r10.o.lencr.org/
23.33.119.27 504 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7f6ccf69eed9545b5aab46fd5cbfe118
b51761c80ad244f0c688a0359c2cf9a1bc362f02
8be09440b2725844ff40689a73f3ba0ef5b9b4f59a2e96207ecf466d40f13a9b
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8BE09440B2725844FF40689A73F3BA0EF5B9B4F59A2E96207ECF466D40F13A9B"
Last-Modified: Wed, 09 Oct 2024 22:54:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7013
Expires: Thu, 10 Oct 2024 05:49:13 GMT
Date: Thu, 10 Oct 2024 03:52:20 GMT
Connection: keep-alive
GET g.alicdn.com/??/AWSC/AWSC/awsc.js,/sd/baxia-entry/baxiaCommon.js
163.181.131.243200 OK 9.2 kB URL GET HTTP/2 g.alicdn.com/??/AWSC/AWSC/awsc.js,/sd/baxia-entry/baxiaCommon.js
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (21980)
Hash d045f53622f9fb6cc839c8bcbe55e891
22dbf01658cdf5fe7cb5692baf910183a5f7dac9
fc04b48a00a55a234838d4820037dca4b707f359a82cc4703fc03c06ec42eba0
GET /??/AWSC/AWSC/awsc.js,/sd/baxia-entry/baxiaCommon.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 9150
date: Thu, 10 Oct 2024 02:55:25 GMT
vary: Accept-Encoding
x-oss-request-id: 6707421D3E8FB43531ED40CD
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9854329371083214382
x-oss-storage-class: Standard
cache-control: max-age=7200,s-maxage=3600
content-md5: kgPzvtUiP2e3HWizUWTlFg==
x-oss-server-time: 10
access-control-allow-origin: *
x-source-scheme: https
content-encoding: gzip
via: ens-cache7.l2de3[273,11,200-0,C], ens-cache12.l2de3[13,0], ens-cache12.l2de3[14,0], ens-cache3.de7[0,0,200-0,H], ens-cache7.de7[1,0]
age: 3417
ali-swift-global-savetime: 1728528925
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 10 Oct 2024 02:55:25 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: a3b5839b17285323427691393e
X-Firefox-Spdy: h2
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/share.css
163.181.131.243200 OK 147 kB URL GET HTTP/2 g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/share.css
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 147 kB (146895 bytes)
Hash 69bde7d6c38947028b1c8fac471b8083
ceabd6563e2aba4c2220a271e90b7f304c0e623a
07c5cf4beb01061f9ac4b41a4a274889d984ebc6dbb5c496dae5ff9144f0e2c0
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.17/share.css HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: text/css
content-length: 146895
date: Wed, 09 Oct 2024 08:23:20 GMT
vary: Accept-Encoding
x-oss-request-id: 67063D783D7F7539386990A2
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10858255210929310661
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: ab3n1sOJRwKLHI+sRxuAgw==
x-oss-server-time: 7
access-control-allow-origin: *
x-source-scheme: https
content-encoding: gzip
via: ens-cache10.l2de3[194,193,200-0,M], ens-cache1.l2de3[199,0], ens-cache1.l2de3[199,0], ens-cache8.de7[0,0,200-0,H], ens-cache7.de7[2,0]
age: 70142
ali-swift-global-savetime: 1728462200
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 09 Oct 2024 08:23:20 GMT
x-swift-cachetime: 86400
timing-allow-origin: *
eagleid: a3b5839b17285323427731401e
X-Firefox-Spdy: h2
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/vendor.css
163.181.131.243200 OK 179 kB URL GET HTTP/2 g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/vendor.css
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 179 kB (179268 bytes)
Hash 68b4cc76bd4b0ac453a3d7e7e968c39b
ccc6d486f269a2f713f221715ddcf474250be0b5
fd86b718625267927e8d1f9c836eff61e2ecd23f8b3b5aa3e43dd610e6c6dac0
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.17/vendor.css HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: text/css
content-length: 179268
date: Wed, 09 Oct 2024 08:23:20 GMT
vary: Accept-Encoding
x-oss-request-id: 67063D78DE723237350BDAB7
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8832263238035558438
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: aLTMdr1LCsRTo9fn6WjDmw==
x-oss-server-time: 7
access-control-allow-origin: *
x-source-scheme: https
content-encoding: gzip
via: ens-cache16.l2de3[260,260,200-0,M], ens-cache5.l2de3[263,0], ens-cache5.l2de3[265,0], ens-cache3.de7[0,0,200-0,H], ens-cache7.de7[1,0]
age: 70142
ali-swift-global-savetime: 1728462200
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 09 Oct 2024 08:23:20 GMT
x-swift-cachetime: 86400
timing-allow-origin: *
eagleid: a3b5839b17285323427751403e
X-Firefox-Spdy: h2
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/share.js
163.181.131.243200 OK 645 kB URL GET HTTP/2 g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/share.js
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 645 kB (645080 bytes)
Hash fcd018217093ac17e3a9f7830e2f9140
63faee3e6b5d1aeebe4396c728bd77f17970bc1e
7475fa11aad81c11c1103cff23f57c411ac6d27950a8a138aadc6b1cd34d7f69
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.17/share.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 645080
date: Wed, 09 Oct 2024 08:23:20 GMT
vary: Accept-Encoding
x-oss-request-id: 67063D78AF984A3134715321
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9279476008452913636
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: /NAYIXCTrBfjqfeDDi+RQA==
x-oss-server-time: 15
access-control-allow-origin: *
x-source-scheme: https
content-encoding: gzip
via: ens-cache4.l2de3[213,213,200-0,M], ens-cache4.l2de3[214,0], ens-cache4.l2de3[216,0], ens-cache6.de7[0,0,200-0,H], ens-cache6.de7[3,0]
age: 70142
ali-swift-global-savetime: 1728462200
x-cache: HIT TCP_HIT dirn:12:783703289
x-swift-savetime: Wed, 09 Oct 2024 08:23:20 GMT
x-swift-cachetime: 86400
timing-allow-origin: *
eagleid: a3b5839a17285323427793507e
X-Firefox-Spdy: h2
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/vendor.js
163.181.131.243200 OK 1.8 MB URL GET HTTP/2 g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/vendor.js
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type JavaScript source, ASCII text, with very long lines (27826)
Size 1.8 MB (1766198 bytes)
Hash 0008de1c79bbfe4842f038cdac88fb93
dc9d56d8c43d7552cd019788986588ecd91987e6
30966bab6d633f1282bc819daab0723fd419d8a43ec3137bd1262d8afd31f7d3
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.17/vendor.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 1766198
date: Wed, 09 Oct 2024 08:23:25 GMT
vary: Accept-Encoding
x-oss-request-id: 67063D7DE938343738D39DD1
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 4909269459566022882
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: AAjeHHm7/khC8DjNrIj7kw==
x-oss-server-time: 147
access-control-allow-origin: *
x-source-scheme: https
content-encoding: gzip
via: ens-cache16.l2de3[5331,5330,200-0,M], ens-cache8.l2de3[5332,0], ens-cache8.l2de3[5334,0], ens-cache2.de7[0,0,200-0,H], ens-cache6.de7[3,0]
age: 70137
ali-swift-global-savetime: 1728462205
x-cache: HIT TCP_HIT dirn:12:235715169
x-swift-savetime: Wed, 09 Oct 2024 08:23:26 GMT
x-swift-cachetime: 86399
timing-allow-origin: *
eagleid: a3b5839a17285323427913533e
X-Firefox-Spdy: h2
GET g.alicdn.com/secdev/sufei_data/3.9.14/index.js
163.181.131.243200 OK 7.4 kB URL GET HTTP/2 g.alicdn.com/secdev/sufei_data/3.9.14/index.js
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type JavaScript source, ASCII text, with very long lines (17754), with no line terminators
Hash b9a5a9592db7e29feb4cc5e8814dea21
7efbde36c1131ebd7b51ae536eb087a8cebdbb7e
f4425a89ec24254262bc3d81a838890e5c9740428e28cd96e520c5bf8ddffa4c
GET /secdev/sufei_data/3.9.14/index.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 7398
date: Mon, 08 Jan 2024 06:22:16 GMT
x-oss-request-id: 659B949888D14B393577F489
accept-ranges: bytes
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12593839585633272550
x-oss-storage-class: Standard
content-encoding: gzip
cache-control: max-age=99999999
content-md5: mYdC0z0rPw0pY52mKJdpuQ==
x-oss-server-time: 11
access-control-allow-origin: *
x-bucket-code: 2
via: cache34.l2sg4[0,0,200-0,H], cache24.l2sg4[1,0], cache24.l2sg4[1,0], ens-cache6.de7[0,0,200-0,H], ens-cache6.de7[1,0]
age: 23837407
ali-swift-global-savetime: 1704694936
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 05 Sep 2024 02:54:38 GMT
x-swift-cachetime: 79190057
timing-allow-origin: *
eagleid: a3b5839a17285323437525309e
X-Firefox-Spdy: h2
GET g.alicdn.com/??/sd/baxia/2.5.20/baxiaCommon.js
163.181.131.243200 OK 13 kB URL GET HTTP/2 g.alicdn.com/??/sd/baxia/2.5.20/baxiaCommon.js
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (31847)
Hash 52a7b0f08deb4eecafd81b5d4e03e705
943180cd6ead13d91b9961922b4bae692e32899f
9f1020cdb6d9f692fdd6fe785d78200b8543a6b3d8eed978b6f1d372cc3ac9b5
GET /??/sd/baxia/2.5.20/baxiaCommon.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 12601
date: Wed, 09 Oct 2024 06:09:32 GMT
vary: Accept-Encoding
x-oss-request-id: 67061E1C2DA5D139381845A7
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12294121357720256053
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: Uqew8I3rTuyv2BtdTgPnBQ==
x-oss-server-time: 19
access-control-allow-origin: *
x-source-scheme: https
content-encoding: gzip
via: ens-cache1.l2de3[215,57,200-0,C], ens-cache6.l2de3[59,0], ens-cache6.l2de3[59,0], ens-cache5.de7[0,0,200-0,H], ens-cache6.de7[1,0]
age: 78171
ali-swift-global-savetime: 1728454172
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 09 Oct 2024 06:09:32 GMT
x-swift-cachetime: 86400
timing-allow-origin: *
eagleid: a3b5839a17285323437545315e
X-Firefox-Spdy: h2
GET g.alicdn.com/AWSC/et/1.81.8/et_n.js
163.181.131.243200 OK 95 kB URL GET HTTP/2 g.alicdn.com/AWSC/et/1.81.8/et_n.js
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
Hash 72f3ea16df0a2c318bf8f60b221f6080
e75b27db343b47e5100da031c6b313c9257fab06
79c09816cf58dfbdc34fdb3460503acd50aedaabfea74ad5a21140b2c0888cac
GET /AWSC/et/1.81.8/et_n.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 94658
date: Wed, 09 Oct 2024 06:27:02 GMT
x-oss-request-id: 67062236217E5E3834832083
accept-ranges: bytes
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12094717157267043070
x-oss-storage-class: Standard
content-encoding: gzip
cache-control: max-age=2592000,s-maxage=86400
content-md5: x811l0FOR8vi8Bf2pZnUIQ==
x-oss-server-time: 20
access-control-allow-origin: *
x-source-scheme: https
via: ens-cache6.l2de3[216,122,200-0,C], ens-cache3.l2de3[124,0], ens-cache3.l2de3[124,0], ens-cache6.de7[0,0,200-0,H], ens-cache7.de7[7,0]
age: 77121
ali-swift-global-savetime: 1728455222
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 09 Oct 2024 06:27:02 GMT
x-swift-cachetime: 86400
timing-allow-origin: *
eagleid: a3b5839b17285323437513208e
X-Firefox-Spdy: h2
r11.o.lencr.org/
23.33.119.27 504 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ccb7c0a230775ffeed6f8a2d5495f2f4
b64d41f2ff0740b511f8043dd7f00db3d937bdc8
c1086024116cc032f78be5a4521af542f33df4c8534249eaf15c5eeccf4ec5f7
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C1086024116CC032F78BE5A4521AF542F33DF4C8534249EAF15C5EECCF4EC5F7"
Last-Modified: Wed, 09 Oct 2024 23:02:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4203
Expires: Thu, 10 Oct 2024 05:02:27 GMT
Date: Thu, 10 Oct 2024 03:52:24 GMT
Connection: keep-alive
r11.o.lencr.org/
23.33.119.27 504 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ccb7c0a230775ffeed6f8a2d5495f2f4
b64d41f2ff0740b511f8043dd7f00db3d937bdc8
c1086024116cc032f78be5a4521af542f33df4c8534249eaf15c5eeccf4ec5f7
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C1086024116CC032F78BE5A4521AF542F33DF4C8534249EAF15C5EECCF4EC5F7"
Last-Modified: Wed, 09 Oct 2024 23:02:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4203
Expires: Thu, 10 Oct 2024 05:02:27 GMT
Date: Thu, 10 Oct 2024 03:52:24 GMT
Connection: keep-alive
r11.o.lencr.org/
23.33.119.27 504 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ccb7c0a230775ffeed6f8a2d5495f2f4
b64d41f2ff0740b511f8043dd7f00db3d937bdc8
c1086024116cc032f78be5a4521af542f33df4c8534249eaf15c5eeccf4ec5f7
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C1086024116CC032F78BE5A4521AF542F33DF4C8534249EAF15C5EECCF4EC5F7"
Last-Modified: Wed, 09 Oct 2024 23:02:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4203
Expires: Thu, 10 Oct 2024 05:02:27 GMT
Date: Thu, 10 Oct 2024 03:52:24 GMT
Connection: keep-alive
r11.o.lencr.org/
23.33.119.27 504 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ccb7c0a230775ffeed6f8a2d5495f2f4
b64d41f2ff0740b511f8043dd7f00db3d937bdc8
c1086024116cc032f78be5a4521af542f33df4c8534249eaf15c5eeccf4ec5f7
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C1086024116CC032F78BE5A4521AF542F33DF4C8534249EAF15C5EECCF4EC5F7"
Last-Modified: Wed, 09 Oct 2024 23:02:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4203
Expires: Thu, 10 Oct 2024 05:02:27 GMT
Date: Thu, 10 Oct 2024 03:52:24 GMT
Connection: keep-alive
r11.o.lencr.org/
23.33.119.27 504 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ccb7c0a230775ffeed6f8a2d5495f2f4
b64d41f2ff0740b511f8043dd7f00db3d937bdc8
c1086024116cc032f78be5a4521af542f33df4c8534249eaf15c5eeccf4ec5f7
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C1086024116CC032F78BE5A4521AF542F33DF4C8534249EAF15C5EECCF4EC5F7"
Last-Modified: Wed, 09 Oct 2024 23:02:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4203
Expires: Thu, 10 Oct 2024 05:02:27 GMT
Date: Thu, 10 Oct 2024 03:52:24 GMT
Connection: keep-alive
GET pan.quark.cn/api/computerinfo?fr=pc&platform=pc&__dt=4116&__t=1728532345124
203.119.175.188200 OK 38 B URL GET HTTP/2 pan.quark.cn/api/computerinfo?fr=pc&platform=pc&__dt=4116&__t=1728532345124
IP 203.119.175.188:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.alibaba.com
FingerprintDD:7F:4F:EB:01:41:A8:02:59:C5:4B:CD:12:26:60:E8:9D:C1:04:8E
ValidityWed, 13 Mar 2024 08:47:05 GMT - Mon, 14 Apr 2025 08:41:13 GMT
Hash 8e8018db2ef2b18e8ce281dfd5bc12d1
633dff1815e3d644dd4b467a73bde50e11257a87
11a5c88b44bff43e035ef460f19a3137da784bbf8e25ee666b9822f5a278bd5f
GET /api/computerinfo?fr=pc&platform=pc&__dt=4116&__t=1728532345124 HTTP/1.1
Host: pan.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
bx-v: 2.5.20
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/s/d362d7bc924b
Cookie: ctoken=7y0Lx8iuQ21wFnXH054SJIJO; isg=BKOjkW4-wI0uJYy5ikfuT7m3Me5NmDfadTne19UA_4J5FMM2XWjHKoFCCn4ar4_S; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Oct 2024 03:52:25 GMT
content-type: application/json; charset=utf-8
content-length: 38
vary: Accept-Encoding, Origin
x-server-id: a132805fe77874e4b29c9334f3d6bf617efccfb643b4fef0f62a1d1c5235b4da4c427b534959585769e0864a7a6bbec4
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
strict-transport-security: max-age=31536000
x-readtime: 1
server: Tengine/Aserver
eagleeye-traceid: 213e363217285323452041259e8052
timing-allow-origin: *
X-Firefox-Spdy: h2
GET pan.quark.cn/api/config?fr=pc&platform=pc&__dt=4116&__t=1728532345124
203.119.175.188200 OK 983 B URL GET HTTP/2 pan.quark.cn/api/config?fr=pc&platform=pc&__dt=4116&__t=1728532345124
IP 203.119.175.188:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.alibaba.com
FingerprintDD:7F:4F:EB:01:41:A8:02:59:C5:4B:CD:12:26:60:E8:9D:C1:04:8E
ValidityWed, 13 Mar 2024 08:47:05 GMT - Mon, 14 Apr 2025 08:41:13 GMT
Hash df15ae9e3ab9c221b4d450ce1247f4e9
1e18cbaa7909af51c6dce51b9a3d50391e3a1e05
0a4f1338eed6ed21edf705f3a0a3ef3dec348679acb273381bbdf98895ce9d85
GET /api/config?fr=pc&platform=pc&__dt=4116&__t=1728532345124 HTTP/1.1
Host: pan.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
bx-v: 2.5.20
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/s/d362d7bc924b
Cookie: ctoken=7y0Lx8iuQ21wFnXH054SJIJO; isg=BKOjkW4-wI0uJYy5ikfuT7m3Me5NmDfadTne19UA_4J5FMM2XWjHKoFCCn4ar4_S; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Oct 2024 03:52:25 GMT
content-type: application/json; charset=utf-8
content-length: 983
vary: Accept-Encoding, Origin
x-server-id: a132805fe77874e4b29c9334f3d6bf617efccfb643b4fef0f62a1d1c5235b4da4c427b5349595857c69a1e02a9ed5ad1
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
strict-transport-security: max-age=31536000
x-readtime: 1
server: Tengine/Aserver
eagleeye-traceid: 213e363217285323452041260e8052
timing-allow-origin: *
X-Firefox-Spdy: h2
GET px.wpk.quark.cn/api/v1/jconfig?wpk-header=app%3Diltsi7g3-0w3asjm9%26tm%3D1728532344%26ud%3Db02bc8be-520c-4220-0b60-b2fffbec409b%26sver%3D1.2.8%26sign%3Dc41e43c828c16c16a6eb1c9c1e68e8ce
111.63.205.135200 OK 130 B URL GET HTTP/1.1 px.wpk.quark.cn/api/v1/jconfig?wpk-header=app%3Diltsi7g3-0w3asjm9%26tm%3D1728532344%26ud%3Db02bc8be-520c-4220-0b60-b2fffbec409b%26sver%3D1.2.8%26sign%3Dc41e43c828c16c16a6eb1c9c1e68e8ce
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
Hash 46e03d27e7c2143e8dec035b4ffc09f0
b0024b0fb760a6a966fccefe8ad5bcddbb142f65
30f3acb8ee811ba6a2ccfbd66bb8b26371636104c3e72e0354eadd857e3fc9d7
GET /api/v1/jconfig?wpk-header=app%3Diltsi7g3-0w3asjm9%26tm%3D1728532344%26ud%3Db02bc8be-520c-4220-0b60-b2fffbec409b%26sver%3D1.2.8%26sign%3Dc41e43c828c16c16a6eb1c9c1e68e8ce HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323451502%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dflow%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
111.63.205.135200 OK 20 B URL POST HTTP/1.1 px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323451502%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dflow%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
File type gzip compressed data, from Unix
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323451502%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dflow%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 962
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BKOjkW4-wI0uJYy5ikfuT7m3Me5NmDfadTne19UA_4J5FMM2XWjHKoFCCn4ar4_S; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gTa-w6bGLhcW16FXspsmxX_Y9nCGmuFzH8P6-vDkA-eYTJnnA0coJDwSnzmnPY2x9XGiOyY5YvQj9f1UP4whJvNZ3U2h4DYpare9-UXP4WTKS26GINbgaSgEROmzyzIrUXPjdO00fdUm826GnNbga7uUQ8HyqHFfMblMF2G7dZ1xOXvWAUwQGsHqO2MQd21YGwf12xOSQeEEw1y592HvReaxNbH_Mxhqgrh-2A_ZHeNukbn-C74k7aGs6lUxju15Vf3K37zm2esyQP4t7k9iBXxRMyteY0GqwXoWJvwgcTcxI_CJYHoxgjHGMsKeY0GqMAfRwH-EDj5..
