0.0.0
#0
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=5243&__t=1752411639079 HTTP/1.1
Host: 127.0.0.1:9127
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/3.js
200 OK 18 kB URL GET HTTPS
g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/3.js
IP / ASN
23.36.77.80
#20940 Akamai International B.V.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type JavaScript source, ASCII text, with very long lines (18389)
First Seen 2025-07-08
Last Seen 2025-07-30
Times Seen 18
Size 18 kB (18419 bytes)
MD5 c05823a5d298e9519fe4075d229b9f1b
SHA1 4e2bf099cfcf7fe745de41118d617aeef45eb04b
SHA256 a8281c7a85470d9711bb06bc53ecae840fe1582c013ac5126ed72742f64f4619
Certificate Information
Issuer DigiCert Inc
Subject air.alistatic.com
Fingerprint 78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F
Validity Thu, 05 Jun 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.53/3.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Server: Tengine
x-oss-request-id: 6867A801B7AA22343037274C
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 646511422330876251
x-oss-storage-class: Standard
Content-MD5: wFgjpdKY6VGf5AddIpufGw==
x-oss-server-time: 4
Content-Encoding: gzip
x-bucket-code: 3
Ups-Target-Key: cdn-relay.vipserver
X-protocol: HTTP/1.1
EagleEye-TraceId: 210386a117516236810677053e2076
Strict-Transport-Security: max-age=0
s-brt: 12
s-rt: 13
Content-Length: 4481
Cache-Control: max-age=1804041, s-maxage=86400
Expires: Sun, 03 Aug 2025 10:08:01 GMT
Date: Sun, 13 Jul 2025 13:00:40 GMT
Connection: keep-alive
Vary: Accept-Encoding
SERVED-FROM: 23.36.77.68
Network_Info: NO_OSLO_50304
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: FW_IP
FW_IP: 23.36.77.80
GET at.alicdn.com/t/a/font_3307044_hpwqh5w4658.js
200 OK 21 kB URL GET HTTPS
at.alicdn.com/t/a/font_3307044_hpwqh5w4658.js
IP / ASN
47.246.44.177
#24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type ASCII text, with very long lines (21354), with no line terminators
First Seen 2025-07-08
Last Seen 2025-07-30
Times Seen 15
Size 21 kB (21354 bytes)
MD5 f189162a1314ea64b583db8add81efe2
SHA1 721e34af9cfac25c9f8902864f6fe58a80c76982
SHA256 f97bdc054a62568b5deae5b987bf90e076b5b25097e33cf632707789e113bfbc
Certificate Information
Issuer GlobalSign nv-sa
Subject *.tbcdn.cn
Fingerprint 64:77:72:8B:BB:58:44:79:90:C3:B0:8D:35:BC:EC:6C:D6:35:BD:83
Validity Mon, 16 Jun 2025 09:41:05 GMT - Sat, 18 Jul 2026 09:41:04 GMT
GET /t/a/font_3307044_hpwqh5w4658.js HTTP/1.1
Host: at.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
date: Fri, 04 Jul 2025 09:56:09 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Origin
x-oss-request-id: 6867A5396AD0C439398A762A
etag: W/"F189162A1314EA64B583DB8ADD81EFE2"
last-modified: Tue, 20 May 2025 08:32:49 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10461061313360771468
x-oss-storage-class: Standard
cache-control: max-age=63072000
content-md5: 8YkWKhMU6mS1g9uK3YHv4g==
x-oss-server-time: 1
via: ens-cache3.l2de3[0,0,200-0,H], ens-cache6.l2de3[1,0], ens-cache8.se2[0,0,200-0,H], ens-cache3.se2[1,0]
age: 788671
ali-swift-global-savetime: 1751622969
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Fri, 04 Jul 2025 10:40:26 GMT
x-swift-cachetime: 63069343
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62c9717524116406935951e
content-encoding: gzip
X-Firefox-Spdy: h2
POST track.lc.quark.cn/collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&sid=4af0d703-5b94-60c9-ae97-0b3f7f8f8ee9&appid=29351a4155a4&dn=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&ut=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&ds=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=5f4c73f0-5fe9-11f0-9c9f-936bf6d14045&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.53&system_enter_type=windows&share_dn=48655544-6bdb-4937-a82d-74e9e117798d&pwdid=8510b49&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.53&auto_save=0&sharelink_source=other&new_visitor=true&first_v_time=1752411638115&computer_info_succ=0&stat_a=a2s0k&stat_b=activity&stat_c=0&stat_d=0&event_id=19999¬_product_log=1&type=event&arg1=weak_computer_info&arg1_h5=weak_computer_info<=event&c_lt=event&cost_time=921&no_url_de=1&spm=a2s0k.activity.0.0&time=1752411638847
200 0 B URL POST HTTPS
track.lc.quark.cn/collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&sid=4af0d703-5b94-60c9-ae97-0b3f7f8f8ee9&appid=29351a4155a4&dn=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&ut=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&ds=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=5f4c73f0-5fe9-11f0-9c9f-936bf6d14045&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.53&system_enter_type=windows&share_dn=48655544-6bdb-4937-a82d-74e9e117798d&pwdid=8510b49&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.53&auto_save=0&sharelink_source=other&new_visitor=true&first_v_time=1752411638115&computer_info_succ=0&stat_a=a2s0k&stat_b=activity&stat_c=0&stat_d=0&event_id=19999¬_product_log=1&type=event&arg1=weak_computer_info&arg1_h5=weak_computer_info<=event&c_lt=event&cost_time=921&no_url_de=1&spm=a2s0k.activity.0.0&time=1752411638847
IP / ASN
123.182.51.94
#141771 China Telecom
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Information
Issuer GlobalSign nv-sa
Subject *.lc.quark.cn
Fingerprint 1E:65:1B:5E:A8:50:2C:ED:C6:28:D4:34:0B:D4:DB:B8:8B:7F:46:56
Validity Wed, 19 Mar 2025 05:41:07 GMT - Mon, 20 Apr 2026 05:41:06 GMT
POST /collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&sid=4af0d703-5b94-60c9-ae97-0b3f7f8f8ee9&appid=29351a4155a4&dn=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&ut=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&ds=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=5f4c73f0-5fe9-11f0-9c9f-936bf6d14045&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.53&system_enter_type=windows&share_dn=48655544-6bdb-4937-a82d-74e9e117798d&pwdid=8510b49&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.53&auto_save=0&sharelink_source=other&new_visitor=true&first_v_time=1752411638115&computer_info_succ=0&stat_a=a2s0k&stat_b=activity&stat_c=0&stat_d=0&event_id=19999¬_product_log=1&type=event&arg1=weak_computer_info&arg1_h5=weak_computer_info<=event&c_lt=event&cost_time=921&no_url_de=1&spm=a2s0k.activity.0.0&time=1752411638847 HTTP/1.1
Host: track.lc.quark.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: tfstk=g2KthCvDszX6o4tOKdu3n1zI0_HoE2vZJCJ7msfglBdp3IQclNXGDZO1thbcf1ALdTXAGx5b56dpTCEgmG1gHipvwIQqQsffMIvXSFnoqdJN0i1jZ0mk3h_rKhCbiisNA7wHFumoqdJ10iGoZ0xcG3eR6ssbctaIpT5CCsOf1wNCeTSfcI_1AW6Phsw_5NZIpt5CGisXGpMdn61X_MuOOR1zDFK3ZVDSZsZbcHBO5gv11o6evOQONda0cowPBNCWC6l_7SZCyC_v0YEp9nCAo_7aFR1vyB-Of3MbyiTBs3Iyq3x-drPlwt4tpna4uN6Ea8rHW16zb6BdZAHTur7dL9CopvU4uN6Fp_DtBrzVJ95..; isg=BBUVRikp0SeugPXbqp9oItYBJxjPEskkCRfe75e60Qzb7jXgX2LZ9COsvGrYdeHc; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; xlly_s=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200
Date: Sun, 13 Jul 2025 13:00:39 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 33
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Access-Control-Allow-Origin: https://pan.quark.cn, *
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116389906%26tm%3D1752411638%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
200 OK 0 B URL POST HTTPS
px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116389906%26tm%3D1752411638%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP / ASN
111.63.205.135
#24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Information
Issuer GlobalSign nv-sa
Subject *.wpk.quark.cn
Fingerprint AD:F6:E9:09:AA:9C:EB:99:E9:D4:95:0D:7F:0A:EF:1A:2F:64:8D:49
Validity Wed, 26 Mar 2025 08:26:31 GMT - Mon, 27 Apr 2026 08:26:30 GMT
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116389906%26tm%3D1752411638%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1105