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D1728532345791%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
111.63.205.135200 OK 20 B URL POST HTTP/1.1 px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D1728532345791%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
File type gzip compressed data, from Unix
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D1728532345791%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1092
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BJ-fpUrCBFGy8QBNbmsqA1UDLfopBPOmCU1SQzHsO86VwL9COdSD9h2Shsq-w8se; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gTa-w6bGLhcW16FXspsmxX_Y9nCGmuFzH8P6-vDkA-eYTJnnA0coJDwSnzmnPY2x9XGiOyY5YvQj9f1UP4whJvNZ3U2h4DYpare9-UXP4WTKS26GINbgaSgEROmzyzIrUXPjdO00fdUm826GnNbga7uUQ8HyqHFfMblMF2G7dZ1xOXvWAUwQGsHqO2MQd21YGwf12xOSQeEEw1y592HvReaxNbH_Mxhqgrh-2A_ZHeNukbn-C74k7aGs6lUxju15Vf3K37zm2esyQP4t7k9iBXxRMyteY0GqwXoWJvwgcTcxI_CJYHoxgjHGMsKeY0GqMAfRwH-EDj5..
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323453088%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
111.63.205.135200 OK 20 B URL POST HTTP/1.1 px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323453088%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
File type gzip compressed data, from Unix
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323453088%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2473
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BJ-fpUrCBFGy8QBNbmsqA1UDLfopBPOmCU1SQzHsO86VwL9COdSD9h2Shsq-w8se; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gTa-w6bGLhcW16FXspsmxX_Y9nCGmuFzH8P6-vDkA-eYTJnnA0coJDwSnzmnPY2x9XGiOyY5YvQj9f1UP4whJvNZ3U2h4DYpare9-UXP4WTKS26GINbgaSgEROmzyzIrUXPjdO00fdUm826GnNbga7uUQ8HyqHFfMblMF2G7dZ1xOXvWAUwQGsHqO2MQd21YGwf12xOSQeEEw1y592HvReaxNbH_Mxhqgrh-2A_ZHeNukbn-C74k7aGs6lUxju15Vf3K37zm2esyQP4t7k9iBXxRMyteY0GqwXoWJvwgcTcxI_CJYHoxgjHGMsKeY0GqMAfRwH-EDj5..
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323452014%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
111.63.205.135200 OK 20 B URL POST HTTP/1.1 px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323452014%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
File type gzip compressed data, from Unix
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323452014%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 6405
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BJ-fpUrCBFGy8QBNbmsqA1UDLfopBPOmCU1SQzHsO86VwL9COdSD9h2Shsq-w8se; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gTa-w6bGLhcW16FXspsmxX_Y9nCGmuFzH8P6-vDkA-eYTJnnA0coJDwSnzmnPY2x9XGiOyY5YvQj9f1UP4whJvNZ3U2h4DYpare9-UXP4WTKS26GINbgaSgEROmzyzIrUXPjdO00fdUm826GnNbga7uUQ8HyqHFfMblMF2G7dZ1xOXvWAUwQGsHqO2MQd21YGwf12xOSQeEEw1y592HvReaxNbH_Mxhqgrh-2A_ZHeNukbn-C74k7aGs6lUxju15Vf3K37zm2esyQP4t7k9iBXxRMyteY0GqwXoWJvwgcTcxI_CJYHoxgjHGMsKeY0GqMAfRwH-EDj5..
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323454143%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dflow%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
111.63.205.135200 OK 20 B URL POST HTTP/1.1 px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323454143%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dflow%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
File type gzip compressed data, from Unix
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323454143%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dflow%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 962
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BKOjkW4-wI0uJYy5ikfuT7m3Me5NmDfadTne19UA_4J5FMM2XWjHKoFCCn4ar4_S; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gTa-w6bGLhcW16FXspsmxX_Y9nCGmuFzH8P6-vDkA-eYTJnnA0coJDwSnzmnPY2x9XGiOyY5YvQj9f1UP4whJvNZ3U2h4DYpare9-UXP4WTKS26GINbgaSgEROmzyzIrUXPjdO00fdUm826GnNbga7uUQ8HyqHFfMblMF2G7dZ1xOXvWAUwQGsHqO2MQd21YGwf12xOSQeEEw1y592HvReaxNbH_Mxhqgrh-2A_ZHeNukbn-C74k7aGs6lUxju15Vf3K37zm2esyQP4t7k9iBXxRMyteY0GqwXoWJvwgcTcxI_CJYHoxgjHGMsKeY0GqMAfRwH-EDj5..
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
OPTIONS drive-h.quark.cn/1/clouddrive/share/sharepage/token?pr=ucpro&fr=pc&uc_param_str=&__dt=4116&__t=1728532345124
59.82.23.111200 OK 0 B URL OPTIONS HTTP/2 drive-h.quark.cn/1/clouddrive/share/sharepage/token?pr=ucpro&fr=pc&uc_param_str=&__dt=4116&__t=1728532345124
IP 59.82.23.111:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.alibaba.com
FingerprintDD:7F:4F:EB:01:41:A8:02:59:C5:4B:CD:12:26:60:E8:9D:C1:04:8E
ValidityWed, 13 Mar 2024 08:47:05 GMT - Mon, 14 Apr 2025 08:41:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /1/clouddrive/share/sharepage/token?pr=ucpro&fr=pc&uc_param_str=&__dt=4116&__t=1728532345124 HTTP/1.1
Host: drive-h.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pan.quark.cn/
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 10 Oct 2024 03:52:26 GMT
content-length: 0
server: Tengine
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
x-application-context: clouddrive-api:dev,online,quark:9019
x-req-id: 97mvkt-23e9bd9d15e33e
access-control-allow-origin: https://pan.quark.cn
vary: Origin
access-control-allow-methods: POST,GET,OPTIONS,DELETE,PATCH
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
eagleeye-traceid: 212c9c0a17285323464084706e9042
timing-allow-origin: *
X-Firefox-Spdy: h2
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D1728532345579%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
111.63.205.135200 OK 20 B URL POST HTTP/1.1 px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D1728532345579%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
File type gzip compressed data, from Unix
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D1728532345579%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1452
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BJ-fpUrCBFGy8QBNbmsqA1UDLfopBPOmCU1SQzHsO86VwL9COdSD9h2Shsq-w8se; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gTa-w6bGLhcW16FXspsmxX_Y9nCGmuFzH8P6-vDkA-eYTJnnA0coJDwSnzmnPY2x9XGiOyY5YvQj9f1UP4whJvNZ3U2h4DYpare9-UXP4WTKS26GINbgaSgEROmzyzIrUXPjdO00fdUm826GnNbga7uUQ8HyqHFfMblMF2G7dZ1xOXvWAUwQGsHqO2MQd21YGwf12xOSQeEEw1y592HvReaxNbH_Mxhqgrh-2A_ZHeNukbn-C74k7aGs6lUxju15Vf3K37zm2esyQP4t7k9iBXxRMyteY0GqwXoWJvwgcTcxI_CJYHoxgjHGMsKeY0GqMAfRwH-EDj5..
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323455445%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
111.63.205.135200 OK 20 B URL POST HTTP/1.1 px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323455445%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
File type gzip compressed data, from Unix
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323455445%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1740
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BJ-fpUrCBFGy8QBNbmsqA1UDLfopBPOmCU1SQzHsO86VwL9COdSD9h2Shsq-w8se; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gTa-w6bGLhcW16FXspsmxX_Y9nCGmuFzH8P6-vDkA-eYTJnnA0coJDwSnzmnPY2x9XGiOyY5YvQj9f1UP4whJvNZ3U2h4DYpare9-UXP4WTKS26GINbgaSgEROmzyzIrUXPjdO00fdUm826GnNbga7uUQ8HyqHFfMblMF2G7dZ1xOXvWAUwQGsHqO2MQd21YGwf12xOSQeEEw1y592HvReaxNbH_Mxhqgrh-2A_ZHeNukbn-C74k7aGs6lUxju15Vf3K37zm2esyQP4t7k9iBXxRMyteY0GqwXoWJvwgcTcxI_CJYHoxgjHGMsKeY0GqMAfRwH-EDj5..
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
GET pan.quark.cn/api/client_version?fr=pc&platform=pc&__dt=4116&__t=1728532345124
203.119.175.188200 OK 6.7 kB URL GET HTTP/2 pan.quark.cn/api/client_version?fr=pc&platform=pc&__dt=4116&__t=1728532345124
IP 203.119.175.188:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.alibaba.com
FingerprintDD:7F:4F:EB:01:41:A8:02:59:C5:4B:CD:12:26:60:E8:9D:C1:04:8E
ValidityWed, 13 Mar 2024 08:47:05 GMT - Mon, 14 Apr 2025 08:41:13 GMT
Hash 6cfa323300c3b960a3e96500a48362d0
08ab73ea51495b67349d8f275a37ff641897b1f3
467b5e11a5f76667520435fc55c6285ccbd386871f1f798a42f39f9876555f3b
GET /api/client_version?fr=pc&platform=pc&__dt=4116&__t=1728532345124 HTTP/1.1
Host: pan.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
bx-v: 2.5.20
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/s/d362d7bc924b
Cookie: ctoken=7y0Lx8iuQ21wFnXH054SJIJO; isg=BKOjkW4-wI0uJYy5ikfuT7m3Me5NmDfadTne19UA_4J5FMM2XWjHKoFCCn4ar4_S; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Oct 2024 03:52:25 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
x-server-id: a132805fe77874e4b29c9334f3d6bf617efccfb643b4fef0f62a1d1c5235b4da4c427b5349595857678b354ac28bca78
cache-control: no-cache
set-cookie: grey-id=f61552c5-3e82-aadb-4b97-2b3637fe3f11; path=/; httponly
grey-id.sig=J0CECAsVjhT1rk6xcHvIfm0mv7WV0H20VI620pBL27c; path=/; httponly
isQuark=true; path=/; httponly
isQuark.sig=hUgqObykqFom5Y09bll94T1sS9abT1X-4Df_lzgl8nM; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
strict-transport-security: max-age=31536000
x-readtime: 1
content-encoding: gzip
server: Tengine/Aserver
eagleeye-traceid: 213e363217285323452141262e8052
timing-allow-origin: *
X-Firefox-Spdy: h2
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323456016%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
111.63.205.135200 OK 20 B URL POST HTTP/1.1 px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323456016%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
File type gzip compressed data, from Unix
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323456016%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1452
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BJ-fpUrCBFGy8QBNbmsqA1UDLfopBPOmCU1SQzHsO86VwL9COdSD9h2Shsq-w8se; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gTa-w6bGLhcW16FXspsmxX_Y9nCGmuFzH8P6-vDkA-eYTJnnA0coJDwSnzmnPY2x9XGiOyY5YvQj9f1UP4whJvNZ3U2h4DYpare9-UXP4WTKS26GINbgaSgEROmzyzIrUXPjdO00fdUm826GnNbga7uUQ8HyqHFfMblMF2G7dZ1xOXvWAUwQGsHqO2MQd21YGwf12xOSQeEEw1y592HvReaxNbH_Mxhqgrh-2A_ZHeNukbn-C74k7aGs6lUxju15Vf3K37zm2esyQP4t7k9iBXxRMyteY0GqwXoWJvwgcTcxI_CJYHoxgjHGMsKeY0GqMAfRwH-EDj5..
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D1728532345301%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
111.63.205.135200 OK 20 B URL POST HTTP/1.1 px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D1728532345301%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
File type gzip compressed data, from Unix
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D1728532345301%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1740
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BJ-fpUrCBFGy8QBNbmsqA1UDLfopBPOmCU1SQzHsO86VwL9COdSD9h2Shsq-w8se; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gTa-w6bGLhcW16FXspsmxX_Y9nCGmuFzH8P6-vDkA-eYTJnnA0coJDwSnzmnPY2x9XGiOyY5YvQj9f1UP4whJvNZ3U2h4DYpare9-UXP4WTKS26GINbgaSgEROmzyzIrUXPjdO00fdUm826GnNbga7uUQ8HyqHFfMblMF2G7dZ1xOXvWAUwQGsHqO2MQd21YGwf12xOSQeEEw1y592HvReaxNbH_Mxhqgrh-2A_ZHeNukbn-C74k7aGs6lUxju15Vf3K37zm2esyQP4t7k9iBXxRMyteY0GqwXoWJvwgcTcxI_CJYHoxgjHGMsKeY0GqMAfRwH-EDj5..
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323451294%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
111.63.205.135200 OK 20 B URL POST HTTP/1.1 px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323451294%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
File type gzip compressed data, from Unix
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323451294%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1452
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BJ-fpUrCBFGy8QBNbmsqA1UDLfopBPOmCU1SQzHsO86VwL9COdSD9h2Shsq-w8se; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gTa-w6bGLhcW16FXspsmxX_Y9nCGmuFzH8P6-vDkA-eYTJnnA0coJDwSnzmnPY2x9XGiOyY5YvQj9f1UP4whJvNZ3U2h4DYpare9-UXP4WTKS26GINbgaSgEROmzyzIrUXPjdO00fdUm826GnNbga7uUQ8HyqHFfMblMF2G7dZ1xOXvWAUwQGsHqO2MQd21YGwf12xOSQeEEw1y592HvReaxNbH_Mxhqgrh-2A_ZHeNukbn-C74k7aGs6lUxju15Vf3K37zm2esyQP4t7k9iBXxRMyteY0GqwXoWJvwgcTcxI_CJYHoxgjHGMsKeY0GqMAfRwH-EDj5..