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: tfstk=g2KthCvDszX6o4tOKdu3n1zI0_HoE2vZJCJ7msfglBdp3IQclNXGDZO1thbcf1ALdTXAGx5b56dpTCEgmG1gHipvwIQqQsffMIvXSFnoqdJN0i1jZ0mk3h_rKhCbiisNA7wHFumoqdJ10iGoZ0xcG3eR6ssbctaIpT5CCsOf1wNCeTSfcI_1AW6Phsw_5NZIpt5CGisXGpMdn61X_MuOOR1zDFK3ZVDSZsZbcHBO5gv11o6evOQONda0cowPBNCWC6l_7SZCyC_v0YEp9nCAo_7aFR1vyB-Of3MbyiTBs3Iyq3x-drPlwt4tpna4uN6Ea8rHW16zb6BdZAHTur7dL9CopvU4uN6Fp_DtBrzVJ95..; isg=BBUVRikp0SeugPXbqp9oItYBJxjPEskkCRfe75e60Qzb7jXgX2LZ9COsvGrYdeHc; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; xlly_s=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sun, 13 Jul 2025 13:00:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
GET 127.0.0.1:9126/desktop_info?__dt=5130&__t=1752411638966
0 B URL GET HTTP
127.0.0.1:9126/desktop_info?__dt=5130&__t=1752411638966
IP / ASN
0.0.0.0
#0
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=5130&__t=1752411638966 HTTP/1.1
Host: 127.0.0.1:9126
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/10.js
200 OK 44 kB URL GET HTTPS
g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/10.js
IP / ASN
23.36.77.80
#20940 Akamai International B.V.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type JavaScript source, ASCII text, with very long lines (44489)
First Seen 2025-07-08
Last Seen 2025-07-30
Times Seen 15
Size 44 kB (44520 bytes)
MD5 7ee37a27c201267c133d0d1727a4b45e
SHA1 32609e7cd6ed3f64fc542fdabdfbc726d3228670
SHA256 896ad13295446f83c33cbaae52575dfebc907ab8712db26ddcb886ebc2ff6c2a
Certificate Information
Issuer DigiCert Inc
Subject air.alistatic.com
Fingerprint 78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F
Validity Thu, 05 Jun 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.53/10.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Server: Tengine
x-oss-request-id: 6867A80076D4203534A41AD1
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5093938127510627601
x-oss-storage-class: Standard
Content-MD5: fuN6J8IBJnwTPQ0XJ6S0Xg==
x-oss-server-time: 10
Content-Encoding: gzip
x-bucket-code: 3
Ups-Target-Key: cdn-relay.vipserver
X-protocol: HTTP/1.1
EagleEye-TraceId: 210386a117516236809804304e1e89
Strict-Transport-Security: max-age=0
s-brt: 19
s-rt: 20
Content-Length: 14983
Cache-Control: max-age=1804041, s-maxage=86400
Expires: Sun, 03 Aug 2025 10:08:01 GMT
Date: Sun, 13 Jul 2025 13:00:40 GMT
Connection: keep-alive
Vary: Accept-Encoding
SERVED-FROM: 23.36.77.68
Network_Info: NO_OSLO_50304
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: FW_IP
FW_IP: 23.36.77.80
GET image.quark.cn/s/uae/g/3o/cms/resource/1702472767194_2896046663_9346.png
200 OK 61 kB URL GET HTTPS
image.quark.cn/s/uae/g/3o/cms/resource/1702472767194_2896046663_9346.png
IP / ASN
101.226.28.238
#4812 China Telecom Group
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type PNG image data, 468 x 921, 8-bit colormap, non-interlaced
First Seen 2023-12-28
Last Seen 2025-07-30
Times Seen 69
Size 61 kB (60875 bytes)
MD5 6ece381b10dcbd78d3b2d97a000c6090
SHA1 a266877dbde9703a801e9c64bfc0de180cf7eb70
SHA256 ad6b5f7c77418a7e4f9ac61fdf6bb180d49492e75dc82d5f154acc186c2f23c5
Certificate Information
Issuer GlobalSign nv-sa
Subject image.quark.cn
Fingerprint C8:C4:05:AE:24:8F:DD:12:0B:54:EE:D6:8E:3F:8A:5C:A0:26:A5:E9
Validity Mon, 24 Mar 2025 06:16:20 GMT - Sat, 25 Apr 2026 06:16:19 GMT
GET /s/uae/g/3o/cms/resource/1702472767194_2896046663_9346.png HTTP/1.1
Host: image.quark.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: tfstk=g2KthCvDszX6o4tOKdu3n1zI0_HoE2vZJCJ7msfglBdp3IQclNXGDZO1thbcf1ALdTXAGx5b56dpTCEgmG1gHipvwIQqQsffMIvXSFnoqdJN0i1jZ0mk3h_rKhCbiisNA7wHFumoqdJ10iGoZ0xcG3eR6ssbctaIpT5CCsOf1wNCeTSfcI_1AW6Phsw_5NZIpt5CGisXGpMdn61X_MuOOR1zDFK3ZVDSZsZbcHBO5gv11o6evOQONda0cowPBNCWC6l_7SZCyC_v0YEp9nCAo_7aFR1vyB-Of3MbyiTBs3Iyq3x-drPlwt4tpna4uN6Ea8rHW16zb6BdZAHTur7dL9CopvU4uN6Fp_DtBrzVJ95..; isg=BBUVRikp0SeugPXbqp9oItYBJxjPEskkCRfe75e60Qzb7jXgX2LZ9COsvGrYdeHc; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; xlly_s=1; __sdid=AAQMwjnWreD0cLX6QC4YABFrS4GNS+SLNi/Je/nntAROFjHpr06RlUnBZ/Qf3ypmMbg=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 60875
date: Sat, 12 Jul 2025 11:52:33 GMT
cache-control: max-age=8640000
access-control-allow-origin: *
via: cache50.l2cn3160[0,0,304-0,H], cache80.l2cn3160[1,0], vcache16.cn4757[0,0,200-0,H], vcache7.cn4757[1,0]
etag: 2709ef51-edcb
age: 66
ali-swift-global-savetime: 1752321153
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Sat, 12 Jul 2025 11:52:33 GMT
x-swift-cachetime: 8640000
timing-allow-origin: *
eagleid: 65e21c9b17524116416255916e
X-Firefox-Spdy: h2
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/share.css
200 OK 240 kB URL GET HTTPS
g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/share.css
IP / ASN
23.36.77.80
#20940 Akamai International B.V.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type ASCII text, with very long lines (65536), with no line terminators
First Seen 2025-07-08
Last Seen 2025-07-14
Times Seen 11
Size 240 kB (240049 bytes)
MD5 304a63d08e6a3316bb16579a3746dbe3
SHA1 c0e4c13485ac913f1744415f5f1af8e7361f84b4
SHA256 6c0e307b3ee131424fae796936002ab0b31de2cc4f97743e6b761b91010a47bc
Certificate Information
Issuer DigiCert Inc
Subject air.alistatic.com
Fingerprint 78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F
Validity Thu, 05 Jun 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.53/share.css HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Server: Tengine
x-oss-request-id: 6867A7FD712A5831334E2C90
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15218835140199847296
x-oss-storage-class: Standard
Content-MD5: MEpj0I5qMxa7FleaN0bb4w==
x-oss-server-time: 2
Content-Encoding: gzip
x-bucket-code: 3
Ups-Target-Key: cdn-relay.vipserver
X-protocol: HTTP/1.1
EagleEye-TraceId: 211b800a17516236772476931e1f1f
Strict-Transport-Security: max-age=0
s-brt: 9
s-rt: 10
Content-Length: 71020
Cache-Control: max-age=1804041, s-maxage=86400
Expires: Sun, 03 Aug 2025 10:07:57 GMT
Date: Sun, 13 Jul 2025 13:00:36 GMT
Connection: keep-alive
Vary: Accept-Encoding
SERVED-FROM: 23.36.77.68
Network_Info: NO_OSLO_50304
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: FW_IP
FW_IP: 23.36.77.80
GET fourier.alibaba.com/ts?url=&token=g9Nx1hagmp0bJcNxrrWkSmJ5_DQhET44nozBscmDCuE87lHiCx0m6AZjqSDiGmqJP20tfNo6hEyzxyO0itlM6IlZ1Mjht647ufl1j6m9Rmz7zV_ol7YhpIGZ1Mjlt644ufrXiYiHkz_-u23s1xZ6Va3sSn96Gl_Ry0us1cZs1aUS4VG6_IXxVEie6-FkxtbCW0R6173xhX4jcCgzwqHxAr9M1CaZkxnQl0R6173xpoMT_wd825ntIDk2REiTpuPxGW_6pfw7mWIrRWVdPd-nvVvAy59wQxgPYeRuHdJZh4u-xZQvQdk-z4nhyapwQxgryDbAkdJZe45..&cna=undefined&ext=1
200 OK 0 B URL GET HTTPS
fourier.alibaba.com/ts?url=&token=g9Nx1hagmp0bJcNxrrWkSmJ5_DQhET44nozBscmDCuE87lHiCx0m6AZjqSDiGmqJP20tfNo6hEyzxyO0itlM6IlZ1Mjht647ufl1j6m9Rmz7zV_ol7YhpIGZ1Mjlt644ufrXiYiHkz_-u23s1xZ6Va3sSn96Gl_Ry0us1cZs1aUS4VG6_IXxVEie6-FkxtbCW0R6173xhX4jcCgzwqHxAr9M1CaZkxnQl0R6173xpoMT_wd825ntIDk2REiTpuPxGW_6pfw7mWIrRWVdPd-nvVvAy59wQxgPYeRuHdJZh4u-xZQvQdk-z4nhyapwQxgryDbAkdJZe45..&cna=undefined&ext=1
IP / ASN
47.246.167.183
#45102 Alibaba US Technology Co., Ltd.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Information
Issuer GlobalSign nv-sa
Subject *.alibaba.com
Fingerprint 5D:34:66:EE:A8:8C:B2:D4:AF:90:98:90:65:36:B3:C7:5F:E8:4D:5B
Validity Tue, 11 Mar 2025 05:07:02 GMT - Sun, 12 Apr 2026 05:01:06 GMT
GET /ts?url=&token=g9Nx1hagmp0bJcNxrrWkSmJ5_DQhET44nozBscmDCuE87lHiCx0m6AZjqSDiGmqJP20tfNo6hEyzxyO0itlM6IlZ1Mjht647ufl1j6m9Rmz7zV_ol7YhpIGZ1Mjlt644ufrXiYiHkz_-u23s1xZ6Va3sSn96Gl_Ry0us1cZs1aUS4VG6_IXxVEie6-FkxtbCW0R6173xhX4jcCgzwqHxAr9M1CaZkxnQl0R6173xpoMT_wd825ntIDk2REiTpuPxGW_6pfw7mWIrRWVdPd-nvVvAy59wQxgPYeRuHdJZh4u-xZQvQdk-z4nhyapwQxgryDbAkdJZe45..&cna=undefined&ext=1 HTTP/1.1
Host: fourier.alibaba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 13 Jul 2025 13:00:39 GMT
content-type: image/gif
content-length: 0
server: Tengine/Aserver
eagleeye-traceid: 2102f5dc17524116390015050e2541
strict-transport-security: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/share.js
200 OK 1.1 MB URL GET HTTPS
g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/share.js
IP / ASN
23.36.77.80
#20940 Akamai International B.V.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
First Seen 2025-07-08
Last Seen 2025-07-14
Times Seen 11
Size 1.1 MB (1065353 bytes)
MD5 030a49b7c585b820ff669b69da6e9593
SHA1 a40248de56c0765b958bfe4b5f8cdbaea53a9744
SHA256 42bc5987e632bfa4ab764f3fbcbccc079611f83c2706efedf74bb35c419046e0
Certificate Information
Issuer DigiCert Inc
Subject air.alistatic.com
Fingerprint 78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F
Validity Thu, 05 Jun 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.53/share.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Server: Tengine
x-oss-request-id: 6867A7FDD5460934316419D3
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7891307113887162676
x-oss-storage-class: Standard
Content-MD5: AwpJt8WFuCD/Zptp2m6Vkw==
x-oss-server-time: 14
Content-Encoding: gzip
x-bucket-code: 3
Ups-Target-Key: cdn-relay.vipserver
X-protocol: HTTP/1.1
EagleEye-TraceId: 211b41d917516236777857499e20e9
Strict-Transport-Security: max-age=0
s-brt: 24
s-rt: 25
Content-Length: 275876
SERVED-FROM: 23.73.3.224
Cache-Control: max-age=1804041, s-maxage=86400
Expires: Sun, 03 Aug 2025 10:07:57 GMT
Date: Sun, 13 Jul 2025 13:00:36 GMT
Connection: keep-alive
Vary: Accept-Encoding
Network_Info: NO_OSLO_50304
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: FW_IP
FW_IP: 23.36.77.80
GET px.wpk.quark.cn/api/v1/jconfig?wpk-header=app%3Diltsi7g3-0w3asjm9%26tm%3D1752411637%26ud%3D4d57f500-fb2a-43ed-91b9-94a498707581%26sver%3D1.2.8%26sign%3Dc41e43c828c16c16a6eb1c9c1e68e8ce
200 OK 1.5 kB URL GET HTTPS
px.wpk.quark.cn/api/v1/jconfig?wpk-header=app%3Diltsi7g3-0w3asjm9%26tm%3D1752411637%26ud%3D4d57f500-fb2a-43ed-91b9-94a498707581%26sver%3D1.2.8%26sign%3Dc41e43c828c16c16a6eb1c9c1e68e8ce
IP / ASN
111.63.205.135
#24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type JSON text data
First Seen 2025-07-13
Last Seen 2025-07-13
Times Seen 1
Size 1.5 kB (1453 bytes)
MD5 a26b5e0acb60c792e5b8c557790f6b85
SHA1 273770564285c340074314d6e8b7c00b05388d6c
SHA256 0f7b878ad42bf37b6f4abe4ec46b29086e80c0b1acd35b2b2573cfdb77812af3
Certificate Information
Issuer GlobalSign nv-sa
Subject *.wpk.quark.cn
Fingerprint AD:F6:E9:09:AA:9C:EB:99:E9:D4:95:0D:7F:0A:EF:1A:2F:64:8D:49
Validity Wed, 26 Mar 2025 08:26:31 GMT - Mon, 27 Apr 2026 08:26:30 GMT
GET /api/v1/jconfig?wpk-header=app%3Diltsi7g3-0w3asjm9%26tm%3D1752411637%26ud%3D4d57f500-fb2a-43ed-91b9-94a498707581%26sver%3D1.2.8%26sign%3Dc41e43c828c16c16a6eb1c9c1e68e8ce HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 13 Jul 2025 13:00:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116381739%26tm%3D1752411638%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Dflow%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
200 OK 0 B URL POST HTTPS
px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116381739%26tm%3D1752411638%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Dflow%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP / ASN
111.63.205.135
#24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Information
Issuer GlobalSign nv-sa
Subject *.wpk.quark.cn
Fingerprint AD:F6:E9:09:AA:9C:EB:99:E9:D4:95:0D:7F:0A:EF:1A:2F:64:8D:49
Validity Wed, 26 Mar 2025 08:26:31 GMT - Mon, 27 Apr 2026 08:26:30 GMT
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116381739%26tm%3D1752411638%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Dflow%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 975
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: tfstk=g2KthCvDszX6o4tOKdu3n1zI0_HoE2vZJCJ7msfglBdp3IQclNXGDZO1thbcf1ALdTXAGx5b56dpTCEgmG1gHipvwIQqQsffMIvXSFnoqdJN0i1jZ0mk3h_rKhCbiisNA7wHFumoqdJ10iGoZ0xcG3eR6ssbctaIpT5CCsOf1wNCeTSfcI_1AW6Phsw_5NZIpt5CGisXGpMdn61X_MuOOR1zDFK3ZVDSZsZbcHBO5gv11o6evOQONda0cowPBNCWC6l_7SZCyC_v0YEp9nCAo_7aFR1vyB-Of3MbyiTBs3Iyq3x-drPlwt4tpna4uN6Ea8rHW16zb6BdZAHTur7dL9CopvU4uN6Fp_DtBrzVJ95..; isg=BBUVRikp0SeugPXbqp9oItYBJxjPEskkCRfe75e60Qzb7jXgX2LZ9COsvGrYdeHc; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; xlly_s=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sun, 13 Jul 2025 13:00:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116398867%26tm%3D1752411639%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Dflow%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
200 OK 0 B URL POST HTTPS
px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116398867%26tm%3D1752411639%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Dflow%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP / ASN
111.63.205.135
#24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Information
Issuer GlobalSign nv-sa
Subject *.wpk.quark.cn
Fingerprint AD:F6:E9:09:AA:9C:EB:99:E9:D4:95:0D:7F:0A:EF:1A:2F:64:8D:49
Validity Wed, 26 Mar 2025 08:26:31 GMT - Mon, 27 Apr 2026 08:26:30 GMT
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116398867%26tm%3D1752411639%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Dflow%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 975
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: tfstk=g2KthCvDszX6o4tOKdu3n1zI0_HoE2vZJCJ7msfglBdp3IQclNXGDZO1thbcf1ALdTXAGx5b56dpTCEgmG1gHipvwIQqQsffMIvXSFnoqdJN0i1jZ0mk3h_rKhCbiisNA7wHFumoqdJ10iGoZ0xcG3eR6ssbctaIpT5CCsOf1wNCeTSfcI_1AW6Phsw_5NZIpt5CGisXGpMdn61X_MuOOR1zDFK3ZVDSZsZbcHBO5gv11o6evOQONda0cowPBNCWC6l_7SZCyC_v0YEp9nCAo_7aFR1vyB-Of3MbyiTBs3Iyq3x-drPlwt4tpna4uN6Ea8rHW16zb6BdZAHTur7dL9CopvU4uN6Fp_DtBrzVJ95..; isg=BBUVRikp0SeugPXbqp9oItYBJxjPEskkCRfe75e60Qzb7jXgX2LZ9COsvGrYdeHc; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; xlly_s=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sun, 13 Jul 2025 13:00:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
GET image.uc.cn/s/uae/g/3o/broccoli/resource/202409/9b523820-70d0-11ef-aa63-41eb587b5315.png
200 OK 2.1 kB URL GET HTTPS
image.uc.cn/s/uae/g/3o/broccoli/resource/202409/9b523820-70d0-11ef-aa63-41eb587b5315.png
IP / ASN
47.246.2.231
#24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type PNG image data, 288 x 108, 8-bit colormap, non-interlaced
First Seen 2024-09-17
Last Seen 2025-07-30
Times Seen 58
Size 2.1 kB (2110 bytes)
MD5 64d99877921f35762d99f8a0f60ec923
SHA1 646a361e2d3ff835454d8e2215b470338dd6e54e
SHA256 e09b313da95ef8966fe043422a26f4c19b6958eafdb6e426d90c157b5483ac08
Certificate Information
Issuer GlobalSign nv-sa
Subject image.uc.cn
Fingerprint C0:14:EE:1B:74:3A:15:9D:77:E6:65:2D:13:AC:EA:A3:2A:18:31:B7
Validity Wed, 12 Feb 2025 01:41:07 GMT - Mon, 16 Mar 2026 01:41:06 GMT
GET /s/uae/g/3o/broccoli/resource/202409/9b523820-70d0-11ef-aa63-41eb587b5315.png HTTP/1.1
Host: image.uc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g.alicdn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 2110
date: Fri, 09 May 2025 11:57:27 GMT
cache-control: max-age=8640000
access-control-allow-origin: *
via: ens-cache11.l2de3[0,0,304-0,H], ens-cache10.l2de3[10,0], cache16.ru3[0,0,200-0,H], cache9.ru3[2,0]
etag: 5173d4fe-83e
age: 66
ali-swift-global-savetime: 1746791847
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Fri, 09 May 2025 11:59:01 GMT
x-swift-cachetime: 8639906
timing-allow-origin: *
eagleid: 2ff6029d17524116409456326e
X-Firefox-Spdy: h2
GET g.alicdn.com/??/AWSC/AWSC/awsc.js,/sd/baxia-entry/baxiaCommon.js
200 OK 29 kB URL GET HTTPS
g.alicdn.com/??/AWSC/AWSC/awsc.js,/sd/baxia-entry/baxiaCommon.js
IP / ASN
23.36.77.80
#20940 Akamai International B.V.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (28679)
First Seen 2025-07-10
Last Seen 2025-07-17
Times Seen 229
Size 29 kB (28688 bytes)
MD5 86a92a7ca5eb40dac3c6a04efab9be8e
SHA1 10a55bb8355ae7bc193c5adc592d0e971cb1fbfc
SHA256 5827fab2e5154712bf130daead428a0661f5a10082dafdfcec9035a56dbb80ee
Certificate Information
Issuer DigiCert Inc
Subject air.alistatic.com
Fingerprint 78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F
Validity Thu, 05 Jun 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT
GET /??/AWSC/AWSC/awsc.js,/sd/baxia-entry/baxiaCommon.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Server: Tengine
x-oss-request-id: 6873A3D776D4203333B472EC
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9965151409089470392
x-oss-storage-class: Standard
Content-MD5: OuvW8ldvh3KirSzpKZ+7IQ==
x-oss-server-time: 2
x-bucket-code: 3
Content-Encoding: gzip