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D1728532345320%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
111.63.205.135200 OK 20 B URL POST HTTP/1.1 px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D1728532345320%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
File type gzip compressed data, from Unix
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D1728532345320%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1740
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BJ-fpUrCBFGy8QBNbmsqA1UDLfopBPOmCU1SQzHsO86VwL9COdSD9h2Shsq-w8se; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gTa-w6bGLhcW16FXspsmxX_Y9nCGmuFzH8P6-vDkA-eYTJnnA0coJDwSnzmnPY2x9XGiOyY5YvQj9f1UP4whJvNZ3U2h4DYpare9-UXP4WTKS26GINbgaSgEROmzyzIrUXPjdO00fdUm826GnNbga7uUQ8HyqHFfMblMF2G7dZ1xOXvWAUwQGsHqO2MQd21YGwf12xOSQeEEw1y592HvReaxNbH_Mxhqgrh-2A_ZHeNukbn-C74k7aGs6lUxju15Vf3K37zm2esyQP4t7k9iBXxRMyteY0GqwXoWJvwgcTcxI_CJYHoxgjHGMsKeY0GqMAfRwH-EDj5..
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323459333%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
111.63.205.135200 OK 20 B URL POST HTTP/1.1 px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323459333%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
File type gzip compressed data, from Unix
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323459333%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1452
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BJ-fpUrCBFGy8QBNbmsqA1UDLfopBPOmCU1SQzHsO86VwL9COdSD9h2Shsq-w8se; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gTa-w6bGLhcW16FXspsmxX_Y9nCGmuFzH8P6-vDkA-eYTJnnA0coJDwSnzmnPY2x9XGiOyY5YvQj9f1UP4whJvNZ3U2h4DYpare9-UXP4WTKS26GINbgaSgEROmzyzIrUXPjdO00fdUm826GnNbga7uUQ8HyqHFfMblMF2G7dZ1xOXvWAUwQGsHqO2MQd21YGwf12xOSQeEEw1y592HvReaxNbH_Mxhqgrh-2A_ZHeNukbn-C74k7aGs6lUxju15Vf3K37zm2esyQP4t7k9iBXxRMyteY0GqwXoWJvwgcTcxI_CJYHoxgjHGMsKeY0GqMAfRwH-EDj5..
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323451100%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
111.63.205.135200 OK 20 B URL POST HTTP/1.1 px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323451100%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
File type gzip compressed data, from Unix
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323451100%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1452
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BJ-fpUrCBFGy8QBNbmsqA1UDLfopBPOmCU1SQzHsO86VwL9COdSD9h2Shsq-w8se; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gTa-w6bGLhcW16FXspsmxX_Y9nCGmuFzH8P6-vDkA-eYTJnnA0coJDwSnzmnPY2x9XGiOyY5YvQj9f1UP4whJvNZ3U2h4DYpare9-UXP4WTKS26GINbgaSgEROmzyzIrUXPjdO00fdUm826GnNbga7uUQ8HyqHFfMblMF2G7dZ1xOXvWAUwQGsHqO2MQd21YGwf12xOSQeEEw1y592HvReaxNbH_Mxhqgrh-2A_ZHeNukbn-C74k7aGs6lUxju15Vf3K37zm2esyQP4t7k9iBXxRMyteY0GqwXoWJvwgcTcxI_CJYHoxgjHGMsKeY0GqMAfRwH-EDj5..
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323453581%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
111.63.205.135200 OK 20 B URL POST HTTP/1.1 px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323453581%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
File type gzip compressed data, from Unix
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323453581%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1740
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BJ-fpUrCBFGy8QBNbmsqA1UDLfopBPOmCU1SQzHsO86VwL9COdSD9h2Shsq-w8se; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gTa-w6bGLhcW16FXspsmxX_Y9nCGmuFzH8P6-vDkA-eYTJnnA0coJDwSnzmnPY2x9XGiOyY5YvQj9f1UP4whJvNZ3U2h4DYpare9-UXP4WTKS26GINbgaSgEROmzyzIrUXPjdO00fdUm826GnNbga7uUQ8HyqHFfMblMF2G7dZ1xOXvWAUwQGsHqO2MQd21YGwf12xOSQeEEw1y592HvReaxNbH_Mxhqgrh-2A_ZHeNukbn-C74k7aGs6lUxju15Vf3K37zm2esyQP4t7k9iBXxRMyteY0GqwXoWJvwgcTcxI_CJYHoxgjHGMsKeY0GqMAfRwH-EDj5..
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323452509%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
111.63.205.135200 OK 20 B URL POST HTTP/1.1 px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323452509%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
File type gzip compressed data, from Unix
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323452509%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1740
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BJ-fpUrCBFGy8QBNbmsqA1UDLfopBPOmCU1SQzHsO86VwL9COdSD9h2Shsq-w8se; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gTa-w6bGLhcW16FXspsmxX_Y9nCGmuFzH8P6-vDkA-eYTJnnA0coJDwSnzmnPY2x9XGiOyY5YvQj9f1UP4whJvNZ3U2h4DYpare9-UXP4WTKS26GINbgaSgEROmzyzIrUXPjdO00fdUm826GnNbga7uUQ8HyqHFfMblMF2G7dZ1xOXvWAUwQGsHqO2MQd21YGwf12xOSQeEEw1y592HvReaxNbH_Mxhqgrh-2A_ZHeNukbn-C74k7aGs6lUxju15Vf3K37zm2esyQP4t7k9iBXxRMyteY0GqwXoWJvwgcTcxI_CJYHoxgjHGMsKeY0GqMAfRwH-EDj5..
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
GET fourier.alibaba.com/ts?url=&token=gQMxwXvH76qfAhn5xNOusl9-X_KHZjnqyqoCIP4c143-bVFg1Sq0B5gbrxVghr08XlZ3fAXX_Pp7XktZh-gMBPiUzt0Mg5XO0Y3dItY2gc6TKRTH-pvn00waCeVqHxd4ulo75e2oOwHuQRTHrpvn0myZ8qUVi1nW2orhlRZj5Lt8flbf1tgsV3UzfRas5Rt-Vwj9Mzsb8OhaDHuXXXzRCOM8coUI2zEz4YEYMy9UyOsoeoFYRm4RCOM8vXH8tjtXGkeTzmkuMOszFvDLLf_3Jlfv2A1N_SZzDlPfB15aGur8-nKA_1P84uUH23CN_SZz2yxvD15awu5..&cna=&ext=62
47.246.167.157200 OK 0 B URL GET HTTP/2 fourier.alibaba.com/ts?url=&token=gQMxwXvH76qfAhn5xNOusl9-X_KHZjnqyqoCIP4c143-bVFg1Sq0B5gbrxVghr08XlZ3fAXX_Pp7XktZh-gMBPiUzt0Mg5XO0Y3dItY2gc6TKRTH-pvn00waCeVqHxd4ulo75e2oOwHuQRTHrpvn0myZ8qUVi1nW2orhlRZj5Lt8flbf1tgsV3UzfRas5Rt-Vwj9Mzsb8OhaDHuXXXzRCOM8coUI2zEz4YEYMy9UyOsoeoFYRm4RCOM8vXH8tjtXGkeTzmkuMOszFvDLLf_3Jlfv2A1N_SZzDlPfB15aGur8-nKA_1P84uUH23CN_SZz2yxvD15awu5..&cna=&ext=62
IP 47.246.167.157:443
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.alibaba.com
FingerprintDD:7F:4F:EB:01:41:A8:02:59:C5:4B:CD:12:26:60:E8:9D:C1:04:8E
ValidityWed, 13 Mar 2024 08:47:05 GMT - Mon, 14 Apr 2025 08:41:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ts?url=&token=gQMxwXvH76qfAhn5xNOusl9-X_KHZjnqyqoCIP4c143-bVFg1Sq0B5gbrxVghr08XlZ3fAXX_Pp7XktZh-gMBPiUzt0Mg5XO0Y3dItY2gc6TKRTH-pvn00waCeVqHxd4ulo75e2oOwHuQRTHrpvn0myZ8qUVi1nW2orhlRZj5Lt8flbf1tgsV3UzfRas5Rt-Vwj9Mzsb8OhaDHuXXXzRCOM8coUI2zEz4YEYMy9UyOsoeoFYRm4RCOM8vXH8tjtXGkeTzmkuMOszFvDLLf_3Jlfv2A1N_SZzDlPfB15aGur8-nKA_1P84uUH23CN_SZz2yxvD15awu5..&cna=&ext=62 HTTP/1.1
Host: fourier.alibaba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 10 Oct 2024 03:52:26 GMT
content-type: image/gif
content-length: 0
server: Tengine/Aserver
eagleeye-traceid: 2102f5de17285323469923203ec56f
strict-transport-security: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
GET pan.quark.cn/favicon.ico
203.119.175.188200 OK 68 kB IP 203.119.175.188:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.alibaba.com
FingerprintDD:7F:4F:EB:01:41:A8:02:59:C5:4B:CD:12:26:60:E8:9D:C1:04:8E
ValidityWed, 13 Mar 2024 08:47:05 GMT - Mon, 14 Apr 2025 08:41:13 GMT
File type MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel
Hash d1915a670d360513a0fdf6f188a420d8
f006d326b6bed5291cad002ce8d7e4d7f3e7cf3d
69da77a1b1ef0c3337ca7d839d1f44d0e6ad568d9d4b1a89548062b6e77f047e
GET /favicon.ico HTTP/1.1
Host: pan.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/s/d362d7bc924b
Cookie: ctoken=7y0Lx8iuQ21wFnXH054SJIJO; isg=BJ-fpUrCBFGy8QBNbmsqA1UDLfopBPOmCU1SQzHsO86VwL9COdSD9h2Shsq-w8se; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gTa-w6bGLhcW16FXspsmxX_Y9nCGmuFzH8P6-vDkA-eYTJnnA0coJDwSnzmnPY2x9XGiOyY5YvQj9f1UP4whJvNZ3U2h4DYpare9-UXP4WTKS26GINbgaSgEROmzyzIrUXPjdO00fdUm826GnNbga7uUQ8HyqHFfMblMF2G7dZ1xOXvWAUwQGsHqO2MQd21YGwf12xOSQeEEw1y592HvReaxNbH_Mxhqgrh-2A_ZHeNukbn-C74k7aGs6lUxju15Vf3K37zm2esyQP4t7k9iBXxRMyteY0GqwXoWJvwgcTcxI_CJYHoxgjHGMsKeY0GqMAfRwH-EDj5..; grey-id=f61552c5-3e82-aadb-4b97-2b3637fe3f11; grey-id.sig=J0CECAsVjhT1rk6xcHvIfm0mv7WV0H20VI620pBL27c; isQuark=true; isQuark.sig=hUgqObykqFom5Y09bll94T1sS9abT1X-4Df_lzgl8nM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Oct 2024 03:52:26 GMT
content-type: image/vnd.microsoft.icon
content-length: 67646
vary: Origin
x-server-id: a132805fe77874e4b29c9334f3d6bf617efccfb643b4fef0f62a1d1c5235b4da4c427b534959585769e0864a7a6bbec4
cache-control: public, max-age=2592000
x-readtime: 1
server: Tengine/Aserver
eagleeye-traceid: 213e363217285323469711516e8052
strict-transport-security: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/2.css
163.181.131.243200 OK 2.7 kB URL GET HTTP/2 g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/2.css
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type ASCII text, with very long lines (13514), with no line terminators
Hash 0ac2198205f34d354c11485ae483c9c8
593836e8870490f35c0096d00abc39cdcb0589ff
ab2fd211e3bfdab9fc5f75dfcfb7070f020136efb358936910679153f0252bf0
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.17/2.css HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: text/css
content-length: 2676
date: Wed, 09 Oct 2024 08:27:20 GMT
vary: Accept-Encoding
x-oss-request-id: 67063E689529AA3434270DC6
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6503920091607059610
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: CsIZggXzTTVMEUha5IPJyA==
x-oss-server-time: 10
access-control-allow-origin: *
x-source-scheme: https
content-encoding: gzip
via: ens-cache4.l2de3[0,0,200-0,H], ens-cache14.l2de3[1,0], ens-cache14.l2de3[1,0], ens-cache7.de7[0,0,200-0,H], ens-cache7.de7[1,0]
age: 69908
ali-swift-global-savetime: 1728462440
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 09 Oct 2024 08:28:36 GMT
x-swift-cachetime: 86324
timing-allow-origin: *
eagleid: a3b5839b17285323481743182e
X-Firefox-Spdy: h2
GET drive-h.quark.cn/1/clouddrive/share/sharepage/detail?pr=ucpro&fr=pc&uc_param_str=&pwd_id=d362d7bc924b&stoken=H%2F%2FDGNjqWrOrxzwtWqNEmWceg8EiR1XVbLCp7sMfX14%3D&pdir_fid=0&force=0&_page=1&_size=50&_fetch_banner=1&_fetch_share=1&_fetch_total=1&_sort=file_type:asc,updated_at:desc&__dt=6814&__t=1728532347822
59.82.23.111200 OK 27 kB URL GET HTTP/2 drive-h.quark.cn/1/clouddrive/share/sharepage/detail?pr=ucpro&fr=pc&uc_param_str=&pwd_id=d362d7bc924b&stoken=H%2F%2FDGNjqWrOrxzwtWqNEmWceg8EiR1XVbLCp7sMfX14%3D&pdir_fid=0&force=0&_page=1&_size=50&_fetch_banner=1&_fetch_share=1&_fetch_total=1&_sort=file_type:asc,updated_at:desc&__dt=6814&__t=1728532347822
IP 59.82.23.111:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.alibaba.com
FingerprintDD:7F:4F:EB:01:41:A8:02:59:C5:4B:CD:12:26:60:E8:9D:C1:04:8E
ValidityWed, 13 Mar 2024 08:47:05 GMT - Mon, 14 Apr 2025 08:41:13 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Hash a6ad15feafc3a528f43c7e6db5ea3575
f2b5e7aad19a9ed8a44066380049f9b30cbc2110
fb3b5a2f9db0d15d3246afadc50ca45edc00492a3f52f0d2b1fcbf07b1d9ae9e
GET /1/clouddrive/share/sharepage/detail?pr=ucpro&fr=pc&uc_param_str=&pwd_id=d362d7bc924b&stoken=H%2F%2FDGNjqWrOrxzwtWqNEmWceg8EiR1XVbLCp7sMfX14%3D&pdir_fid=0&force=0&_page=1&_size=50&_fetch_banner=1&_fetch_share=1&_fetch_total=1&_sort=file_type:asc,updated_at:desc&__dt=6814&__t=1728532347822 HTTP/1.1
Host: drive-h.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BKamBQsB_TajQKmSj8jDRARw9BUoh-pBuN67fJBPkkmkE0Yt-Bc6UYzlb5WfoOJZ; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gWgsLivru72EgjvN_EdUV-o0k3z2afTzWsNxZjQNMPUtMrMQL5SwjoJjAxHUBNz9nJILGYB9idjTvWHbnRUqbRPxdjH9sSRilDbjZj0wsrRGSf40kLJyzrhisr0ICAiXLXdYireEw2Cisf4ctLJyzUlGhz3H7qUxH6ILsJITk-F9OJFbZiBtHrdBOSF7HNeAkJQLZ74YHxUvOXQURwNXfJl6tQFa9pdUMfeCkZ3Lflwj6i7Ak2N_fGcTdXlER5Z_Uk2w-_ujNj3aR06vXbanzouLdgzfz8asai1QqZFCjBOCmiqLQhCngTxoUlF318RBOgS0XWVQUBOCmiqTt5wyOBsPm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Oct 2024 03:52:27 GMT
content-type: application/json;charset=UTF-8
server: Tengine
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
x-application-context: clouddrive-api:dev,online,quark:9019
x-req-id: 396dlj-23e9bda00e6682
access-control-allow-origin: https://pan.quark.cn
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
content-encoding: gzip
eagleeye-traceid: 2106e65817285323479297929e8fd6
timing-allow-origin: *
X-Firefox-Spdy: h2
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/5.css
163.181.131.243200 OK 2.4 kB URL GET HTTP/2 g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/5.css
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type ASCII text, with very long lines (12659), with no line terminators
Hash 8e29742bddb7d6e26cbc5539b023be7b
209b1e39d2f72dbe7f229a2add02d42c04e866bc
33f13e40fae2778819fc65fa6f4eb72bb65b94333a86bc539ccb651711ea77bd
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.17/5.css HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: text/css
content-length: 2445
date: Wed, 09 Oct 2024 08:27:20 GMT
vary: Accept-Encoding
x-oss-request-id: 67063E6808CEF13433743D6B
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6707868629572893211
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: jil0K9231uJsvFU5sCO+ew==
x-oss-server-time: 16
access-control-allow-origin: *
x-source-scheme: https
content-encoding: gzip
via: ens-cache18.l2de3[0,0,200-0,H], ens-cache6.l2de3[0,0], ens-cache6.l2de3[2,0], ens-cache7.de7[0,0,200-0,H], ens-cache7.de7[1,0]
age: 69908
ali-swift-global-savetime: 1728462440
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 09 Oct 2024 08:28:36 GMT
x-swift-cachetime: 86324
timing-allow-origin: *
eagleid: a3b5839b17285323481883216e
X-Firefox-Spdy: h2
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/6.css
163.181.131.243200 OK 1.1 kB URL GET HTTP/2 g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/6.css
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type ASCII text, with very long lines (1639), with no line terminators
Hash 9827790ecce07b12abd1b064dec03cf0
5c1d35de770d0da6b55d1bd954086a36d0c1c53e
cb88801cc9ae376214f306136822ed3e1d47aa226968eaca39858a9433d3c995
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.17/6.css HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: text/css
content-length: 1054
date: Wed, 09 Oct 2024 08:27:20 GMT
vary: Accept-Encoding
x-oss-request-id: 67063E6883B9F33832DE97D3
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 14218279271026170770
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: mCd5DszgexKr0bBk3sA88A==
x-oss-server-time: 19
access-control-allow-origin: *
x-source-scheme: https
content-encoding: gzip
via: ens-cache1.l2de3[0,0,200-0,H], ens-cache3.l2de3[1,0], ens-cache3.l2de3[1,0], ens-cache1.de7[0,0,200-0,H], ens-cache7.de7[1,0]
age: 69908
ali-swift-global-savetime: 1728462440
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 09 Oct 2024 08:28:36 GMT
x-swift-cachetime: 86324
timing-allow-origin: *
eagleid: a3b5839b17285323481893217e
X-Firefox-Spdy: h2
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/6.js
163.181.131.243200 OK 20 kB URL GET HTTP/2 g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/6.js
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type JavaScript source, ASCII text, with very long lines (49680)
Hash 2fb116971750e5828af2d3bbe988b206
a532f9540b7bd3d692dc9139f55b4b0b83bd6632
663826e926cb64259f830b10318ee51b16ad9d4a720f2957bb533107dbba8f7a
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.17/6.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 19697
date: Wed, 09 Oct 2024 08:27:20 GMT
vary: Accept-Encoding
x-oss-request-id: 67063E68D14E933738D5C05A
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5283892912292444437
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: L7EWlxdQ5YKK8tO76YiyBg==
x-oss-server-time: 34
access-control-allow-origin: *
x-source-scheme: https
content-encoding: gzip
via: ens-cache10.l2de3[0,0,200-0,H], ens-cache10.l2de3[2,0], ens-cache10.l2de3[11,0], ens-cache2.de7[0,0,200-0,H], ens-cache7.de7[1,0]
age: 69908
ali-swift-global-savetime: 1728462440
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 09 Oct 2024 08:28:36 GMT
x-swift-cachetime: 86324
timing-allow-origin: *
eagleid: a3b5839b17285323481923222e
X-Firefox-Spdy: h2
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/14.css
163.181.131.243200 OK 51 kB URL GET HTTP/2 g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/14.css
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8919229574cadc26f30acea3c688ebce
8c1bd617b57e9924ff871efeee2eb739503e01b5
4b79dee0a4abef892a44ce73445fcf4f9249447b22286f069cb6063cc8f943d0
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.17/14.css HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: text/css
content-length: 51349
date: Wed, 09 Oct 2024 08:27:20 GMT
vary: Accept-Encoding
x-oss-request-id: 67063E68C56E87383891BF1C
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17874302742576042743
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: iRkilXTK3CbzCs6jxojrzg==
x-oss-server-time: 27
access-control-allow-origin: *
x-source-scheme: https
content-encoding: gzip
via: ens-cache5.l2de3[0,0,200-0,H], ens-cache4.l2de3[0,0], ens-cache4.l2de3[2,0], ens-cache7.de7[0,0,200-0,H], ens-cache7.de7[1,0]
age: 69908
ali-swift-global-savetime: 1728462440
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 09 Oct 2024 08:28:36 GMT
x-swift-cachetime: 86324
timing-allow-origin: *
eagleid: a3b5839b17285323481943229e
X-Firefox-Spdy: h2
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/15.css
163.181.131.243200 OK 86 kB URL GET HTTP/2 g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/15.css
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash c0d5754ae9d1b6ff4a2fcd812e92839d
aeb8c9ee36d5ac9aa6a60be87f794beebd02a93f
78ee3534c27fdf70906464445e49ae1d85c3eec7451fbad6e8c74f1bcb3569fa
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.17/15.css HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: text/css
content-length: 86285
date: Wed, 09 Oct 2024 08:27:20 GMT
vary: Accept-Encoding
x-oss-request-id: 67063E687314F5363919F59C
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6529759027958491234
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: wNV1SunRtv9KL82BLpKDnQ==
x-oss-server-time: 4
access-control-allow-origin: *
x-source-scheme: https
content-encoding: gzip
via: ens-cache17.l2de3[0,0,200-0,H], ens-cache1.l2de3[0,0], ens-cache1.l2de3[2,0], ens-cache3.de7[0,0,200-0,H], ens-cache7.de7[3,0]
age: 69908
ali-swift-global-savetime: 1728462440
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 09 Oct 2024 08:28:36 GMT
x-swift-cachetime: 86324
timing-allow-origin: *
eagleid: a3b5839b17285323481973231e
X-Firefox-Spdy: h2
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/15.js
163.181.131.243200 OK 167 kB URL GET HTTP/2 g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/15.js
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 167 kB (166664 bytes)
Hash a5ebd0337ac6a99c39730d82d4049c1b
3d968440fd5a5eaaa1e92bbf3936296186ffbc15
24091a522d1c029b47989794b702ed1f8282034a89d22c8d42a5a577eda388fc
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.17/15.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 166664
date: Wed, 09 Oct 2024 08:27:20 GMT
vary: Accept-Encoding
x-oss-request-id: 67063E68ED31943034BA74FE
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 524906403842710894
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: pevQM3rGqZw5cw2C1AScGw==
x-oss-server-time: 9
access-control-allow-origin: *
x-source-scheme: https
content-encoding: gzip
via: ens-cache15.l2de3[0,0,200-0,H], ens-cache2.l2de3[1,0], ens-cache2.l2de3[1,0], ens-cache2.de7[0,0,200-0,H], ens-cache7.de7[1,0]
age: 69908
ali-swift-global-savetime: 1728462440
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 09 Oct 2024 08:28:36 GMT
x-swift-cachetime: 86324
timing-allow-origin: *
eagleid: a3b5839b17285323482003242e
X-Firefox-Spdy: h2
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323482015%26tm%3D1728532348%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
111.63.205.135200 OK 20 B URL POST HTTP/1.1 px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323482015%26tm%3D1728532348%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
File type gzip compressed data, from Unix
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323482015%26tm%3D1728532348%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1072
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BKKiEWeVMfrHHC0mU9z_-CDc8CEE86YNXOI_6Ow7zpXAv0I51IP2HSg962FDtB6l; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gu2KL_6czImCaTZ6mU1iZ06T2CIciWEUWyrXE40HNPUT4zhoNXmnebaISJcod24t20imV8vCa4Bs2mszdvale4Zq7p4lTbvJYRUvEpbFTu9-nY_cotX0YlMrFZcUpJCE80rsPZDgGEeiUY_cStX0Ykkzuy3e-aE1XDoDPYiQPc9s70oWR09CXlgZ5pOIF2i6f0ivFeaSFGEs70_eZ636AqJ8aDI4RgIxvL97BDhIhkgBFcytvX3bAQvWFnoK9qZI7Z7SE8GYRbePDdUTe4houX-Xcgyan-H4NE0xqBITFQRrOcoK4X9-PrV1-c3cvMdyafnZXqjOXQRrOcotoMIpaQltb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:28 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/assets/f4271e505075e024f5074fe1e8944374.svg
163.181.131.243200 OK 16 kB URL GET HTTP/2 g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/assets/f4271e505075e024f5074fe1e8944374.svg
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type SVG Scalable Vector Graphics image
Hash f4271e505075e024f5074fe1e8944374
636a75ac32cec5adc6a71c3299f895abcd7a028c
46f32e5be4819729f592a514ac7373988abfe22144c5765f4af99a1ab2118b0f
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.17/assets/f4271e505075e024f5074fe1e8944374.svg HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
content-length: 15813
date: Wed, 09 Oct 2024 08:23:44 GMT
x-oss-request-id: 67063D90EFCD4F3338356ECA
accept-ranges: bytes
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17609075977799434098
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: 9CceUFB14CT1B0/h6JRDdA==
x-oss-server-time: 40
access-control-allow-origin: *
x-source-scheme: https
via: ens-cache4.l2de3[253,253,200-0,M], ens-cache18.l2de3[257,0], ens-cache18.l2de3[258,0], ens-cache6.de7[0,0,200-0,H], ens-cache7.de7[1,0]
age: 70124
ali-swift-global-savetime: 1728462224
x-cache: HIT TCP_HIT dirn:11:185234735
x-swift-savetime: Wed, 09 Oct 2024 08:23:44 GMT
x-swift-cachetime: 86400
timing-allow-origin: *
eagleid: a3b5839b17285323484723781e
X-Firefox-Spdy: h2
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323483711%26tm%3D1728532348%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
111.63.205.135200 OK 20 B URL POST HTTP/1.1 px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323483711%26tm%3D1728532348%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
File type gzip compressed data, from Unix
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323483711%26tm%3D1728532348%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 3738
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BKKiEWeVMfrHHC0mU9z_-CDc8CEE86YNXOI_6Ow7zpXAv0I51IP2HSg962FDtB6l; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gu2KL_6czImCaTZ6mU1iZ06T2CIciWEUWyrXE40HNPUT4zhoNXmnebaISJcod24t20imV8vCa4Bs2mszdvale4Zq7p4lTbvJYRUvEpbFTu9-nY_cotX0YlMrFZcUpJCE80rsPZDgGEeiUY_cStX0Ykkzuy3e-aE1XDoDPYiQPc9s70oWR09CXlgZ5pOIF2i6f0ivFeaSFGEs70_eZ636AqJ8aDI4RgIxvL97BDhIhkgBFcytvX3bAQvWFnoK9qZI7Z7SE8GYRbePDdUTe4houX-Xcgyan-H4NE0xqBITFQRrOcoK4X9-PrV1-c3cvMdyafnZXqjOXQRrOcotoMIpaQltb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:28 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/assets/6fb04f2419f89b5ea8956d35b9679b8b.svg
163.181.131.243200 OK 9.4 kB URL GET HTTP/2 g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/assets/6fb04f2419f89b5ea8956d35b9679b8b.svg
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type SVG Scalable Vector Graphics image
Hash 6fb04f2419f89b5ea8956d35b9679b8b
e6a402a458b2f9b90df5a194e58abcfc7b79f810
8e7dde8834d2f4f5992a8d0105bb5ac36e77e937e2656c0b4da36feab864baad
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.17/assets/6fb04f2419f89b5ea8956d35b9679b8b.svg HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
content-length: 9366
date: Wed, 09 Oct 2024 08:16:28 GMT
x-oss-request-id: 67063BDCACAC8230333CBFDB
accept-ranges: bytes
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8792825221831085489
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: b7BPJBn4m16olW01uWebiw==
x-oss-server-time: 7
access-control-allow-origin: *
x-source-scheme: https
via: ens-cache2.l2de3[227,227,200-0,M], ens-cache18.l2de3[229,0], ens-cache18.l2de3[230,0], ens-cache8.de7[0,0,200-0,H], ens-cache7.de7[1,0]
age: 70559
ali-swift-global-savetime: 1728461789
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 09 Oct 2024 08:16:29 GMT
x-swift-cachetime: 86400
timing-allow-origin: *
eagleid: a3b5839b17285323485343889e
X-Firefox-Spdy: h2
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323481348%26tm%3D1728532348%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
111.63.205.135200 OK 20 B URL POST HTTP/1.1 px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323481348%26tm%3D1728532348%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
File type gzip compressed data, from Unix
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323481348%26tm%3D1728532348%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1146
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BKKiEWeVMfrHHC0mU9z_-CDc8CEE86YNXOI_6Ow7zpXAv0I51IP2HSg962FDtB6l; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gu2KL_6czImCaTZ6mU1iZ06T2CIciWEUWyrXE40HNPUT4zhoNXmnebaISJcod24t20imV8vCa4Bs2mszdvale4Zq7p4lTbvJYRUvEpbFTu9-nY_cotX0YlMrFZcUpJCE80rsPZDgGEeiUY_cStX0Ykkzuy3e-aE1XDoDPYiQPc9s70oWR09CXlgZ5pOIF2i6f0ivFeaSFGEs70_eZ636AqJ8aDI4RgIxvL97BDhIhkgBFcytvX3bAQvWFnoK9qZI7Z7SE8GYRbePDdUTe4houX-Xcgyan-H4NE0xqBITFQRrOcoK4X9-PrV1-c3cvMdyafnZXqjOXQRrOcotoMIpaQltb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:28 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
GET image.uc.cn/s/uae/g/3o/broccoli/resource/202409/9b523820-70d0-11ef-aa63-41eb587b5315.png
47.246.2.232200 OK 2.1 kB URL GET HTTP/2 image.uc.cn/s/uae/g/3o/broccoli/resource/202409/9b523820-70d0-11ef-aa63-41eb587b5315.png
IP 47.246.2.232:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.uc.cn
FingerprintEF:76:66:0B:BC:06:CB:DC:CA:4F:DB:1A:04:75:36:84:9F:9A:72:F3
ValidityFri, 05 Jan 2024 01:56:02 GMT - Wed, 05 Feb 2025 01:56:01 GMT
File type PNG image data, 288 x 108, 8-bit colormap, non-interlaced
Hash 64d99877921f35762d99f8a0f60ec923
646a361e2d3ff835454d8e2215b470338dd6e54e
e09b313da95ef8966fe043422a26f4c19b6958eafdb6e426d90c157b5483ac08
GET /s/uae/g/3o/broccoli/resource/202409/9b523820-70d0-11ef-aa63-41eb587b5315.png HTTP/1.1
Host: image.uc.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g.alicdn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 2110
date: Thu, 12 Sep 2024 08:54:06 GMT
expires: Wed, 16 Oct 2024 11:07:07 GMT
cache-control: max-age=8640000
etag: 5173d4fe-83e
access-control-allow-origin: *
via: cache25.l2fr1[0,0,200-0,H], cache32.l2fr1[1,0], cache16.ru3[0,0,200-0,H], cache16.ru3[1,0]
age: 66
ali-swift-global-savetime: 1726131281
x-cache: HIT TCP_HIT dirn:9:44189821
x-swift-savetime: Thu, 12 Sep 2024 08:56:24 GMT
x-swift-cachetime: 8639897
timing-allow-origin: *
eagleid: 2ff602a417285323487154934e
X-Firefox-Spdy: h2
GET pan.quark.cn/api/dd_config?ids=1&fr=pc&platform=pc&__dt=7640&__t=1728532348648
203.119.175.188200 OK 38 B URL GET HTTP/2 pan.quark.cn/api/dd_config?ids=1&fr=pc&platform=pc&__dt=7640&__t=1728532348648
IP 203.119.175.188:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.alibaba.com
FingerprintDD:7F:4F:EB:01:41:A8:02:59:C5:4B:CD:12:26:60:E8:9D:C1:04:8E
ValidityWed, 13 Mar 2024 08:47:05 GMT - Mon, 14 Apr 2025 08:41:13 GMT
Hash 8e8018db2ef2b18e8ce281dfd5bc12d1
633dff1815e3d644dd4b467a73bde50e11257a87
11a5c88b44bff43e035ef460f19a3137da784bbf8e25ee666b9822f5a278bd5f