Ups-Target-Key: cdn-relay.vipserver
X-protocol: HTTP/1.1
EagleEye-TraceId: 211b41d917524090471583029e1fb4
Strict-Transport-Security: max-age=0
s-brt: 13
s-rt: 14
Content-Length: 10953
Cache-Control: max-age=4611, s-maxage=3600
Date: Sun, 13 Jul 2025 13:00:36 GMT
Connection: keep-alive
Vary: Accept-Encoding
SERVED-FROM: 23.36.77.76
Network_Info: NO_OSLO_50304
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: FW_IP
FW_IP: 23.36.77.80
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/vendor.css
200 OK 270 kB URL GET HTTPS
g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/vendor.css
IP / ASN
23.36.77.80
#20940 Akamai International B.V.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type ASCII text, with very long lines (65536), with no line terminators
First Seen 2025-07-08
Last Seen 2025-07-30
Times Seen 18
Size 270 kB (270123 bytes)
MD5 ebe46bf3b5291bacbd4151d609dc2522
SHA1 fa4dcb887d1090a8a5fa1e2d286ddd8da697dd04
SHA256 2796ca9fa415c1108864c356801df60cb9698dbc6cf263f25fbed9a66dfc9fd2
Certificate Information
Issuer DigiCert Inc
Subject air.alistatic.com
Fingerprint 78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F
Validity Thu, 05 Jun 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.53/vendor.css HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Server: Tengine
x-oss-request-id: 6867A7FDB0CAA23034C2479C
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12870289621064744041
x-oss-storage-class: Standard
Content-MD5: 6+Rr87UpG6y9QVHWCdwlIg==
x-oss-server-time: 7
Content-Encoding: gzip
x-bucket-code: 3
Ups-Target-Key: cdn-relay.vipserver
X-protocol: HTTP/1.1
EagleEye-TraceId: 210386a117516236772277667e1fb0
Strict-Transport-Security: max-age=0
s-brt: 23
s-rt: 24
Content-Length: 57269
Cache-Control: max-age=1804041, s-maxage=86400
Expires: Sun, 03 Aug 2025 10:07:57 GMT
Date: Sun, 13 Jul 2025 13:00:36 GMT
Connection: keep-alive
Vary: Accept-Encoding
SERVED-FROM: 23.36.77.76
Network_Info: NO_OSLO_50304
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: FW_IP
FW_IP: 23.36.77.80
GET 127.0.0.1:9127/desktop_share_visiting?pwd_id=8510b49&passcode=&__dt=5088&__t=1752411638924
0 B URL GET HTTP
127.0.0.1:9127/desktop_share_visiting?pwd_id=8510b49&passcode=&__dt=5088&__t=1752411638924
IP / ASN
0.0.0.0
#0
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_share_visiting?pwd_id=8510b49&passcode=&__dt=5088&__t=1752411638924 HTTP/1.1
Host: 127.0.0.1:9127
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9128/desktop_info?__dt=5318&__t=1752411639154
0 B URL GET HTTP
127.0.0.1:9128/desktop_info?__dt=5318&__t=1752411639154
IP / ASN
0.0.0.0
#0
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=5318&__t=1752411639154 HTTP/1.1
Host: 127.0.0.1:9128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
POST track.lc.quark.cn/collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&sid=4af0d703-5b94-60c9-ae97-0b3f7f8f8ee9&appid=29351a4155a4&dn=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&ut=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&ds=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=5f4c73f0-5fe9-11f0-9c9f-936bf6d14045&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.53&system_enter_type=windows&share_dn=48655544-6bdb-4937-a82d-74e9e117798d&pwdid=8510b49&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.53&auto_save=0&sharelink_source=other&new_visitor=true&first_v_time=1752411638115&computer_info_succ=0&stat_a=a2s0k&stat_b=activity&refer=<=onlinetime&c_lt=onlinetime&page_time=931&no_url_de=1&event_id=19999&spm=a2s0k.activity.0.0&time=1752411638852
200 0 B URL POST HTTPS
track.lc.quark.cn/collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&sid=4af0d703-5b94-60c9-ae97-0b3f7f8f8ee9&appid=29351a4155a4&dn=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&ut=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&ds=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=5f4c73f0-5fe9-11f0-9c9f-936bf6d14045&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.53&system_enter_type=windows&share_dn=48655544-6bdb-4937-a82d-74e9e117798d&pwdid=8510b49&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.53&auto_save=0&sharelink_source=other&new_visitor=true&first_v_time=1752411638115&computer_info_succ=0&stat_a=a2s0k&stat_b=activity&refer=<=onlinetime&c_lt=onlinetime&page_time=931&no_url_de=1&event_id=19999&spm=a2s0k.activity.0.0&time=1752411638852
IP / ASN
123.182.51.94
#141771 China Telecom
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Information
Issuer GlobalSign nv-sa
Subject *.lc.quark.cn
Fingerprint 1E:65:1B:5E:A8:50:2C:ED:C6:28:D4:34:0B:D4:DB:B8:8B:7F:46:56
Validity Wed, 19 Mar 2025 05:41:07 GMT - Mon, 20 Apr 2026 05:41:06 GMT
POST /collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&sid=4af0d703-5b94-60c9-ae97-0b3f7f8f8ee9&appid=29351a4155a4&dn=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&ut=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&ds=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=5f4c73f0-5fe9-11f0-9c9f-936bf6d14045&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.53&system_enter_type=windows&share_dn=48655544-6bdb-4937-a82d-74e9e117798d&pwdid=8510b49&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.53&auto_save=0&sharelink_source=other&new_visitor=true&first_v_time=1752411638115&computer_info_succ=0&stat_a=a2s0k&stat_b=activity&refer=<=onlinetime&c_lt=onlinetime&page_time=931&no_url_de=1&event_id=19999&spm=a2s0k.activity.0.0&time=1752411638852 HTTP/1.1
Host: track.lc.quark.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: tfstk=g2KthCvDszX6o4tOKdu3n1zI0_HoE2vZJCJ7msfglBdp3IQclNXGDZO1thbcf1ALdTXAGx5b56dpTCEgmG1gHipvwIQqQsffMIvXSFnoqdJN0i1jZ0mk3h_rKhCbiisNA7wHFumoqdJ10iGoZ0xcG3eR6ssbctaIpT5CCsOf1wNCeTSfcI_1AW6Phsw_5NZIpt5CGisXGpMdn61X_MuOOR1zDFK3ZVDSZsZbcHBO5gv11o6evOQONda0cowPBNCWC6l_7SZCyC_v0YEp9nCAo_7aFR1vyB-Of3MbyiTBs3Iyq3x-drPlwt4tpna4uN6Ea8rHW16zb6BdZAHTur7dL9CopvU4uN6Fp_DtBrzVJ95..; isg=BBUVRikp0SeugPXbqp9oItYBJxjPEskkCRfe75e60Qzb7jXgX2LZ9COsvGrYdeHc; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; xlly_s=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200
Date: Sun, 13 Jul 2025 13:00:39 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 33
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Access-Control-Allow-Origin: https://pan.quark.cn, *
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/6.css
200 OK 38 kB URL GET HTTPS
g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/6.css
IP / ASN
23.36.77.80
#20940 Akamai International B.V.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type ASCII text, with very long lines (38309), with no line terminators
First Seen 2025-07-12
Last Seen 2025-07-13
Times Seen 3
Size 38 kB (38309 bytes)
MD5 183e6908596c4f3e5e2c905f6febb573
SHA1 928e72ada9d8b2bcefde6c7c2242a1b9fc85fd87
SHA256 8630fc1bc5c188d90690b3b0f4ccdcf8023d7f73ffc792a2eca33e9301dfa238
Certificate Information
Issuer DigiCert Inc
Subject air.alistatic.com
Fingerprint 78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F
Validity Thu, 05 Jun 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.53/6.css HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Server: Tengine
x-oss-request-id: 6867EA542547D4333347F673
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8091654984185834846
x-oss-storage-class: Standard
Content-MD5: GD5pCFlsTz5eLJBfb+u1cw==
x-oss-server-time: 21
Content-Encoding: gzip
x-bucket-code: 3
Ups-Target-Key: cdn-relay.vipserver
X-protocol: HTTP/1.1
EagleEye-TraceId: 211b41d917516406608073516e1ffb
Strict-Transport-Security: max-age=0
s-brt: 28
s-rt: 28
Content-Length: 9800
SERVED-FROM: 23.36.77.68
Cache-Control: max-age=1821020, s-maxage=86400
Expires: Sun, 03 Aug 2025 14:51:00 GMT
Date: Sun, 13 Jul 2025 13:00:40 GMT
Connection: keep-alive
Vary: Accept-Encoding
Network_Info: NO_OSLO_50304
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: FW_IP
FW_IP: 23.36.77.80
GET pan.quark.cn/s/8510b49
200 OK 12 kB URL User Request GET HTTPS
pan.quark.cn/s/8510b49
IP / ASN
203.119.175.189
#37963 Hangzhou Alibaba Advertising Co.,Ltd.