GET /api/dd_config?ids=1&fr=pc&platform=pc&__dt=7640&__t=1728532348648 HTTP/1.1
Host: pan.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
bx-v: 2.5.20
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/s/d362d7bc924b
Cookie: ctoken=7y0Lx8iuQ21wFnXH054SJIJO; isg=BGhoznl3mwwRmbeInf5lLlaeOl96kcybquAFxiKZtOPWfQjnyqGcK_67cY-N1oRz; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gsZxH7sh_eDX4gwWKC_oSAs8BUBhZre4wSyBjfcD57F8Q53i5qDmXVNjZo0icjV-BAMnClxf7fISBv6acmNGXfwEanVGuVx93uFpjnfVuRttxc1htMj338iZf604DoQqgAyS16muRBEobc1hZMj33-oaTSh2sOe5exkH1cgjGY6-Kvi6cVtXPQGrCcisGxwSNvkXcEG6cTeSaAis1wJdkb9jThUZH9PfB6DefhZ-HqiQhjtsUuHxkXwXSht6Qx3xO-GPT1igf2FjWlWp27Et6VcEup9C4jr3vDz6tXHMkTE67FujUxHZlhh_tz1meXXAHF8ZyYk-tTBJ7FujUYhhHtLw74HP.; grey-id=f61552c5-3e82-aadb-4b97-2b3637fe3f11; grey-id.sig=J0CECAsVjhT1rk6xcHvIfm0mv7WV0H20VI620pBL27c; isQuark=true; isQuark.sig=hUgqObykqFom5Y09bll94T1sS9abT1X-4Df_lzgl8nM; __chkey=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Oct 2024 03:52:28 GMT
content-type: application/json; charset=utf-8
content-length: 38
vary: Accept-Encoding, Origin
x-server-id: a132805fe77874e4b29c9334f3d6bf617efccfb643b4fef0f62a1d1c5235b4da4c427b5349595857c282b94c83c76832
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
strict-transport-security: max-age=31536000
x-readtime: 1
server: Tengine/Aserver
eagleeye-traceid: 213e363217285323487181710e8052
timing-allow-origin: *
X-Firefox-Spdy: h2
GET image.quark.cn/s/uae/g/3o/broccoli/resource/202204/c93d8a00-b638-11ec-ab3a-618c07d1aa2d.png
180.163.140.238200 OK 2.7 kB URL GET HTTP/1.1 image.quark.cn/s/uae/g/3o/broccoli/resource/202204/c93d8a00-b638-11ec-ab3a-618c07d1aa2d.png
IP 180.163.140.238:443
ASN #4812 China Telecom Group
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subjectimage.quark.cn
Fingerprint39:BC:F8:35:2F:C0:45:1B:39:64:EE:C8:8A:54:F3:07:0E:F5:08:31
ValidityWed, 06 Mar 2024 09:56:23 GMT - Mon, 07 Apr 2025 09:56:22 GMT
File type PNG image data, 108 x 108, 8-bit colormap, non-interlaced
Hash f2d92198f2bf6759f645477213def86d
850c430e1c11e157b7f45fde19060576e7718063
861e29e5a787d923315e937ea0c56f44f659bd90af2d7d94a6186724bf139e7d
GET /s/uae/g/3o/broccoli/resource/202204/c93d8a00-b638-11ec-ab3a-618c07d1aa2d.png HTTP/1.1
Host: image.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BKKiEWeVMfrHHC0mU9z_-CDc8CEE86YNXOI_6Ow7zpXAv0I51IP2HSg962FDtB6l; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gu2KL_6czImCaTZ6mU1iZ06T2CIciWEUWyrXE40HNPUT4zhoNXmnebaISJcod24t20imV8vCa4Bs2mszdvale4Zq7p4lTbvJYRUvEpbFTu9-nY_cotX0YlMrFZcUpJCE80rsPZDgGEeiUY_cStX0Ykkzuy3e-aE1XDoDPYiQPc9s70oWR09CXlgZ5pOIF2i6f0ivFeaSFGEs70_eZ636AqJ8aDI4RgIxvL97BDhIhkgBFcytvX3bAQvWFnoK9qZI7Z7SE8GYRbePDdUTe4houX-Xcgyan-H4NE0xqBITFQRrOcoK4X9-PrV1-c3cvMdyafnZXqjOXQRrOcotoMIpaQltb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 2722
Connection: keep-alive
Date: Fri, 06 Sep 2024 04:42:40 GMT
Expires: Mon, 26 Aug 2024 15:15:07 GMT
Cache-Control: max-age=8640000
ETag: e8fdff49-aa2
Access-Control-Allow-Origin: *
Via: cache44.l2cn3160[0,0,200-0,H], cache46.l2cn3160[0,0], ens-cache15.cn7454[0,0,200-0,H], ens-cache17.cn7454[1,0]
Age: 66
Ali-Swift-Global-Savetime: 1725597760
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Fri, 06 Sep 2024 13:35:07 GMT
X-Swift-CacheTime: 8608053
Timing-Allow-Origin: *
EagleId: b4a38c2517285323492662485e
GET image.quark.cn/s/uae/g/3o/broccoli/resource/202404/f7c1be80-f891-11ee-a6c7-dfc6ff5432fd.png
180.163.140.238200 OK 6.7 kB URL GET HTTP/1.1 image.quark.cn/s/uae/g/3o/broccoli/resource/202404/f7c1be80-f891-11ee-a6c7-dfc6ff5432fd.png
IP 180.163.140.238:443
ASN #4812 China Telecom Group
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subjectimage.quark.cn
Fingerprint39:BC:F8:35:2F:C0:45:1B:39:64:EE:C8:8A:54:F3:07:0E:F5:08:31
ValidityWed, 06 Mar 2024 09:56:23 GMT - Mon, 07 Apr 2025 09:56:22 GMT
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced
Hash 28137ce23253a5806c5f8aa13e20af02
b87f0f40624f084e62f9e654be2c0b7897548677
f6c9d83e471bae2e96aa20e32bba6901cf30e6321b918a2cf49a098be7e21754
GET /s/uae/g/3o/broccoli/resource/202404/f7c1be80-f891-11ee-a6c7-dfc6ff5432fd.png HTTP/1.1
Host: image.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BKKiEWeVMfrHHC0mU9z_-CDc8CEE86YNXOI_6Ow7zpXAv0I51IP2HSg962FDtB6l; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gu2KL_6czImCaTZ6mU1iZ06T2CIciWEUWyrXE40HNPUT4zhoNXmnebaISJcod24t20imV8vCa4Bs2mszdvale4Zq7p4lTbvJYRUvEpbFTu9-nY_cotX0YlMrFZcUpJCE80rsPZDgGEeiUY_cStX0Ykkzuy3e-aE1XDoDPYiQPc9s70oWR09CXlgZ5pOIF2i6f0ivFeaSFGEs70_eZ636AqJ8aDI4RgIxvL97BDhIhkgBFcytvX3bAQvWFnoK9qZI7Z7SE8GYRbePDdUTe4houX-Xcgyan-H4NE0xqBITFQRrOcoK4X9-PrV1-c3cvMdyafnZXqjOXQRrOcotoMIpaQltb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 6700
Connection: keep-alive
Date: Sun, 21 Jul 2024 06:15:37 GMT
Expires: Sat, 09 Dec 2023 14:37:08 GMT
Cache-Control: max-age=8640000
ETag: 1c42f586-1a2c
Access-Control-Allow-Origin: *
Via: cache16.l2cn1802[0,0,200-0,H], cache22.l2cn1802[1,0], ens-cache12.cn7454[0,0,200-0,H], ens-cache11.cn7454[1,0]
Age: 66
Ali-Swift-Global-Savetime: 1721542537
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Sun, 29 Sep 2024 12:47:55 GMT
X-Swift-CacheTime: 2568462
Timing-Allow-Origin: *
EagleId: b4a38c1f17285323492522232e
GET cdn.sm.cn/static/23/05/12/0e88b21bd6cde759b396697ed1d0aeba.png
114.80.179.186200 OK 540 B URL GET HTTP/2 cdn.sm.cn/static/23/05/12/0e88b21bd6cde759b396697ed1d0aeba.png
IP 114.80.179.186:443
ASN #4812 China Telecom Group
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.sm.cn
Fingerprint16:F2:B6:24:77:8D:BA:9E:76:AE:1E:24:2F:C9:85:AE:53:99:A2:AF
ValidityWed, 17 Jul 2024 01:36:05 GMT - Mon, 18 Aug 2025 01:36:04 GMT
File type RIFF (little-endian) data, Web/P image
Hash 76934af95e9d3c5f0c179b06ca3201ab
bc7be4e47371bf986bfb1beae4a39e21f7afee0d
5ce6bd993f4c3d252e998839dbc441a0b90ead79cb300e2779458efc8a85211d
GET /static/23/05/12/0e88b21bd6cde759b396697ed1d0aeba.png HTTP/1.1
Host: cdn.sm.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g.alicdn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/webp
content-length: 540
x-oss-cdn-auth: success
date: Wed, 25 Sep 2024 02:55:56 GMT
x-oss-request-id: 66F37BBCAFE026343416612B
x-oss-storage-class: Standard
x-oss-object-type: Normal
access-control-allow-methods: POST, PUT, GET, HEAD, DELETE
access-control-max-age: 0
content-md5: goC0Mqn9AH91WHu/F+u5Aw==
access-control-expose-headers: etag, x-oss-request-id, access-control-allow-origin
access-control-allow-origin: *
x-oss-server-time: 6
accept-ranges: bytes
via: cache44.l2cn3130[25,25,304-0,H], cache65.l2cn3130[34,0], cache9.cn3259[0,0,200-0,H], cache9.cn3259[5,0]
x-oss-hash-crc64ecma: 17273104712061913563
last-modified: Fri, 12 May 2023 13:32:54 GMT
etag: "8280B432A9FD007F75587BBF17EBB903"
age: 1299393
ali-swift-global-savetime: 1727232956
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 25 Sep 2024 02:55:56 GMT
x-swift-cachetime: 2592000
cache-control: max-age=2592000,s-maxage=2592000,public,immutable
server-timing: cdn-cache;desc=HIT,edge;dur=5
timing-allow-origin: *
eagleid: 7250b39d17285323496623500e
X-Firefox-Spdy: h2
GET image.quark.cn/s/uae/g/3o/cms/resource/1702472767194_2896046663_9346.png
180.163.140.238200 OK 61 kB URL GET HTTP/1.1 image.quark.cn/s/uae/g/3o/cms/resource/1702472767194_2896046663_9346.png
IP 180.163.140.238:443
ASN #4812 China Telecom Group
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subjectimage.quark.cn
Fingerprint39:BC:F8:35:2F:C0:45:1B:39:64:EE:C8:8A:54:F3:07:0E:F5:08:31
ValidityWed, 06 Mar 2024 09:56:23 GMT - Mon, 07 Apr 2025 09:56:22 GMT
File type PNG image data, 468 x 921, 8-bit colormap, non-interlaced
Hash 6ece381b10dcbd78d3b2d97a000c6090
a266877dbde9703a801e9c64bfc0de180cf7eb70
ad6b5f7c77418a7e4f9ac61fdf6bb180d49492e75dc82d5f154acc186c2f23c5
GET /s/uae/g/3o/cms/resource/1702472767194_2896046663_9346.png HTTP/1.1
Host: image.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BKKiEWeVMfrHHC0mU9z_-CDc8CEE86YNXOI_6Ow7zpXAv0I51IP2HSg962FDtB6l; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gu2KL_6czImCaTZ6mU1iZ06T2CIciWEUWyrXE40HNPUT4zhoNXmnebaISJcod24t20imV8vCa4Bs2mszdvale4Zq7p4lTbvJYRUvEpbFTu9-nY_cotX0YlMrFZcUpJCE80rsPZDgGEeiUY_cStX0Ykkzuy3e-aE1XDoDPYiQPc9s70oWR09CXlgZ5pOIF2i6f0ivFeaSFGEs70_eZ636AqJ8aDI4RgIxvL97BDhIhkgBFcytvX3bAQvWFnoK9qZI7Z7SE8GYRbePDdUTe4houX-Xcgyan-H4NE0xqBITFQRrOcoK4X9-PrV1-c3cvMdyafnZXqjOXQRrOcotoMIpaQltb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 60875
Connection: keep-alive
Date: Fri, 06 Sep 2024 04:25:14 GMT
Expires: Tue, 20 Feb 2024 18:23:06 GMT
Cache-Control: max-age=8640000
ETag: 2709ef51-edcb
Access-Control-Allow-Origin: *
Via: cache50.l2cn3160[0,0,200-0,H], cache3.l2cn3160[1,0], ens-cache27.cn7454[0,0,200-0,H], ens-cache15.cn7454[12,0]
Age: 66
Ali-Swift-Global-Savetime: 1725596715
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Mon, 30 Sep 2024 14:26:40 GMT
X-Swift-CacheTime: 6530315
Timing-Allow-Origin: *
EagleId: b4a38c2317285323492795846e
GET yes-file.uc.cn/file/1725004739217_2087925299_2812.png
61.170.81.238200 OK 18 kB URL GET HTTP/1.1 yes-file.uc.cn/file/1725004739217_2087925299_2812.png
IP 61.170.81.238:443
ASN #4812 China Telecom Group
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subjectyes-file.uc.cn
FingerprintB6:82:CA:0D:43:C0:1B:83:BB:75:76:25:C9:BE:FC:93:1B:8E:4B:E3
ValidityFri, 26 Apr 2024 09:46:06 GMT - Wed, 28 May 2025 09:46:05 GMT
File type PNG image data, 312 x 312, 8-bit colormap, non-interlaced
Hash 45bee4eda91340e774969c4d265a79a5
f2030b16da3de20f4c4c89bbdf8b37c6b9eb7953
fe6af42a7d126c997466eda1b728c6a8fafca713b6469298d6eed00f74ea265a
GET /file/1725004739217_2087925299_2812.png HTTP/1.1
Host: yes-file.uc.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 18418
Connection: keep-alive
Date: Sun, 29 Sep 2024 08:45:55 GMT
x-oss-request-id: 66F913C338B9603534AB849F
x-oss-cdn-auth: success
Accept-Ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
Content-MD5: Rb7k7akTQOd0lpxNJlp5pQ==
x-oss-server-time: 7
Via: cache65.l2cn3022[66,66,304-0,H], cache26.l2cn3022[67,0], vcache12.cn6013[0,0,200-0,H], vcache19.cn6013[2,0]
ETag: "45BEE4EDA91340E774969C4D265A79A5"
Last-Modified: Fri, 30 Aug 2024 07:58:59 GMT
x-oss-hash-crc64ecma: 4099601417871921590
Age: 932794
Ali-Swift-Global-Savetime: 1727599555
X-Cache: HIT TCP_HIT dirn:11:199097227
X-Swift-SaveTime: Sun, 29 Sep 2024 08:45:55 GMT
X-Swift-CacheTime: 2592000
Access-Control-Allow-Methods: *
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 3daa512717285323498294974e
GET image.uc.cn/s/uae/g/82/bizcss/quark_pc/phone_login_532.css
47.246.2.232200 OK 2.8 kB URL GET HTTP/2 image.uc.cn/s/uae/g/82/bizcss/quark_pc/phone_login_532.css
IP 47.246.2.232:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
Certificate IssuerGlobalSign nv-sa
Subject*.uc.cn
FingerprintEF:76:66:0B:BC:06:CB:DC:CA:4F:DB:1A:04:75:36:84:9F:9A:72:F3
ValidityFri, 05 Jan 2024 01:56:02 GMT - Wed, 05 Feb 2025 01:56:01 GMT
File type assembler source, ASCII text, with very long lines (412)
Hash ae5db1eab121b252249aa3dde97d2ee3
1d9c9fb60882d50837d8e587bee70713638455d2
77c95c79004a554667d68596ef408244916cb5e454aa3d57184c63a370ec3d8f
GET /s/uae/g/82/bizcss/quark_pc/phone_login_532.css HTTP/1.1
Host: image.uc.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uop.quark.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: text/css
content-length: 2759
date: Tue, 24 Sep 2024 09:40:37 GMT
vary: Accept-Encoding
expires: Sat, 09 Dec 2023 14:37:08 GMT
cache-control: max-age=8640000
etag: 5099426b-2a48
access-control-allow-origin: *
content-encoding: gzip
via: ens-cache5.l2de3[0,0,200-0,H], ens-cache1.l2de3[2,0], cache8.ru3[0,0,200-0,H], cache16.ru3[1,0]
age: 66
ali-swift-global-savetime: 1727170837
x-cache: HIT TCP_HIT dirn:11:144384028
x-swift-savetime: Fri, 27 Sep 2024 16:10:22 GMT
x-swift-cachetime: 8357415
timing-allow-origin: *
eagleid: 2ff602a417285323506737857e
X-Firefox-Spdy: h2
GET image.uc.cn/s/uae/g/82/sso/public/js/next/lib/zepto_touch_f188e8e.js
47.246.2.232200 OK 11 kB URL GET HTTP/2 image.uc.cn/s/uae/g/82/sso/public/js/next/lib/zepto_touch_f188e8e.js
IP 47.246.2.232:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
Certificate IssuerGlobalSign nv-sa
Subject*.uc.cn
FingerprintEF:76:66:0B:BC:06:CB:DC:CA:4F:DB:1A:04:75:36:84:9F:9A:72:F3
ValidityFri, 05 Jan 2024 01:56:02 GMT - Wed, 05 Feb 2025 01:56:01 GMT
File type JavaScript source, ASCII text, with very long lines (28867), with no line terminators
Hash f188e8e1e246e0e2c40b4f8b957ef052
a9d508a6cb4181214287a369d9baa87e15ce97fb
31cf594ad6532518136d0be2f62bc6abed177cc8a222e463ca8c2f0226ac7d44
GET /s/uae/g/82/sso/public/js/next/lib/zepto_touch_f188e8e.js HTTP/1.1
Host: image.uc.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uop.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: text/javascript
content-length: 10621
date: Wed, 18 Sep 2024 20:23:16 GMT
vary: Accept-Encoding
expires: Tue, 20 Feb 2024 18:23:06 GMT
cache-control: max-age=8640000
etag: 2e811aba-70c3
access-control-allow-origin: *
content-encoding: gzip
via: ens-cache4.l2de3[0,14,200-0,H], ens-cache15.l2de3[15,0], cache11.ru3[0,0,200-0,H], cache16.ru3[1,0]
age: 66
ali-swift-global-savetime: 1726690996
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Fri, 04 Oct 2024 01:57:27 GMT
x-swift-cachetime: 7323949
timing-allow-origin: *
eagleid: 2ff602a417285323506787865e
X-Firefox-Spdy: h2
GET image.uc.cn/s/uae/g/82/sso/public/js/next/custom/common_532_11ca786.js
47.246.2.232200 OK 872 B URL GET HTTP/2 image.uc.cn/s/uae/g/82/sso/public/js/next/custom/common_532_11ca786.js
IP 47.246.2.232:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
Certificate IssuerGlobalSign nv-sa
Subject*.uc.cn
FingerprintEF:76:66:0B:BC:06:CB:DC:CA:4F:DB:1A:04:75:36:84:9F:9A:72:F3
ValidityFri, 05 Jan 2024 01:56:02 GMT - Wed, 05 Feb 2025 01:56:01 GMT