Resource Information
File type HTML document, Unicode text, UTF-8 text, with very long lines (7445)
First Seen 2025-07-08
Last Seen 2025-07-14
Times Seen 11
Size 12 kB (11713 bytes)
MD5 48205131c9b14923e3ecacfbb8cc39ec
SHA1 1fdc807e6734a0758ad444b59b7426d094fa8633
SHA256 f9bbc3903a5404c966675b415208005c7af4d7d7ad148f263b3bd7db445c32fc
Certificate Information
Issuer GlobalSign nv-sa
Subject *.alibaba.com
Fingerprint 5D:34:66:EE:A8:8C:B2:D4:AF:90:98:90:65:36:B3:C7:5F:E8:4D:5B
Validity Tue, 11 Mar 2025 05:07:02 GMT - Sun, 12 Apr 2026 05:01:06 GMT
GET /s/8510b49 HTTP/1.1
Host: pan.quark.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 13 Jul 2025 13:00:34 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Origin
x-server-id: a132805fe77874e4b29c9334f3d6bf617efccfb643b4fef0f62a1d1c5235b4da4c427b53495958570d6be49457c0f91a
set-cookie: ctoken=MtWyeD77vFvEcppIV52Ylmkx; path=/
web-grey-id=72f52d74-0e50-a9d6-86af-436b0b0e4891; path=/; httponly
web-grey-id.sig=AOguYwXZdVJKTrLjxZxyce_jVtHlrIu0KrMsxIkIuuE; path=/; httponly
web-grey-id=279d8fb0-14e1-58c7-64f3-0f2250c35341; path=/; httponly
web-grey-id.sig=q_A7uWoMYekjIjkx8lO5zsvUezD6-FAjF33FTZmXDSU; path=/; httponly
cache-control: no-cache
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Mobile
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
strict-transport-security: max-age=31536000
x-readtime: 2
content-encoding: gzip
server: Tengine/Aserver
eagleeye-traceid: 213e366217524116349322413e1a19
timing-allow-origin: *
X-Firefox-Spdy: h2
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116384623%26tm%3D1752411638%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Dflow%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
200 OK 0 B URL POST HTTPS
px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116384623%26tm%3D1752411638%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Dflow%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP / ASN
111.63.205.135
#24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Information
Issuer GlobalSign nv-sa
Subject *.wpk.quark.cn
Fingerprint AD:F6:E9:09:AA:9C:EB:99:E9:D4:95:0D:7F:0A:EF:1A:2F:64:8D:49
Validity Wed, 26 Mar 2025 08:26:31 GMT - Mon, 27 Apr 2026 08:26:30 GMT
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116384623%26tm%3D1752411638%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Dflow%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 975
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: tfstk=g2KthCvDszX6o4tOKdu3n1zI0_HoE2vZJCJ7msfglBdp3IQclNXGDZO1thbcf1ALdTXAGx5b56dpTCEgmG1gHipvwIQqQsffMIvXSFnoqdJN0i1jZ0mk3h_rKhCbiisNA7wHFumoqdJ10iGoZ0xcG3eR6ssbctaIpT5CCsOf1wNCeTSfcI_1AW6Phsw_5NZIpt5CGisXGpMdn61X_MuOOR1zDFK3ZVDSZsZbcHBO5gv11o6evOQONda0cowPBNCWC6l_7SZCyC_v0YEp9nCAo_7aFR1vyB-Of3MbyiTBs3Iyq3x-drPlwt4tpna4uN6Ea8rHW16zb6BdZAHTur7dL9CopvU4uN6Fp_DtBrzVJ95..; isg=BBUVRikp0SeugPXbqp9oItYBJxjPEskkCRfe75e60Qzb7jXgX2LZ9COsvGrYdeHc; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; xlly_s=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sun, 13 Jul 2025 13:00:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
GET 127.0.0.1:9126/desktop_share_visiting?pwd_id=8510b49&passcode=&__dt=5088&__t=1752411638924
0 B URL GET HTTP
127.0.0.1:9126/desktop_share_visiting?pwd_id=8510b49&passcode=&__dt=5088&__t=1752411638924
IP / ASN
0.0.0.0
#0
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_share_visiting?pwd_id=8510b49&passcode=&__dt=5088&__t=1752411638924 HTTP/1.1
Host: 127.0.0.1:9126
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9130/desktop_share_visiting?pwd_id=8510b49&passcode=&__dt=5202&__t=1752411639038
0 B URL GET HTTP
127.0.0.1:9130/desktop_share_visiting?pwd_id=8510b49&passcode=&__dt=5202&__t=1752411639038
IP / ASN
0.0.0.0
#0
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_share_visiting?pwd_id=8510b49&passcode=&__dt=5202&__t=1752411639038 HTTP/1.1
Host: 127.0.0.1:9130
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET g.alicdn.com/AWSC/et/1.83.8/et_f.js
200 OK 262 kB URL GET HTTPS
g.alicdn.com/AWSC/et/1.83.8/et_f.js
IP / ASN
23.36.77.80
#20940 Akamai International B.V.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
First Seen 2025-03-11
Last Seen 2025-08-11
Times Seen 51319
Size 262 kB (262136 bytes)
MD5 fdc8d3c63a356d45a6af4495199742dd
SHA1 b03b109bc585dc4e8e29982cde4195dbacb3af2e
SHA256 0ab55e76a88a3662447e678025d70e9367eb0c0a5d14948440013c3670ad545d
Certificate Information
Issuer DigiCert Inc
Subject air.alistatic.com
Fingerprint 78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F
Validity Thu, 05 Jun 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT
GET /AWSC/et/1.83.8/et_f.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 91020
Server: Tengine
x-oss-request-id: 686389DA2547D43832BDC12C
Accept-Ranges: bytes
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12424508067849186430
x-oss-storage-class: Standard
Content-Encoding: gzip
Content-MD5: EMxYD13f00uUcyuVOeMQDA==
x-oss-server-time: 44
x-bucket-code: 3
Ups-Target-Key: cdn-relay.vipserver
X-protocol: HTTP/1.1
EagleEye-TraceId: 211b427e17513538185863352e1c95
Strict-Transport-Security: max-age=0
s-brt: 49
s-rt: 50
Cache-Control: max-age=1534182, s-maxage=86400
Expires: Thu, 31 Jul 2025 07:10:18 GMT
Date: Sun, 13 Jul 2025 13:00:36 GMT
Connection: keep-alive
Vary: Accept-Encoding
SERVED-FROM: 23.36.77.68
Network_Info: NO_OSLO_50304
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: FW_IP
FW_IP: 23.36.77.80
GET pan.quark.cn/api/config?fr=pc&platform=pc&__dt=4280&__t=1752411638116
200 OK 1.1 kB URL GET HTTPS
pan.quark.cn/api/config?fr=pc&platform=pc&__dt=4280&__t=1752411638116
IP / ASN
203.119.175.189
#37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type JSON text data
First Seen 2024-12-08
Last Seen 2025-07-30
Times Seen 33
Size 1.1 kB (1056 bytes)
MD5 78d8eb4c352ccf8bde4d4df5097b55af
SHA1 821db57b587cd88e0fec21793fc883b454a3ecaa
SHA256 3c9d78f186eab907cc709c0c36a100897ab940baedd744457176743b204320c0
Certificate Information
Issuer GlobalSign nv-sa
Subject *.alibaba.com
Fingerprint 5D:34:66:EE:A8:8C:B2:D4:AF:90:98:90:65:36:B3:C7:5F:E8:4D:5B
Validity Tue, 11 Mar 2025 05:07:02 GMT - Sun, 12 Apr 2026 05:01:06 GMT
GET /api/config?fr=pc&platform=pc&__dt=4280&__t=1752411638116 HTTP/1.1
Host: pan.quark.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/s/8510b49
Cookie: ctoken=MtWyeD77vFvEcppIV52Ylmkx; web-grey-id=279d8fb0-14e1-58c7-64f3-0f2250c35341; web-grey-id.sig=q_A7uWoMYekjIjkx8lO5zsvUezD6-FAjF33FTZmXDSU; tfstk=g2KthCvDszX6o4tOKdu3n1zI0_HoE2vZJCJ7msfglBdp3IQclNXGDZO1thbcf1ALdTXAGx5b56dpTCEgmG1gHipvwIQqQsffMIvXSFnoqdJN0i1jZ0mk3h_rKhCbiisNA7wHFumoqdJ10iGoZ0xcG3eR6ssbctaIpT5CCsOf1wNCeTSfcI_1AW6Phsw_5NZIpt5CGisXGpMdn61X_MuOOR1zDFK3ZVDSZsZbcHBO5gv11o6evOQONda0cowPBNCWC6l_7SZCyC_v0YEp9nCAo_7aFR1vyB-Of3MbyiTBs3Iyq3x-drPlwt4tpna4uN6Ea8rHW16zb6BdZAHTur7dL9CopvU4uN6Fp_DtBrzVJ95..; isg=BBUVRikp0SeugPXbqp9oItYBJxjPEskkCRfe75e60Qzb7jXgX2LZ9COsvGrYdeHc; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; xlly_s=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 13 Jul 2025 13:00:38 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