File type ASCII text, with very long lines (2121), with no line terminators
Hash 11ca7860db96cff9b3c9411e7315ab92
fcd2c16df4061eab09af6bbcfc470b6a6ad51e01
22b70c713885a54698e4ea51a2838e45b86fd1613e31d195f34a5b0453c2c239
GET /s/uae/g/82/sso/public/js/next/custom/common_532_11ca786.js HTTP/1.1
Host: image.uc.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uop.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: text/javascript
content-length: 872
date: Fri, 20 Sep 2024 16:42:15 GMT
vary: Accept-Encoding
expires: Tue, 20 Feb 2024 18:34:06 GMT
cache-control: max-age=8640000
etag: f10ced5a-849
access-control-allow-origin: *
content-encoding: gzip
via: ens-cache15.l2de3[0,3,200-0,H], ens-cache18.l2de3[10,0], cache6.ru3[0,0,200-0,H], cache16.ru3[1,0]
age: 66
ali-swift-global-savetime: 1726850535
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Sun, 06 Oct 2024 14:37:52 GMT
x-swift-cachetime: 7265063
timing-allow-origin: *
eagleid: 2ff602a417285323506807868e
X-Firefox-Spdy: h2
GET image.uc.cn/s/uae/g/82/sso/public/js/next/custom/common_ua_f7d9090.js
47.246.2.232200 OK 1.7 kB URL GET HTTP/2 image.uc.cn/s/uae/g/82/sso/public/js/next/custom/common_ua_f7d9090.js
IP 47.246.2.232:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
Certificate IssuerGlobalSign nv-sa
Subject*.uc.cn
FingerprintEF:76:66:0B:BC:06:CB:DC:CA:4F:DB:1A:04:75:36:84:9F:9A:72:F3
ValidityFri, 05 Jan 2024 01:56:02 GMT - Wed, 05 Feb 2025 01:56:01 GMT
Hash f7d9090cb8209d9553e883c99924879a
f606179db22630f4389a91e83a38e4341d32d0b1
ab1417ed656f39e73caac3fca8278c47b3b2d1cdd7335049ababe35973c3543a
GET /s/uae/g/82/sso/public/js/next/custom/common_ua_f7d9090.js HTTP/1.1
Host: image.uc.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uop.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: text/javascript
content-length: 1706
date: Fri, 13 Sep 2024 06:31:57 GMT
vary: Accept-Encoding
expires: Tue, 20 Feb 2024 18:23:06 GMT
cache-control: max-age=8640000
etag: 94bb87ec-1371
access-control-allow-origin: *
content-encoding: gzip
via: ens-cache4.l2de3[0,0,200-0,H], ens-cache8.l2de3[4,0], cache15.ru3[0,0,200-0,H], cache16.ru3[1,0]
age: 66
ali-swift-global-savetime: 1726209117
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 03 Oct 2024 14:00:42 GMT
x-swift-cachetime: 6885075
timing-allow-origin: *
eagleid: 2ff602a417285323506857876e
X-Firefox-Spdy: h2
GET image.uc.cn/s/uae/g/82/sso/public/js/next/custom/mobilelogin_532_12aa1b3.js
47.246.2.232200 OK 3.0 kB URL GET HTTP/2 image.uc.cn/s/uae/g/82/sso/public/js/next/custom/mobilelogin_532_12aa1b3.js
IP 47.246.2.232:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
Certificate IssuerGlobalSign nv-sa
Subject*.uc.cn
FingerprintEF:76:66:0B:BC:06:CB:DC:CA:4F:DB:1A:04:75:36:84:9F:9A:72:F3
ValidityFri, 05 Jan 2024 01:56:02 GMT - Wed, 05 Feb 2025 01:56:01 GMT
Hash 12aa1b3486788034284d1bf4b644554f
9770af0b83c571aae0e926e8a2137d010425b963
f85fd594707eb0059b826e84a1a549b6f6846c536108528c1f03cdd22aaa18f1
GET /s/uae/g/82/sso/public/js/next/custom/mobilelogin_532_12aa1b3.js HTTP/1.1
Host: image.uc.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uop.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: text/javascript
content-length: 2970
date: Wed, 18 Sep 2024 03:52:03 GMT
vary: Accept-Encoding
expires: Sun, 10 Dec 2023 08:23:08 GMT
cache-control: max-age=8640000
etag: 857de467-3322
access-control-allow-origin: *
content-encoding: gzip
via: ens-cache15.l2de3[0,0,200-0,H], ens-cache9.l2de3[3,0], cache7.ru3[0,0,200-0,H], cache16.ru3[1,0]
age: 66
ali-swift-global-savetime: 1726631523
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Fri, 27 Sep 2024 11:49:28 GMT
x-swift-cachetime: 7833755
timing-allow-origin: *
eagleid: 2ff602a417285323506867878e
X-Firefox-Spdy: h2
GET image.uc.cn/s/uae/g/82/sso/public/js/next/language/message_zh_529343e.js
47.246.2.232200 OK 658 B URL GET HTTP/2 image.uc.cn/s/uae/g/82/sso/public/js/next/language/message_zh_529343e.js
IP 47.246.2.232:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
Certificate IssuerGlobalSign nv-sa
Subject*.uc.cn
FingerprintEF:76:66:0B:BC:06:CB:DC:CA:4F:DB:1A:04:75:36:84:9F:9A:72:F3
ValidityFri, 05 Jan 2024 01:56:02 GMT - Wed, 05 Feb 2025 01:56:01 GMT
File type Unicode text, UTF-8 text, with very long lines (776), with no line terminators
Hash 529343e42519469420242d26313c0dbe
9ab174d57b20b15b6a2af225ab1081a53d3c4292
4088534791bb6009f426ca14259c72dd59f3c54f4fe80668c990538d27041c6a
GET /s/uae/g/82/sso/public/js/next/language/message_zh_529343e.js HTTP/1.1
Host: image.uc.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uop.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: text/javascript
content-length: 658
date: Thu, 19 Sep 2024 09:30:47 GMT
vary: Accept-Encoding
expires: Sun, 10 Dec 2023 08:23:08 GMT
cache-control: max-age=8640000
etag: a0c4f5bb-4f2
access-control-allow-origin: *
content-encoding: gzip
via: ens-cache6.l2de3[0,0,200-0,H], ens-cache14.l2de3[2,0], cache12.ru3[0,0,200-0,H], cache16.ru3[1,0]
age: 66
ali-swift-global-savetime: 1726738248
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Fri, 27 Sep 2024 11:49:28 GMT
x-swift-cachetime: 7940480
timing-allow-origin: *
eagleid: 2ff602a417285323506867879e
X-Firefox-Spdy: h2
GET g.alicdn.com/sd/ncpc/nc.js?t=2024100911
163.181.131.243200 OK 70 kB URL GET HTTP/2 g.alicdn.com/sd/ncpc/nc.js?t=2024100911
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type JavaScript source, ASCII text, with very long lines (32041)
Hash 11998461d3d77dde9e7ef72a65e08429
3863ac62c17ae5e0de527e1a8eeaea40e07c2531
994aae2408fa3aaca7faec5f32d6b0245012786ee65eec40df3ab54b48992b0a
GET /sd/ncpc/nc.js?t=2024100911 HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uop.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 69603
date: Thu, 10 Oct 2024 03:42:30 GMT
vary: Accept-Encoding
x-oss-request-id: 67074D26EEF91B3933D8777A
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1561788439659902122
x-oss-storage-class: Standard
cache-control: max-age=3600,s-maxage=3600
content-md5: EZmEYdPXfd6efvcqZeCEKQ==
x-oss-server-time: 4
access-control-allow-origin: *
x-source-scheme: https
content-encoding: gzip
via: ens-cache3.l2de3[0,0,200-0,H], ens-cache6.l2de3[0,0], ens-cache6.l2de3[1,0], ens-cache2.de7[0,0,200-0,H], ens-cache7.de7[1,0]
age: 600
ali-swift-global-savetime: 1728531750
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 10 Oct 2024 03:42:32 GMT
x-swift-cachetime: 3598
timing-allow-origin: *
eagleid: a3b5839b17285323506907631e
X-Firefox-Spdy: h2
GET uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
203.119.175.188200 OK 19 kB URL GET HTTP/2 uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
IP 203.119.175.188:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.alibaba.com
FingerprintDD:7F:4F:EB:01:41:A8:02:59:C5:4B:CD:12:26:60:E8:9D:C1:04:8E
ValidityWed, 13 Mar 2024 08:47:05 GMT - Mon, 14 Apr 2025 08:41:13 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (31956)
Hash 2af2261d19bfaa776de175f01faad770
f00f275fd3810baed736ea63be589ce3875ad0f3
5633b8f935ea280f596b2462b739c2cd0133a15a6335ec613f62688f48e11f2b
GET /cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D HTTP/1.1
Host: uop.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BGRk2lUb39C1bSscYQKh4nLqNmtW_YhnTjS5cn6F8C_yKQTzpg1Y95qL7Rsx6sC_; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gOXqH_vO-XH5JwyUo3pwYAseGAOvIKzBoOT6jGjMcEYDCSCNaGsUDh_fjF5wrGLcCExMZh-h5tiDsFAwzUblcxT6nFmN5G1f7GEvjFbG7F1bVJsADdpgRF2QdiBJKpIN3d01qi3ulaVYdJsAmdpgRywChqQR2eTMIAxiqu-6XAvMjdqyrh-KsqbMIuryjH8inFDMrYxpvdYGSdqPqw8FItDyXIqBEPEw-bY6gejDzAuNU3AqMiYrIAXrdI8nCUkiIT-AVFKdtY2M-6QlZsfEmYO6eU8h4-g9q-5VBsuisID64eZz4X3Q42i_Xm7o6fdk238Qmoct6IxJ4eZz4fh9Z3KyRoqc.
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Oct 2024 03:52:30 GMT
content-type: text/html; charset=utf-8
x-response-status: 20000
set-cookie: _UP_28A_52_=532; Max-Age=604800; Expires=Thu, 17 Oct 2024 03:52:30 GMT; Path=/; Domain=uop.quark.cn; HTTPOnly
_UP_BT_=; Max-Age=0; Expires=Thu, 10 Oct 2024 03:52:30 GMT; Path=/; Domain=.quark.cn; HTTPOnly
_UP_F7E_8D_=SaK7LS4RKDwm%2BfLVk0hu3Usem8D%2BGJzLUdRO7YsGUI%2FGQuQrVewrlr4s0OqcgeUVrrD1zMwJFjsIpxEoAQFoJnzxAz3%2BQ%2Bs6sDzKXdPuwWWq5ceSNFpeZw7BtOQn%2FKUWcGQ8wd6GAjK64Q4bNa06hekaBxJH%2FMFX7dOZNOZ4JBsh7CGpGW4wTOxlHyjmxycTXwhqI%2F2ME3ms%2BxTXtsN6cqP6GbeZVhMFJAjgOUZRu09n8YDWQyQCHSO0P258aqTv1TGLTEc6qxmgCDcnfp1L1p2FzlVOe%2F6NZKmP7S%2F1qpCgCDcnfp1L1lTbkJNTU%2FRawgMSen7NP2XpAVr%2B6ep%2F6k2S0X%2ByREoIk8Y3Gr241lY%3D; Max-Age=600; Expires=Thu, 10 Oct 2024 04:02:30 GMT; Path=/; Domain=.quark.cn; HTTPOnly
_UP_6D1_64_=069; Max-Age=86400; Expires=Fri, 11 Oct 2024 03:52:30 GMT; Path=/; Domain=uop.quark.cn; HTTPOnly
_UP_RI_=wb96a1a9a63d4aa9874b3b26c113ea21; Max-Age=31536000; Expires=Fri, 10 Oct 2025 03:52:30 GMT; Path=/; HTTPOnly
_UP_A4A_11_=wb96a1a927ca4e8ca2a795185e133829; Max-Age=31536000; Expires=Fri, 10 Oct 2025 03:52:30 GMT; Path=/; Domain=.quark.cn; HTTPOnly
_UP_D_=pc; Max-Age=604800; Expires=Thu, 17 Oct 2024 03:52:30 GMT; Path=/; Domain=.quark.cn; HTTPOnly
cache-control: no-cache
content-encoding: gzip
server: Tengine/Aserver
eagleeye-traceid: 213e363217285323503591836e8052
strict-transport-security: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
GET g.alicdn.com/AWSC/AWSC/awsc.js
163.181.131.243200 OK 3.9 kB URL GET HTTP/2 g.alicdn.com/AWSC/AWSC/awsc.js
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type JavaScript source, ASCII text, with very long lines (9576), with no line terminators
Hash 9203f3bed5223f67b71d68b35164e516
f9087ee2c64a76742b12788db3d3f7fd29bd593f
b8186e526c1cb83799840fb5264291e185205b4a5d5ce3d9167ca7ef75e37dce
GET /AWSC/AWSC/awsc.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uop.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 3851
date: Thu, 10 Oct 2024 02:54:34 GMT
vary: Accept-Encoding
x-oss-request-id: 670741EA10FDF234358EB09C
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9854329371083214382
x-oss-storage-class: Standard
cache-control: max-age=7200,s-maxage=3600
content-md5: kgPzvtUiP2e3HWizUWTlFg==
x-oss-server-time: 2
access-control-allow-origin: *
x-source-scheme: https
content-encoding: gzip
via: ens-cache6.l2de3[734,728,200-0,C], ens-cache15.l2de3[730,0], ens-cache15.l2de3[730,0], ens-cache3.de7[0,0,200-0,H], ens-cache7.de7[1,0]
age: 3476
ali-swift-global-savetime: 1728528874
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 10 Oct 2024 02:54:34 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: a3b5839b17285323506957637e
X-Firefox-Spdy: h2
GET image.uc.cn/s/uae/g/82/sso/public/js/next/custom/aliyunNvc_1dae52d.js
47.246.2.232200 OK 521 B URL GET HTTP/2 image.uc.cn/s/uae/g/82/sso/public/js/next/custom/aliyunNvc_1dae52d.js
IP 47.246.2.232:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
Certificate IssuerGlobalSign nv-sa
Subject*.uc.cn
FingerprintEF:76:66:0B:BC:06:CB:DC:CA:4F:DB:1A:04:75:36:84:9F:9A:72:F3
ValidityFri, 05 Jan 2024 01:56:02 GMT - Wed, 05 Feb 2025 01:56:01 GMT
File type JavaScript source, ASCII text, with very long lines (1518), with no line terminators
Hash 1dae52d7e86becc9de703302c4553295
da354311d6d2bf84685dce285fda2a10427ecb69
f28267bdb3340bd1c6144b1a7fe8a4c4d03144ee910ad57c22a0b138761c6822
GET /s/uae/g/82/sso/public/js/next/custom/aliyunNvc_1dae52d.js HTTP/1.1
Host: image.uc.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uop.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: text/javascript
content-length: 521
date: Fri, 13 Sep 2024 06:31:57 GMT
vary: Accept-Encoding
expires: Tue, 20 Feb 2024 18:34:06 GMT
cache-control: max-age=8640000
etag: cc5fe181-5ee
access-control-allow-origin: *
content-encoding: gzip
via: ens-cache12.l2de3[0,0,200-0,H], ens-cache12.l2de3[1,0], cache13.ru3[0,0,200-0,H], cache16.ru3[0,0]
age: 66
ali-swift-global-savetime: 1726209117
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Fri, 27 Sep 2024 12:38:57 GMT
x-swift-cachetime: 7408380
timing-allow-origin: *
eagleid: 2ff602a417285323506977898e
X-Firefox-Spdy: h2
GET g.alicdn.com/woodpeckerx/itrace-next/??itrace-jserror.iife.js,itrace-interface.iife.js,itrace-perf.iife.js,itrace-resource.iife.js,itrace-blank.iife.js,itrace.iife.js
163.181.131.243200 OK 25 kB URL GET HTTP/2 g.alicdn.com/woodpeckerx/itrace-next/??itrace-jserror.iife.js,itrace-interface.iife.js,itrace-perf.iife.js,itrace-resource.iife.js,itrace-blank.iife.js,itrace.iife.js
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (23189)
Hash c5f55240538cc0e0ed11e2303f8f8029
187352afd72d65d1eda217959eeab062eefcc367
0e2f2f4e553a1fef713a9986d2284b8ef9dae67129cc62658b101c754892a46f
GET /woodpeckerx/itrace-next/??itrace-jserror.iife.js,itrace-interface.iife.js,itrace-perf.iife.js,itrace-resource.iife.js,itrace-blank.iife.js,itrace.iife.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uop.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 24595
date: Thu, 10 Oct 2024 03:43:35 GMT
vary: Accept-Encoding
x-oss-request-id: 67074D673AC92432385044DD
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5947013956030542729
x-oss-storage-class: Standard
content-md5: MZjsjzYKqm3OjsZ58HnviA==
x-oss-server-time: 3
cache-control: max-age=2592000,s-maxage=3600
access-control-allow-origin: *
x-source-scheme: https
content-encoding: gzip
via: ens-cache18.l2de3[0,0,200-0,H], ens-cache8.l2de3[1,0], ens-cache8.l2de3[3,0], ens-cache2.de7[0,0,200-0,H], ens-cache7.de7[1,0]
age: 535
ali-swift-global-savetime: 1728531815
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 10 Oct 2024 03:43:55 GMT
x-swift-cachetime: 3580
timing-allow-origin: *
eagleid: a3b5839b17285323507567740e
X-Firefox-Spdy: h2
GET g.alicdn.com/AWSC/et/1.81.8/et_n.js
163.181.131.243200 OK 95 kB URL GET HTTP/2 g.alicdn.com/AWSC/et/1.81.8/et_n.js
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
Hash 72f3ea16df0a2c318bf8f60b221f6080
e75b27db343b47e5100da031c6b313c9257fab06
79c09816cf58dfbdc34fdb3460503acd50aedaabfea74ad5a21140b2c0888cac
GET /AWSC/et/1.81.8/et_n.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uop.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 94658
date: Wed, 09 Oct 2024 06:27:02 GMT
x-oss-request-id: 67062236217E5E3834832083
accept-ranges: bytes
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12094717157267043070
x-oss-storage-class: Standard
content-encoding: gzip
cache-control: max-age=2592000,s-maxage=86400
content-md5: x811l0FOR8vi8Bf2pZnUIQ==
x-oss-server-time: 20
access-control-allow-origin: *
x-source-scheme: https
via: ens-cache6.l2de3[216,122,200-0,C], ens-cache3.l2de3[124,0], ens-cache3.l2de3[124,0], ens-cache6.de7[0,0,200-0,H], ens-cache7.de7[0,0]
age: 77128
ali-swift-global-savetime: 1728455222
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 09 Oct 2024 06:27:02 GMT
x-swift-cachetime: 86400
timing-allow-origin: *
eagleid: a3b5839b17285323508387861e
X-Firefox-Spdy: h2
GET yes-file.uc.cn/file/test/1710137780594_994799076_1305.png
61.170.81.238200 OK 206 kB URL GET HTTP/1.1 yes-file.uc.cn/file/test/1710137780594_994799076_1305.png
IP 61.170.81.238:443
ASN #4812 China Telecom Group
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subjectyes-file.uc.cn
FingerprintB6:82:CA:0D:43:C0:1B:83:BB:75:76:25:C9:BE:FC:93:1B:8E:4B:E3
ValidityFri, 26 Apr 2024 09:46:06 GMT - Wed, 28 May 2025 09:46:05 GMT
File type PNG image data, 1424 x 1000, 8-bit/color RGBA, non-interlaced
Size 206 kB (206528 bytes)
Hash 55ecbad8e2645469c688b69e83f28886
1bd91260fe52ab7bc72d7172193166a95fa33cbf
6adc6187837e38ef8314d98a4179c960dc7efab264efdd2bad3f157a94d1e437
GET /file/test/1710137780594_994799076_1305.png HTTP/1.1
Host: yes-file.uc.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 206528
Connection: keep-alive
Date: Mon, 30 Sep 2024 01:31:05 GMT
x-oss-request-id: 66F9FF59F9E1D530319EB9C9
x-oss-cdn-auth: success
Accept-Ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
Content-MD5: Vey62OJkVGnGiLaeg/KIhg==
x-oss-server-time: 86
Via: cache79.l2cn3022[0,0,304-0,H], cache65.l2cn3022[0,0], vcache10.cn6013[0,0,200-0,H], vcache14.cn6013[2,0]
ETag: "55ECBAD8E2645469C688B69E83F28886"
Last-Modified: Mon, 11 Mar 2024 06:16:20 GMT
x-oss-hash-crc64ecma: 13292063398742265546
Age: 872484
Ali-Swift-Global-Savetime: 1727659865
X-Cache: HIT TCP_HIT dirn:9:24292845
X-Swift-SaveTime: Mon, 30 Sep 2024 01:31:23 GMT
X-Swift-CacheTime: 2591982
Access-Control-Allow-Methods: *
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 3daa512217285323498315648e
GET g.alicdn.com/AWSC/fireyejs/1.228.23/fireyejs.js
163.181.131.243200 OK 173 kB URL GET HTTP/2 g.alicdn.com/AWSC/fireyejs/1.228.23/fireyejs.js
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 173 kB (173225 bytes)
Hash 38252fe1d348a2dbbd11ef0e5d8abe56
9df4f51841eb19e0fe0dbeb2bf79db65184af272
6f99ee3515f5d3c791f9359e861d8f311d8bf2a3c620ac65059174c74bb8a90d
GET /AWSC/fireyejs/1.228.23/fireyejs.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uop.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 173225
date: Wed, 09 Oct 2024 06:13:56 GMT
x-oss-request-id: 67061F2488DDF83331759B74
accept-ranges: bytes
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13499945596091638515
x-oss-storage-class: Standard
content-encoding: gzip
cache-control: max-age=2592000,s-maxage=86400
content-md5: DTnb2Pk5mjuUDTfOHDXCEQ==
x-oss-server-time: 139
access-control-allow-origin: *
x-source-scheme: https
via: ens-cache16.l2de3[347,95,200-0,C], ens-cache16.l2de3[96,0], ens-cache16.l2de3[98,0], ens-cache5.de7[0,0,200-0,H], ens-cache7.de7[1,0]
age: 77914
ali-swift-global-savetime: 1728454436
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 09 Oct 2024 06:13:56 GMT
x-swift-cachetime: 86400
timing-allow-origin: *
eagleid: a3b5839b17285323508427870e
X-Firefox-Spdy: h2
GET yes-file.uc.cn/file/test/1710137919143_4166845277_2491.png
61.170.81.238200 OK 223 kB URL GET HTTP/1.1 yes-file.uc.cn/file/test/1710137919143_4166845277_2491.png
IP 61.170.81.238:443
ASN #4812 China Telecom Group
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subjectyes-file.uc.cn
FingerprintB6:82:CA:0D:43:C0:1B:83:BB:75:76:25:C9:BE:FC:93:1B:8E:4B:E3
ValidityFri, 26 Apr 2024 09:46:06 GMT - Wed, 28 May 2025 09:46:05 GMT
File type PNG image data, 1424 x 1000, 8-bit/color RGBA, non-interlaced
Size 223 kB (222993 bytes)
Hash 8871cd3c53020b83c7f6acd677f1b77a
6371e326f736bbee66ae754b0d1c2610653ff649
fbea7d4923bc14f6c77e653334c6c448b61f85fdb58e5a771f2f167e86f17b55
GET /file/test/1710137919143_4166845277_2491.png HTTP/1.1
Host: yes-file.uc.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 222993
Connection: keep-alive
Date: Thu, 19 Sep 2024 15:21:06 GMT
x-oss-request-id: 66EC4162FBAF2C3032ACA782
x-oss-cdn-auth: success
Accept-Ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
Content-MD5: iHHNPFMCC4PH9qzWd/G3eg==
x-oss-server-time: 69
Via: cache22.l2cn3129[0,0,304-0,H], cache34.l2cn3129[1,0], vcache9.cn6013[0,0,200-0,H], vcache2.cn6013[2,0]
ETag: "8871CD3C53020B83C7F6ACD677F1B77A"
Last-Modified: Mon, 11 Mar 2024 06:18:39 GMT
x-oss-hash-crc64ecma: 12269559318916301534
Age: 1773083
Ali-Swift-Global-Savetime: 1726759266
X-Cache: HIT TCP_HIT dirn:9:206249541
X-Swift-SaveTime: Tue, 08 Oct 2024 12:42:01 GMT
X-Swift-CacheTime: 959945
Access-Control-Allow-Methods: *
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 3daa511617285323498435841e
GET yes-file.uc.cn/file/1710389459833_2084687691_8538.png
61.170.81.238200 OK 224 kB URL GET HTTP/1.1 yes-file.uc.cn/file/1710389459833_2084687691_8538.png
IP 61.170.81.238:443
ASN #4812 China Telecom Group
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subjectyes-file.uc.cn
FingerprintB6:82:CA:0D:43:C0:1B:83:BB:75:76:25:C9:BE:FC:93:1B:8E:4B:E3
ValidityFri, 26 Apr 2024 09:46:06 GMT - Wed, 28 May 2025 09:46:05 GMT
File type PNG image data, 1424 x 1000, 8-bit/color RGBA, non-interlaced
Size 224 kB (223935 bytes)
Hash 94848e0926220405cbcc3b994204a62f
54764038343f9df4bf0edcaafd3487ae3d6d29fc
7eb7585b53128b88c946984021d952ec3d5bd4af03c646258e2624172455438a
GET /file/1710389459833_2084687691_8538.png HTTP/1.1
Host: yes-file.uc.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 223935
Connection: keep-alive
Date: Thu, 12 Sep 2024 12:00:56 GMT
x-oss-request-id: 66E2D7F8AAF2353337E7AD48
x-oss-cdn-auth: success
Accept-Ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
Content-MD5: lISOCSYiBAXLzDuZQgSmLw==
x-oss-server-time: 44
Via: cache65.l2cn3129[0,0,304-0,H], cache26.l2cn3129[1,0], vcache28.cn6013[0,0,200-0,H], vcache16.cn6013[2,0]
ETag: "94848E0926220405CBCC3B994204A62F"
Last-Modified: Thu, 14 Mar 2024 04:10:59 GMT
x-oss-hash-crc64ecma: 17561015300188041312
Age: 2389893
Ali-Swift-Global-Savetime: 1726142456
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Tue, 08 Oct 2024 14:06:42 GMT
X-Swift-CacheTime: 338054
Access-Control-Allow-Methods: *
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 3daa512417285323498554136e
GET yes-file.uc.cn/file/1720086912221_3344309060_2931.png
61.170.81.238200 OK 219 kB URL GET HTTP/1.1 yes-file.uc.cn/file/1720086912221_3344309060_2931.png
IP 61.170.81.238:443
ASN #4812 China Telecom Group
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subjectyes-file.uc.cn
FingerprintB6:82:CA:0D:43:C0:1B:83:BB:75:76:25:C9:BE:FC:93:1B:8E:4B:E3
ValidityFri, 26 Apr 2024 09:46:06 GMT - Wed, 28 May 2025 09:46:05 GMT
File type PNG image data, 1424 x 1000, 8-bit/color RGBA, non-interlaced
Size 219 kB (218744 bytes)
Hash 8d7c14f90a56d799a9591d4397584d49
9fa44de848fd9b101a19c952912a7a40a83a7f53
bca030cdd03702afef3aa457b64da3d417ab5bd2eed813c24c1012362f3fb83a
GET /file/1720086912221_3344309060_2931.png HTTP/1.1
Host: yes-file.uc.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 218744
Connection: keep-alive
Date: Wed, 02 Oct 2024 09:56:18 GMT
x-oss-request-id: 66FD18C22DAD9132384EB86E
x-oss-cdn-auth: success
Accept-Ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
Content-MD5: jXwU+QpW15mpWR1Dl1hNSQ==
x-oss-server-time: 24
Via: cache30.l2cn1821[0,0,304-0,H], cache31.l2cn1821[2,0], vcache22.cn6013[0,1,200-0,H], vcache24.cn6013[3,0]
ETag: "8D7C14F90A56D799A9591D4397584D49"
Last-Modified: Thu, 04 Jul 2024 09:55:12 GMT
x-oss-hash-crc64ecma: 4459179615600815204
Age: 669371
Ali-Swift-Global-Savetime: 1727862978
X-Cache: HIT TCP_HIT dirn:11:237588166
X-Swift-SaveTime: Tue, 08 Oct 2024 11:05:04 GMT
X-Swift-CacheTime: 2069474
Access-Control-Allow-Methods: *
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 3daa512c17285323498702521e
GET g.alicdn.com/AWSC/nc/1.97.0/nc.js
163.181.131.243200 OK 22 kB URL GET HTTP/2 g.alicdn.com/AWSC/nc/1.97.0/nc.js
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash 8931746f3905f0c8639e227d1307bd07
2f72ce290e71b74db07b016648ea060cda1032c2
94b2b99ad074012c1ce6d21a3827fecf7e4d7614babb94768282e0a17b071895
GET /AWSC/nc/1.97.0/nc.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uop.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 22294
date: Wed, 09 Oct 2024 15:06:31 GMT
vary: Accept-Encoding
x-oss-request-id: 67069BF7547B9A3030956DFC
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15901213936247592681
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: iTF0bzkF8MhjniJ9Ewe9Bw==
x-oss-server-time: 23
access-control-allow-origin: *
x-source-scheme: https
content-encoding: gzip
via: ens-cache9.l2de3[0,0,200-0,H], ens-cache3.l2de3[1,0], ens-cache3.l2de3[1,0], ens-cache4.de7[0,0,200-0,H], ens-cache7.de7[1,0]
age: 45959
ali-swift-global-savetime: 1728486391
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 09 Oct 2024 15:06:33 GMT
x-swift-cachetime: 86398
timing-allow-origin: *
eagleid: a3b5839b17285323508447877e
X-Firefox-Spdy: h2
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323483122%26tm%3D1728532348%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
111.63.205.135200 OK 20 B URL POST HTTP/1.1 px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323483122%26tm%3D1728532348%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
File type gzip compressed data, from Unix
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323483122%26tm%3D1728532348%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dapi%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2480
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BGRk2lUb39C1bSscYQKh4nLqNmtW_YhnTjS5cn6F8C_yKQTzpg1Y95qL7Rsx6sC_; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; _UP_F7E_8D_=SaK7LS4RKDwm%2BfLVk0hu3Usem8D%2BGJzLUdRO7YsGUI%2FGQuQrVewrlr4s0OqcgeUVrrD1zMwJFjsIpxEoAQFoJnzxAz3%2BQ%2Bs6sDzKXdPuwWWq5ceSNFpeZw7BtOQn%2FKUWcGQ8wd6GAjK64Q4bNa06hekaBxJH%2FMFX7dOZNOZ4JBsh7CGpGW4wTOxlHyjmxycTXwhqI%2F2ME3ms%2BxTXtsN6cqP6GbeZVhMFJAjgOUZRu09n8YDWQyQCHSO0P258aqTv1TGLTEc6qxmgCDcnfp1L1p2FzlVOe%2F6NZKmP7S%2F1qpCgCDcnfp1L1lTbkJNTU%2FRawgMSen7NP2XpAVr%2B6ep%2F6k2S0X%2ByREoIk8Y3Gr241lY%3D; _UP_A4A_11_=wb96a1a927ca4e8ca2a795185e133829; _UP_D_=pc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:31 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
GET yes-file.uc.cn/file/1690521301423_1873222475_1495.png
61.170.81.240200 OK 99 kB URL GET HTTP/1.1 yes-file.uc.cn/file/1690521301423_1873222475_1495.png
IP 61.170.81.240:443
ASN #4812 China Telecom Group
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subjectyes-file.uc.cn
FingerprintB6:82:CA:0D:43:C0:1B:83:BB:75:76:25:C9:BE:FC:93:1B:8E:4B:E3
ValidityFri, 26 Apr 2024 09:46:06 GMT - Wed, 28 May 2025 09:46:05 GMT
File type PNG image data, 840 x 960, 8-bit colormap, non-interlaced
Hash 08c5569f9ec880b311f5cde879385996
8aed93d94e546a3b63c6f60186dd189c5b1ea030
726b93fff1a30ffca458c953ae67989067562ed1d44e3a0267ef2603c248063d
GET /file/1690521301423_1873222475_1495.png HTTP/1.1
Host: yes-file.uc.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 98580
Connection: keep-alive
Date: Sun, 22 Sep 2024 09:04:46 GMT
x-oss-request-id: 66EFDDAD91C9793338A6FB32
x-oss-cdn-auth: success
Accept-Ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
Content-MD5: CMVWn57IgLMR9c3oeThZlg==
x-oss-server-time: 11
Via: cache4.l2cn3022[0,26,304-0,H], cache21.l2cn3022[27,0], vcache27.cn6013[0,0,200-0,H], vcache12.cn6013[1,0]
ETag: "08C5569F9EC880B311F5CDE879385996"
Last-Modified: Fri, 28 Jul 2023 05:15:01 GMT
x-oss-hash-crc64ecma: 16931058446973851985
Age: 1536464
Ali-Swift-Global-Savetime: 1726995886
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Sun, 29 Sep 2024 03:08:38 GMT
X-Swift-CacheTime: 2008568
Access-Control-Allow-Methods: *
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 3daa512017285323503145347e
GET yes-file.uc.cn/file/test/1710137738361_1950658521_3981.png
61.170.81.238200 OK 535 kB URL GET HTTP/1.1 yes-file.uc.cn/file/test/1710137738361_1950658521_3981.png
IP 61.170.81.238:443
ASN #4812 China Telecom Group
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subjectyes-file.uc.cn
FingerprintB6:82:CA:0D:43:C0:1B:83:BB:75:76:25:C9:BE:FC:93:1B:8E:4B:E3
ValidityFri, 26 Apr 2024 09:46:06 GMT - Wed, 28 May 2025 09:46:05 GMT
File type PNG image data, 1424 x 1000, 8-bit/color RGBA, non-interlaced
Size 535 kB (535265 bytes)
Hash 5bd29eaec4678ee7c86ffa76ed333a24
2e36eec3375a8f9266f4586e5ad80f19a787b4e5
dcf8509e37897f1ff7a2b9913171920e51f1dfea93ea351b03596834e1f336fe
GET /file/test/1710137738361_1950658521_3981.png HTTP/1.1
Host: yes-file.uc.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 535265
Connection: keep-alive
Date: Sun, 29 Sep 2024 13:48:33 GMT
x-oss-request-id: 66F95AB12697423832350126
x-oss-cdn-auth: success
Accept-Ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
Content-MD5: W9KersRnjufIb/p27TM6JA==
x-oss-server-time: 43
Via: cache31.l2cn1821[0,0,304-0,H], cache25.l2cn1821[2,0], vcache24.cn6013[0,0,200-0,H], vcache22.cn6013[2,0]