x-server-id: a132805fe77874e4b29c9334f3d6bf617efccfb643b4fef0f62a1d1c5235b4da4c427b5349595857c282b94c83c76832
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
strict-transport-security: max-age=31536000
x-readtime: 2
content-encoding: gzip
server: Tengine/Aserver
eagleeye-traceid: 213e366217524116385882982e1a19
timing-allow-origin: *
X-Firefox-Spdy: h2
GET g.alicdn.com/??/sd/baxia/2.5.31/baxiaCommon.js
200 OK 37 kB URL GET HTTPS
g.alicdn.com/??/sd/baxia/2.5.31/baxiaCommon.js
IP / ASN
23.36.77.80
#20940 Akamai International B.V.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (37062)
First Seen 2025-05-26
Last Seen 2025-08-11
Times Seen 56738
Size 37 kB (37289 bytes)
MD5 d92f78ccaaa2616aa3eb54e89d7032e5
SHA1 1291a7d5ec73b551114f5175cfd05c747b827928
SHA256 cc219d27d7e2ab0b6416fd4a1475fdedcd5b710123506903a526f72a4d208156
Certificate Information
Issuer DigiCert Inc
Subject air.alistatic.com
Fingerprint 78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F
Validity Thu, 05 Jun 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT
GET /??/sd/baxia/2.5.31/baxiaCommon.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Server: Tengine
x-oss-request-id: 68637848712A583835193B6B
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8518556844306691727
x-oss-storage-class: Standard
Content-MD5: 2S94zKqiYWqj61TonXAy5Q==
x-oss-server-time: 2
x-bucket-code: 3
Content-Encoding: gzip
Ups-Target-Key: cdn-relay.vipserver
X-protocol: HTTP/1.1
EagleEye-TraceId: 210397ac17513493206268147e1e05
Strict-Transport-Security: max-age=0
s-brt: 12
s-rt: 13
Content-Length: 13819
Cache-Control: max-age=1529684, s-maxage=86400
Date: Sun, 13 Jul 2025 13:00:36 GMT
Connection: keep-alive
Vary: Accept-Encoding
SERVED-FROM: 23.36.77.68
Network_Info: NO_OSLO_50304
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: FW_IP
FW_IP: 23.36.77.80
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/28.css
200 OK 22 kB URL GET HTTPS
g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/28.css
IP / ASN
23.36.77.80
#20940 Akamai International B.V.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type ASCII text, with very long lines (22508), with no line terminators
First Seen 2025-07-12
Last Seen 2025-07-13
Times Seen 2
Size 22 kB (22508 bytes)
MD5 83195dbcc1b3229aa580fc154de52323
SHA1 21d7bbf59a11f317a9a8888ab7fa135f9f77fb36
SHA256 288c088d492d11f9a7020ddcf674fc97c43d03160bb820e031c3027fa029200a
Certificate Information
Issuer DigiCert Inc
Subject air.alistatic.com
Fingerprint 78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F
Validity Thu, 05 Jun 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.53/28.css HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Server: Tengine
x-oss-request-id: 6867EA54B0CAA23532610B52
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6661030720998012433
x-oss-storage-class: Standard
Content-MD5: gxldvMGzIpqlgPwVTeUjIw==
x-oss-server-time: 51
Content-Encoding: gzip
x-bucket-code: 3
Ups-Target-Key: cdn-relay.vipserver
X-protocol: HTTP/1.1
EagleEye-TraceId: 211b800a17516406607465943e1c2a
Strict-Transport-Security: max-age=0
s-brt: 57
s-rt: 58
Content-Length: 10115
Cache-Control: max-age=1821020, s-maxage=86400
Expires: Sun, 03 Aug 2025 14:51:00 GMT
Date: Sun, 13 Jul 2025 13:00:40 GMT
Connection: keep-alive
Vary: Accept-Encoding
SERVED-FROM: 23.36.77.76
Network_Info: NO_OSLO_50304
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: FW_IP
FW_IP: 23.36.77.80
POST track.lc.quark.cn/collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&sid=4af0d703-5b94-60c9-ae97-0b3f7f8f8ee9&appid=29351a4155a4&dn=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&ut=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&ds=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=5f4c73f0-5fe9-11f0-9c9f-936bf6d14045&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.53&system_enter_type=windows&share_dn=48655544-6bdb-4937-a82d-74e9e117798d&pwdid=8510b49&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.53&auto_save=0&sharelink_source=other&new_visitor=true&first_v_time=1752411638115&computer_info_succ=0&webshare_to_native=clouddrive&pagetype=error&page=page_clouddrive_websharedetail&page_h5=page_clouddrive_websharedetail&stat_a=a2s0k&stat_b=websharedetail&refer=&event_id=2001&errorcode=41006<=pageview&c_lt=pageview&spm-cnt=a2s0k.websharedetail.0.0&no_url_de=1&spm=a2s0k.websharedetail.0.0&time=1752411640592
200 0 B URL POST HTTPS
track.lc.quark.cn/collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&sid=4af0d703-5b94-60c9-ae97-0b3f7f8f8ee9&appid=29351a4155a4&dn=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&ut=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&ds=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=5f4c73f0-5fe9-11f0-9c9f-936bf6d14045&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.53&system_enter_type=windows&share_dn=48655544-6bdb-4937-a82d-74e9e117798d&pwdid=8510b49&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.53&auto_save=0&sharelink_source=other&new_visitor=true&first_v_time=1752411638115&computer_info_succ=0&webshare_to_native=clouddrive&pagetype=error&page=page_clouddrive_websharedetail&page_h5=page_clouddrive_websharedetail&stat_a=a2s0k&stat_b=websharedetail&refer=&event_id=2001&errorcode=41006<=pageview&c_lt=pageview&spm-cnt=a2s0k.websharedetail.0.0&no_url_de=1&spm=a2s0k.websharedetail.0.0&time=1752411640592
IP / ASN
123.182.51.94
#141771 China Telecom
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Information
Issuer GlobalSign nv-sa
Subject *.lc.quark.cn
Fingerprint 1E:65:1B:5E:A8:50:2C:ED:C6:28:D4:34:0B:D4:DB:B8:8B:7F:46:56
Validity Wed, 19 Mar 2025 05:41:07 GMT - Mon, 20 Apr 2026 05:41:06 GMT
POST /collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&sid=4af0d703-5b94-60c9-ae97-0b3f7f8f8ee9&appid=29351a4155a4&dn=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&ut=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&ds=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=5f4c73f0-5fe9-11f0-9c9f-936bf6d14045&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.53&system_enter_type=windows&share_dn=48655544-6bdb-4937-a82d-74e9e117798d&pwdid=8510b49&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.53&auto_save=0&sharelink_source=other&new_visitor=true&first_v_time=1752411638115&computer_info_succ=0&webshare_to_native=clouddrive&pagetype=error&page=page_clouddrive_websharedetail&page_h5=page_clouddrive_websharedetail&stat_a=a2s0k&stat_b=websharedetail&refer=&event_id=2001&errorcode=41006<=pageview&c_lt=pageview&spm-cnt=a2s0k.websharedetail.0.0&no_url_de=1&spm=a2s0k.websharedetail.0.0&time=1752411640592 HTTP/1.1
Host: track.lc.quark.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: tfstk=g2KthCvDszX6o4tOKdu3n1zI0_HoE2vZJCJ7msfglBdp3IQclNXGDZO1thbcf1ALdTXAGx5b56dpTCEgmG1gHipvwIQqQsffMIvXSFnoqdJN0i1jZ0mk3h_rKhCbiisNA7wHFumoqdJ10iGoZ0xcG3eR6ssbctaIpT5CCsOf1wNCeTSfcI_1AW6Phsw_5NZIpt5CGisXGpMdn61X_MuOOR1zDFK3ZVDSZsZbcHBO5gv11o6evOQONda0cowPBNCWC6l_7SZCyC_v0YEp9nCAo_7aFR1vyB-Of3MbyiTBs3Iyq3x-drPlwt4tpna4uN6Ea8rHW16zb6BdZAHTur7dL9CopvU4uN6Fp_DtBrzVJ95..; isg=BBUVRikp0SeugPXbqp9oItYBJxjPEskkCRfe75e60Qzb7jXgX2LZ9COsvGrYdeHc; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; xlly_s=1; __sdid=AAQMwjnWreD0cLX6QC4YABFrS4GNS+SLNi/Je/nntAROFjHpr06RlUnBZ/Qf3ypmMbg=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200
Date: Sun, 13 Jul 2025 13:00:40 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 33
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Access-Control-Allow-Origin: https://pan.quark.cn, *
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116404027%26tm%3D1752411640%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
200 OK 0 B URL POST HTTPS
px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116404027%26tm%3D1752411640%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP / ASN
111.63.205.135
#24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Information
Issuer GlobalSign nv-sa
Subject *.wpk.quark.cn
Fingerprint AD:F6:E9:09:AA:9C:EB:99:E9:D4:95:0D:7F:0A:EF:1A:2F:64:8D:49
Validity Wed, 26 Mar 2025 08:26:31 GMT - Mon, 27 Apr 2026 08:26:30 GMT
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17524116404027%26tm%3D1752411640%26ud%3D5f4c73f0-5fe9-11f0-9c9f-936bf6d14045%26ver%3D4.5.53%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 4557
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: tfstk=g2KthCvDszX6o4tOKdu3n1zI0_HoE2vZJCJ7msfglBdp3IQclNXGDZO1thbcf1ALdTXAGx5b56dpTCEgmG1gHipvwIQqQsffMIvXSFnoqdJN0i1jZ0mk3h_rKhCbiisNA7wHFumoqdJ10iGoZ0xcG3eR6ssbctaIpT5CCsOf1wNCeTSfcI_1AW6Phsw_5NZIpt5CGisXGpMdn61X_MuOOR1zDFK3ZVDSZsZbcHBO5gv11o6evOQONda0cowPBNCWC6l_7SZCyC_v0YEp9nCAo_7aFR1vyB-Of3MbyiTBs3Iyq3x-drPlwt4tpna4uN6Ea8rHW16zb6BdZAHTur7dL9CopvU4uN6Fp_DtBrzVJ95..; isg=BBUVRikp0SeugPXbqp9oItYBJxjPEskkCRfe75e60Qzb7jXgX2LZ9COsvGrYdeHc; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; xlly_s=1; __sdid=AAQMwjnWreD0cLX6QC4YABFrS4GNS+SLNi/Je/nntAROFjHpr06RlUnBZ/Qf3ypmMbg=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sun, 13 Jul 2025 13:00:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/6.js
200 OK 37 kB URL GET HTTPS
g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/6.js
IP / ASN
23.36.77.80
#20940 Akamai International B.V.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type JavaScript source, ASCII text, with very long lines (36844)
First Seen 2025-07-12
Last Seen 2025-07-13
Times Seen 3
Size 37 kB (36874 bytes)
MD5 36c5aa02eaad9b2aa64aaf993e6a64ab
SHA1 90a257594cd55d4c2e8a3ba99d2e0348b7107ab0
SHA256 745ff1a5b9b8bd5166836d5c28c1b00d01c61a757ec143513c9a7441d83c6b4e
Certificate Information
Issuer DigiCert Inc
Subject air.alistatic.com
Fingerprint 78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F
Validity Thu, 05 Jun 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.53/6.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Server: Tengine
x-oss-request-id: 6867EA54A5D3D93830633FA5
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17095782255290392047
x-oss-storage-class: Standard
Content-MD5: NsWqAuqtmyqmSq+ZPmpkqw==
x-oss-server-time: 19
Content-Encoding: gzip
x-bucket-code: 3
Ups-Target-Key: cdn-relay.vipserver
X-protocol: HTTP/1.1
EagleEye-TraceId: 21039b5317516406607455259e1fa6
Strict-Transport-Security: max-age=0
s-brt: 27
s-rt: 28
Content-Length: 9868
Cache-Control: max-age=1821020, s-maxage=86400
Expires: Sun, 03 Aug 2025 14:51:00 GMT
Date: Sun, 13 Jul 2025 13:00:40 GMT
Connection: keep-alive
Vary: Accept-Encoding
SERVED-FROM: 23.36.77.68
Network_Info: NO_OSLO_50304
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: FW_IP
FW_IP: 23.36.77.80
GET 127.0.0.1:9125/desktop_info?__dt=5081&__t=1752411638917
0 B URL GET HTTP
127.0.0.1:9125/desktop_info?__dt=5081&__t=1752411638917
IP / ASN
0.0.0.0
#0
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=5081&__t=1752411638917 HTTP/1.1
Host: 127.0.0.1:9125
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9129/desktop_info?__dt=5415&__t=1752411639251
0 B URL GET HTTP
127.0.0.1:9129/desktop_info?__dt=5415&__t=1752411639251
IP / ASN
0.0.0.0
#0
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=5415&__t=1752411639251 HTTP/1.1
Host: 127.0.0.1:9129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/vendor.js
200 OK 3.6 MB URL GET HTTPS
g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/vendor.js
IP / ASN
23.36.77.80
#20940 Akamai International B.V.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type JavaScript source, ASCII text, with very long lines (24347)
First Seen 2025-07-08
Last Seen 2025-07-14
Times Seen 11
Size 3.6 MB (3589347 bytes)
MD5 da286208a583eccc74458893690c2e00
SHA1 f9864d4b65cb0cb6d42384b5030eeb3a6fcc5b60
SHA256 13b47814a508edcd48b045930511ab4758aec17c4986330b76cc3488a805459b
Certificate Information
Issuer DigiCert Inc
Subject air.alistatic.com
Fingerprint 78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F
Validity Thu, 05 Jun 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.53/vendor.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Server: Tengine
x-oss-request-id: 6867A7FDDC077F3938F4D324
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8675032740321327560
x-oss-storage-class: Standard
Content-MD5: 2ihiCKWD7Mx0RYiTaQwuAA==
x-oss-server-time: 16
Content-Encoding: gzip
x-bucket-code: 3
Ups-Target-Key: cdn-relay.vipserver
X-protocol: HTTP/1.1
EagleEye-TraceId: 210397ac17516236772891617e1b73
Strict-Transport-Security: max-age=0
s-brt: 27
s-rt: 28
Content-Length: 993339
Cache-Control: max-age=1804041, s-maxage=86400
Expires: Sun, 03 Aug 2025 10:07:57 GMT
Date: Sun, 13 Jul 2025 13:00:36 GMT
Connection: keep-alive
Vary: Accept-Encoding
SERVED-FROM: 23.36.77.76
Network_Info: NO_OSLO_50304
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: FW_IP
FW_IP: 23.36.77.80
GET pan.quark.cn/api/client_version?fr=pc&platform=pc&__dt=4280&__t=1752411638116
200 OK 31 kB URL GET HTTPS
pan.quark.cn/api/client_version?fr=pc&platform=pc&__dt=4280&__t=1752411638116
IP / ASN
203.119.175.189
#37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type JSON text data
First Seen 2025-07-13
Last Seen 2025-07-13
Times Seen 1
Size 31 kB (31023 bytes)
MD5 c7a287bf072de4f357b1d023f8fb5627
SHA1 02bb5d730b82efb9b113e65e8ffe7f5db77d3544
SHA256 1b7ce2354a403ac8a6e6c8ccb5e4cbef08ce8ab931ed32a593c395db0fc44e25
Certificate Information
Issuer GlobalSign nv-sa
Subject *.alibaba.com
Fingerprint 5D:34:66:EE:A8:8C:B2:D4:AF:90:98:90:65:36:B3:C7:5F:E8:4D:5B
Validity Tue, 11 Mar 2025 05:07:02 GMT - Sun, 12 Apr 2026 05:01:06 GMT
GET /api/client_version?fr=pc&platform=pc&__dt=4280&__t=1752411638116 HTTP/1.1
Host: pan.quark.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/s/8510b49
Cookie: ctoken=MtWyeD77vFvEcppIV52Ylmkx; web-grey-id=279d8fb0-14e1-58c7-64f3-0f2250c35341; web-grey-id.sig=q_A7uWoMYekjIjkx8lO5zsvUezD6-FAjF33FTZmXDSU; tfstk=g2KthCvDszX6o4tOKdu3n1zI0_HoE2vZJCJ7msfglBdp3IQclNXGDZO1thbcf1ALdTXAGx5b56dpTCEgmG1gHipvwIQqQsffMIvXSFnoqdJN0i1jZ0mk3h_rKhCbiisNA7wHFumoqdJ10iGoZ0xcG3eR6ssbctaIpT5CCsOf1wNCeTSfcI_1AW6Phsw_5NZIpt5CGisXGpMdn61X_MuOOR1zDFK3ZVDSZsZbcHBO5gv11o6evOQONda0cowPBNCWC6l_7SZCyC_v0YEp9nCAo_7aFR1vyB-Of3MbyiTBs3Iyq3x-drPlwt4tpna4uN6Ea8rHW16zb6BdZAHTur7dL9CopvU4uN6Fp_DtBrzVJ95..; isg=BBUVRikp0SeugPXbqp9oItYBJxjPEskkCRfe75e60Qzb7jXgX2LZ9COsvGrYdeHc; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; xlly_s=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 13 Jul 2025 13:00:38 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
x-server-id: a132805fe77874e4b29c9334f3d6bf617efccfb643b4fef0f62a1d1c5235b4da4c427b5349595857f49f40fb2a8e9df8
cache-control: no-cache
set-cookie: grey-id=1f6dfd7a-812c-b55d-a0e8-cef72c14ea42; path=/; httponly
grey-id.sig=IujglOgj0d5l-VbOj-FCfSKD5lXmlb8b_aMia52TeqA; path=/; httponly
isQuark=false; path=/; httponly
isQuark.sig=DWPHMZYiiwQ-v58AbcP-rBdSIpzO8ZnrD67BdJuPatU; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
strict-transport-security: max-age=31536000
x-readtime: 1
content-encoding: gzip
server: Tengine/Aserver
eagleeye-traceid: 213e366217524116385922983e1a19
timing-allow-origin: *
X-Firefox-Spdy: h2
OPTIONS drive-h.quark.cn/1/clouddrive/share/sharepage/token?pr=ucpro&fr=pc&uc_param_str=&__dt=4280&__t=1752411638116
200 OK 0 B URL OPTIONS HTTPS
drive-h.quark.cn/1/clouddrive/share/sharepage/token?pr=ucpro&fr=pc&uc_param_str=&__dt=4280&__t=1752411638116
IP / ASN
59.82.122.193
#37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Information
Issuer GlobalSign nv-sa
Subject *.alibaba.com
Fingerprint 5D:34:66:EE:A8:8C:B2:D4:AF:90:98:90:65:36:B3:C7:5F:E8:4D:5B
Validity Tue, 11 Mar 2025 05:07:02 GMT - Sun, 12 Apr 2026 05:01:06 GMT
OPTIONS /1/clouddrive/share/sharepage/token?pr=ucpro&fr=pc&uc_param_str=&__dt=4280&__t=1752411638116 HTTP/1.1
Host: drive-h.quark.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pan.quark.cn/
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 13 Jul 2025 13:00:39 GMT
content-length: 0
server: Tengine
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
x-application-context: clouddrive-api:dev,online,quark:9019
x-req-id: 980d58-26b1662987cff1
access-control-allow-origin: https://pan.quark.cn
vary: Origin
access-control-allow-methods: POST,GET,OPTIONS,DELETE,PATCH
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
eagleeye-traceid: 212a9b6217524116395652512e67ca
timing-allow-origin: *
X-Firefox-Spdy: h2
GET pan.quark.cn/favicon.ico
200 OK 68 kB URL GET HTTPS
pan.quark.cn/favicon.ico
IP / ASN
203.119.175.189
#37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel
First Seen 2024-05-02
Last Seen 2025-07-30
Times Seen 83
Size 68 kB (67646 bytes)
MD5 d1915a670d360513a0fdf6f188a420d8
SHA1 f006d326b6bed5291cad002ce8d7e4d7f3e7cf3d
SHA256 69da77a1b1ef0c3337ca7d839d1f44d0e6ad568d9d4b1a89548062b6e77f047e
Certificate Information
Issuer GlobalSign nv-sa
Subject *.alibaba.com
Fingerprint 5D:34:66:EE:A8:8C:B2:D4:AF:90:98:90:65:36:B3:C7:5F:E8:4D:5B
Validity Tue, 11 Mar 2025 05:07:02 GMT - Sun, 12 Apr 2026 05:01:06 GMT
GET /favicon.ico HTTP/1.1
Host: pan.quark.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/s/8510b49
Cookie: ctoken=MtWyeD77vFvEcppIV52Ylmkx; web-grey-id=279d8fb0-14e1-58c7-64f3-0f2250c35341; web-grey-id.sig=q_A7uWoMYekjIjkx8lO5zsvUezD6-FAjF33FTZmXDSU; tfstk=g2KthCvDszX6o4tOKdu3n1zI0_HoE2vZJCJ7msfglBdp3IQclNXGDZO1thbcf1ALdTXAGx5b56dpTCEgmG1gHipvwIQqQsffMIvXSFnoqdJN0i1jZ0mk3h_rKhCbiisNA7wHFumoqdJ10iGoZ0xcG3eR6ssbctaIpT5CCsOf1wNCeTSfcI_1AW6Phsw_5NZIpt5CGisXGpMdn61X_MuOOR1zDFK3ZVDSZsZbcHBO5gv11o6evOQONda0cowPBNCWC6l_7SZCyC_v0YEp9nCAo_7aFR1vyB-Of3MbyiTBs3Iyq3x-drPlwt4tpna4uN6Ea8rHW16zb6BdZAHTur7dL9CopvU4uN6Fp_DtBrzVJ95..; isg=BBUVRikp0SeugPXbqp9oItYBJxjPEskkCRfe75e60Qzb7jXgX2LZ9COsvGrYdeHc; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; b-user-id=6bdeb070-0ac9-b9ad-ea7e-5adf418c88d1; xlly_s=1; grey-id=1f6dfd7a-812c-b55d-a0e8-cef72c14ea42; grey-id.sig=IujglOgj0d5l-VbOj-FCfSKD5lXmlb8b_aMia52TeqA; isQuark=false; isQuark.sig=DWPHMZYiiwQ-v58AbcP-rBdSIpzO8ZnrD67BdJuPatU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 13 Jul 2025 13:00:39 GMT
content-type: image/vnd.microsoft.icon
content-length: 67646
vary: Origin
x-server-id: a132805fe77874e4b29c9334f3d6bf617efccfb643b4fef0f62a1d1c5235b4da4c427b5349595857c69a1e02a9ed5ad1
cache-control: public, max-age=2592000
x-readtime: 0
server: Tengine/Aserver
eagleeye-traceid: 213e366217524116396033142e1a19
strict-transport-security: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/28.js
200 OK 17 kB URL GET HTTPS
g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.53/28.js
IP / ASN
23.36.77.80
#20940 Akamai International B.V.
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type JavaScript source, ASCII text, with very long lines (16635)
First Seen 2025-07-12
Last Seen 2025-07-30
Times Seen 4
Size 17 kB (16666 bytes)
MD5 1beb0a6906fe1e3a84fc5a6455bd90de
SHA1 8fc8a026ac61133a22343a74f5a47700b1f61d60
SHA256 34613f11734c7ab4f52ce4bbf5e1e81a3e90b67babd8fb6ce8482a56299ea9f1
Certificate Information
Issuer DigiCert Inc
Subject air.alistatic.com
Fingerprint 78:85:B5:87:7C:5C:3B:C4:0F:07:09:DE:05:43:BE:9A:50:DD:95:1F
Validity Thu, 05 Jun 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.53/28.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Server: Tengine
x-oss-request-id: 6867EA5422392537375989B9
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17425779628125898804
x-oss-storage-class: Standard
Content-MD5: G+sKaQb+HjqE/FpkVb2Q3g==
x-oss-server-time: 3
Content-Encoding: gzip
x-bucket-code: 3
Ups-Target-Key: cdn-relay.vipserver
X-protocol: HTTP/1.1
EagleEye-TraceId: 211b427e17516406606946419e1e82
Strict-Transport-Security: max-age=0
s-brt: 11
s-rt: 11
Content-Length: 5830
SERVED-FROM: 23.36.77.76
Cache-Control: max-age=1821020, s-maxage=86400
Expires: Sun, 03 Aug 2025 14:51:00 GMT
Date: Sun, 13 Jul 2025 13:00:40 GMT
Connection: keep-alive
Vary: Accept-Encoding
Network_Info: NO_OSLO_50304
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: FW_IP
FW_IP: 23.36.77.80
GET 127.0.0.1:9128/desktop_share_visiting?pwd_id=8510b49&passcode=&__dt=5202&__t=1752411639038
0 B URL GET HTTP
127.0.0.1:9128/desktop_share_visiting?pwd_id=8510b49&passcode=&__dt=5202&__t=1752411639038
IP / ASN
0.0.0.0
#0
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_share_visiting?pwd_id=8510b49&passcode=&__dt=5202&__t=1752411639038 HTTP/1.1
Host: 127.0.0.1:9128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9129/desktop_share_visiting?pwd_id=8510b49&passcode=&__dt=5202&__t=1752411639038
0 B URL GET HTTP
127.0.0.1:9129/desktop_share_visiting?pwd_id=8510b49&passcode=&__dt=5202&__t=1752411639038
IP / ASN
0.0.0.0
#0
Requested by https://pan.quark.cn/s/8510b49
Resource Information
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-11
Times Seen 5764435
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_share_visiting?pwd_id=8510b49&passcode=&__dt=5202&__t=1752411639038 HTTP/1.1
Host: 127.0.0.1:9129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