ETag: "5BD29EAEC4678EE7C86FFA76ED333A24"
Last-Modified: Mon, 11 Mar 2024 06:15:38 GMT
x-oss-hash-crc64ecma: 4233846879481385733
Age: 914636
Ali-Swift-Global-Savetime: 1727617713
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Tue, 08 Oct 2024 06:47:47 GMT
X-Swift-CacheTime: 1839646
Access-Control-Allow-Methods: *
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 3daa512a17285323498286838e
GET usercenter.9game.cn/user_center/sso/public/images/next/zh/mobile/html5/new/sp_f21cfcb.png?force-show=1
47.246.44.199200 OK 2.1 kB URL GET HTTP/2 usercenter.9game.cn/user_center/sso/public/images/next/zh/mobile/html5/new/sp_f21cfcb.png?force-show=1
IP 47.246.44.199:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
Certificate IssuerDigiCert Inc
Subject*.9game.cn
FingerprintB3:28:5D:21:31:38:11:8E:19:95:82:6A:F5:9A:C2:BB:9C:03:2D:28
ValidityWed, 15 Nov 2023 00:00:00 GMT - Fri, 15 Nov 2024 23:59:59 GMT
File type PNG image data, 50 x 347, 8-bit colormap, non-interlaced
Hash f21cfcb637f5a53bdfdab550f67daa91
2fe412a4e106910b7285abd80c3847c4c9980a47
8675f1f971027e7093330fb1a9ae352145e9ad07526be9765a09dd9e5a117328
GET /user_center/sso/public/images/next/zh/mobile/html5/new/sp_f21cfcb.png?force-show=1 HTTP/1.1
Host: usercenter.9game.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://image.uc.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 2073
date: Thu, 10 Oct 2024 03:08:05 GMT
x-oss-request-id: 670745156849833439CC2E4F
x-oss-cdn-auth: success
accept-ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
cache-control: 86400
content-md5: 8hz8tjf1pTvf2rVQ9n2qkQ==
x-oss-server-time: 2
via: ens-cache15.l2de3[0,0,304-0,H], ens-cache8.l2de3[0,0], ens-cache8.se2[0,0,200-0,H], ens-cache2.se2[3,0]
etag: "F21CFCB637F5A53BDFDAB550F67DAA91"
last-modified: Mon, 09 Sep 2024 08:40:59 GMT
x-oss-hash-crc64ecma: 12991160764622811853
age: 2666
ali-swift-global-savetime: 1728529685
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 10 Oct 2024 03:11:54 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9617285323512461851e
X-Firefox-Spdy: h2
GET fourier.alibaba.com/ts?url=https%3A%2F%2Fpan.quark.cn%2F&token=gF5xOVV3bvYX_37S-cwkIFN8G1U3EtQqwi7IshxmCgIR-g-MCKYD6dsXqsvMGoR9f3sZnjxMi1IR4gScoNfOUfQF7s42srlVuCR_xkVH1Z72_S2gjsqlPPTw1FSwhx7VuCuzxkV3tZo9O_r0MCs_NLT2VcO6hdaJVFLECms61zUJ73t61Cs1Pw0bH3gXYfBwkyy9fOx-1f1JlEKCy3Lyz_LvHHNe2fglwEpvAZx-1f1JJ9CJKtabhed94Z5kHfsyP6fpTOiHvFDYy1MZQKTykFJj6AkwhU8JxrUxQAJJzUK3yzHZQKTyyH4YkAkweU5..&cna=&ext=62
47.246.167.157200 OK 0 B URL GET HTTP/2 fourier.alibaba.com/ts?url=https%3A%2F%2Fpan.quark.cn%2F&token=gF5xOVV3bvYX_37S-cwkIFN8G1U3EtQqwi7IshxmCgIR-g-MCKYD6dsXqsvMGoR9f3sZnjxMi1IR4gScoNfOUfQF7s42srlVuCR_xkVH1Z72_S2gjsqlPPTw1FSwhx7VuCuzxkV3tZo9O_r0MCs_NLT2VcO6hdaJVFLECms61zUJ73t61Cs1Pw0bH3gXYfBwkyy9fOx-1f1JlEKCy3Lyz_LvHHNe2fglwEpvAZx-1f1JJ9CJKtabhed94Z5kHfsyP6fpTOiHvFDYy1MZQKTykFJj6AkwhU8JxrUxQAJJzUK3yzHZQKTyyH4YkAkweU5..&cna=&ext=62
IP 47.246.167.157:443
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by https://uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
Certificate IssuerGlobalSign nv-sa
Subject*.alibaba.com
FingerprintDD:7F:4F:EB:01:41:A8:02:59:C5:4B:CD:12:26:60:E8:9D:C1:04:8E
ValidityWed, 13 Mar 2024 08:47:05 GMT - Mon, 14 Apr 2025 08:41:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ts?url=https%3A%2F%2Fpan.quark.cn%2F&token=gF5xOVV3bvYX_37S-cwkIFN8G1U3EtQqwi7IshxmCgIR-g-MCKYD6dsXqsvMGoR9f3sZnjxMi1IR4gScoNfOUfQF7s42srlVuCR_xkVH1Z72_S2gjsqlPPTw1FSwhx7VuCuzxkV3tZo9O_r0MCs_NLT2VcO6hdaJVFLECms61zUJ73t61Cs1Pw0bH3gXYfBwkyy9fOx-1f1JlEKCy3Lyz_LvHHNe2fglwEpvAZx-1f1JJ9CJKtabhed94Z5kHfsyP6fpTOiHvFDYy1MZQKTykFJj6AkwhU8JxrUxQAJJzUK3yzHZQKTyyH4YkAkweU5..&cna=&ext=62 HTTP/1.1
Host: fourier.alibaba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uop.quark.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Oct 2024 03:52:31 GMT
content-type: image/gif
content-length: 0
server: Tengine/Aserver
eagleeye-traceid: 2102f5de17285323512743705ec56f
strict-transport-security: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
GET cf.aliyun.com/nvc/nvcPrepare.jsonp?a=%7B%22a%22%3A%22FFFF0N0000000000ABDE%22%2C%22d%22%3A%22nvc_login%22%2C%22c%22%3A%22FFFF0N0000000000ABDE%3Anvc_login%3A1728532351300%3A0.9461465484942335%22%7D&callback=jsonp_06520596824253991
59.82.133.163200 OK 287 B URL GET HTTP/1.1 cf.aliyun.com/nvc/nvcPrepare.jsonp?a=%7B%22a%22%3A%22FFFF0N0000000000ABDE%22%2C%22d%22%3A%22nvc_login%22%2C%22c%22%3A%22FFFF0N0000000000ABDE%3Anvc_login%3A1728532351300%3A0.9461465484942335%22%7D&callback=jsonp_06520596824253991
IP 59.82.133.163:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
Certificate IssuerGlobalSign nv-sa
Subject*.cfc.aliyuncs.com
FingerprintA5:70:D2:ED:A4:2E:AF:54:C5:3B:99:16:FF:87:92:6B:2F:1D:3D:52
ValidityTue, 16 Apr 2024 08:24:02 GMT - Mon, 12 May 2025 02:16:09 GMT
File type ASCII text, with no line terminators
Hash d3c48801e40e78d3177455b9d6c24a00
453bca71b2ecf49cd50a238740cce9923d22616d
14f174fdff21a6479e46bdd14c85fdb913dc69bf21a97544b608b452e8f3b0c9
GET /nvc/nvcPrepare.jsonp?a=%7B%22a%22%3A%22FFFF0N0000000000ABDE%22%2C%22d%22%3A%22nvc_login%22%2C%22c%22%3A%22FFFF0N0000000000ABDE%3Anvc_login%3A1728532351300%3A0.9461465484942335%22%7D&callback=jsonp_06520596824253991 HTTP/1.1
Host: cf.aliyun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uop.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Thu, 10 Oct 2024 03:52:32 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 287
Connection: close
Content-Language: zh-CN
GET cf.aliyun.com/nocaptcha/initialize.jsonp?a=FFFF0N0000000000ABDE&t=FFFF0N0000000000ABDE%3Anvc_login%3A1728532351300%3A0.9461465484942335&scene=nvc_login&lang=cn&v=v1.3.21&href=https%3A%2F%2Fuop.quark.cn%2Fcas%2Fcustom%2Flogin&comm={}&callback=initializeJsonp_008362419990272485
59.82.133.163200 OK 95 B URL GET HTTP/1.1 cf.aliyun.com/nocaptcha/initialize.jsonp?a=FFFF0N0000000000ABDE&t=FFFF0N0000000000ABDE%3Anvc_login%3A1728532351300%3A0.9461465484942335&scene=nvc_login&lang=cn&v=v1.3.21&href=https%3A%2F%2Fuop.quark.cn%2Fcas%2Fcustom%2Flogin&comm={}&callback=initializeJsonp_008362419990272485
IP 59.82.133.163:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
Certificate IssuerGlobalSign nv-sa
Subject*.cfc.aliyuncs.com
FingerprintA5:70:D2:ED:A4:2E:AF:54:C5:3B:99:16:FF:87:92:6B:2F:1D:3D:52
ValidityTue, 16 Apr 2024 08:24:02 GMT - Mon, 12 May 2025 02:16:09 GMT
File type ASCII text, with no line terminators
Hash 90bb8756db96c56b61465fc80d9cc249
635bdbff0fd91201033a3fd9ea43cdefc2c711f4
8c8b90284b551cd685186b99fb32df52a181b82891cc1ae324048df8a4dc5c99
GET /nocaptcha/initialize.jsonp?a=FFFF0N0000000000ABDE&t=FFFF0N0000000000ABDE%3Anvc_login%3A1728532351300%3A0.9461465484942335&scene=nvc_login&lang=cn&v=v1.3.21&href=https%3A%2F%2Fuop.quark.cn%2Fcas%2Fcustom%2Flogin&comm={}&callback=initializeJsonp_008362419990272485 HTTP/1.1
Host: cf.aliyun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uop.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Date: Thu, 10 Oct 2024 03:52:32 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 95
Connection: close
Content-Language: zh-CN
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323525685%26tm%3D1728532352%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dbkpg%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
111.63.205.135200 OK 20 B URL POST HTTP/1.1 px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323525685%26tm%3D1728532352%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dbkpg%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
File type gzip compressed data, from Unix
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323525685%26tm%3D1728532352%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Dbkpg%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 979
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BGRk2lUb39C1bSscYQKh4nLqNmtW_YhnTjS5cn6F8C_yKQTzpg1Y95qL7Rsx6sC_; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; _UP_F7E_8D_=SaK7LS4RKDwm%2BfLVk0hu3Usem8D%2BGJzLUdRO7YsGUI%2FGQuQrVewrlr4s0OqcgeUVrrD1zMwJFjsIpxEoAQFoJnzxAz3%2BQ%2Bs6sDzKXdPuwWWq5ceSNFpeZw7BtOQn%2FKUWcGQ8wd6GAjK64Q4bNa06hekaBxJH%2FMFX7dOZNOZ4JBsh7CGpGW4wTOxlHyjmxycTXwhqI%2F2ME3ms%2BxTXtsN6cqP6GbeZVhMFJAjgOUZRu09n8YDWQyQCHSO0P258aqTv1TGLTEc6qxmgCDcnfp1L1p2FzlVOe%2F6NZKmP7S%2F1qpCgCDcnfp1L1lTbkJNTU%2FRawgMSen7NP2XpAVr%2B6ep%2F6k2S0X%2ByREoIk8Y3Gr241lY%3D; _UP_A4A_11_=wb96a1a927ca4e8ca2a795185e133829; _UP_D_=pc; tfstk=g_OnO9TCr-4SOZpaHV5IEEWDmmHAOX15m3FR2_IrQGS_pMCJz_Py2UCdUDTJjgxJPMRdJMQyqhI1wMdppL4BsnV89DMBz7fAamnxMjLB7_1rDE4-wujCPFSrDTO5_fC5amntMjLBR_tXxMGLxFuGJaEPa7-P_OS1ParFzWuM7GsN4_5y4FuGPwVT8iAy9CoBjDUPxfcMswXhmpSgiS0R-9j28Gb15Cc5Ki8Fj7nD9EKAYZRqXJ_cK3Xw6UUYwCjP_RyqbQP574dgFRBF5Njx-c8AJDhND10iS-w5LN_FDV0gF86F5NjxSV2bF9718iC..
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:33 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
OPTIONS drive-h.quark.cn/1/clouddrive/share/sharepage/token?pr=ucpro&fr=pc&uc_param_str=&__dt=4116&__t=1728532345124
59.82.23.111200 OK 6.5 kB URL OPTIONS HTTP/2 drive-h.quark.cn/1/clouddrive/share/sharepage/token?pr=ucpro&fr=pc&uc_param_str=&__dt=4116&__t=1728532345124
IP 59.82.23.111:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.alibaba.com
FingerprintDD:7F:4F:EB:01:41:A8:02:59:C5:4B:CD:12:26:60:E8:9D:C1:04:8E
ValidityWed, 13 Mar 2024 08:47:05 GMT - Mon, 14 Apr 2025 08:41:13 GMT
File type gzip compressed data, from Unix
Hash 2a44da44810b85fe577df0eaf6e37c4d
032f83e10ce215a255445311ff283cc8b7033930
0394691cdf012fbc1bfbf4b51b5237c030e093b969934cca86b6b5a71f7757c5
POST /1/clouddrive/share/sharepage/token?pr=ucpro&fr=pc&uc_param_str=&__dt=4116&__t=1728532345124 HTTP/1.1
Host: drive-h.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 39
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BKOjkW4-wI0uJYy5ikfuT7m3Me5NmDfadTne19UA_4J5FMM2XWjHKoFCCn4ar4_S; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 10 Oct 2024 03:52:27 GMT
content-type: application/json;charset=UTF-8
server: Tengine
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
x-application-context: clouddrive-api:dev,online,quark:9019
x-req-id: 97bvyf-23e9bd9f611152
access-control-allow-origin: https://pan.quark.cn
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
content-encoding: gzip
eagleeye-traceid: 2106e65817285323475847898e8fd6
timing-allow-origin: *
X-Firefox-Spdy: h2
GET 127.0.0.1:9127/desktop_info?__dt=22047&__t=1728532363055
0.0.0.0 0 B URL GET 127.0.0.1:9127/desktop_info?__dt=22047&__t=1728532363055
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=22047&__t=1728532363055 HTTP/1.1
Host: 127.0.0.1:9127
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
POST track.lc.quark.cn/collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=b7b8bf19-97ab-5553-7700-9a0797206989&sid=409eab35-464e-b041-bde9-351b80cd6e8d&appid=29351a4155a4&dn=b7b8bf19-97ab-5553-7700-9a0797206989&ut=b7b8bf19-97ab-5553-7700-9a0797206989&ds=b7b8bf19-97ab-5553-7700-9a0797206989&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=0f844df0-86bb-11ef-8034-77a9fff62d0e&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.17&system_enter_type=others&pwdid=d362d7bc924b&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.17&auto_save=0&sharelink_source=other&computer_info_succ=0&webshare_to_native=quark&file_download_limit=C&pagetype=normal&tg=undefined&page=page_clouddrive_websharedetail&page_h5=page_clouddrive_websharedetail&stat_a=a2s0k&stat_b=websharedetail&stat_c=share&stat_d=show&event_id=2201&type=exposure&arg1=introduce_show&arg1_h5=introduce_show<=exposure&c_lt=exposure&no_url_de=1&spm=a2s0k.websharedetail.share.show&time=1728532348692
0.0.0.0 0 B URL POST track.lc.quark.cn/collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=b7b8bf19-97ab-5553-7700-9a0797206989&sid=409eab35-464e-b041-bde9-351b80cd6e8d&appid=29351a4155a4&dn=b7b8bf19-97ab-5553-7700-9a0797206989&ut=b7b8bf19-97ab-5553-7700-9a0797206989&ds=b7b8bf19-97ab-5553-7700-9a0797206989&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=0f844df0-86bb-11ef-8034-77a9fff62d0e&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.17&system_enter_type=others&pwdid=d362d7bc924b&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.17&auto_save=0&sharelink_source=other&computer_info_succ=0&webshare_to_native=quark&file_download_limit=C&pagetype=normal&tg=undefined&page=page_clouddrive_websharedetail&page_h5=page_clouddrive_websharedetail&stat_a=a2s0k&stat_b=websharedetail&stat_c=share&stat_d=show&event_id=2201&type=exposure&arg1=introduce_show&arg1_h5=introduce_show<=exposure&c_lt=exposure&no_url_de=1&spm=a2s0k.websharedetail.share.show&time=1728532348692
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=b7b8bf19-97ab-5553-7700-9a0797206989&sid=409eab35-464e-b041-bde9-351b80cd6e8d&appid=29351a4155a4&dn=b7b8bf19-97ab-5553-7700-9a0797206989&ut=b7b8bf19-97ab-5553-7700-9a0797206989&ds=b7b8bf19-97ab-5553-7700-9a0797206989&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=0f844df0-86bb-11ef-8034-77a9fff62d0e&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.17&system_enter_type=others&pwdid=d362d7bc924b&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.17&auto_save=0&sharelink_source=other&computer_info_succ=0&webshare_to_native=quark&file_download_limit=C&pagetype=normal&tg=undefined&page=page_clouddrive_websharedetail&page_h5=page_clouddrive_websharedetail&stat_a=a2s0k&stat_b=websharedetail&stat_c=share&stat_d=show&event_id=2201&type=exposure&arg1=introduce_show&arg1_h5=introduce_show<=exposure&c_lt=exposure&no_url_de=1&spm=a2s0k.websharedetail.share.show&time=1728532348692 HTTP/1.1
Host: track.lc.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BGhoznl3mwwRmbeInf5lLlaeOl96kcybquAFxiKZtOPWfQjnyqGcK_67cY-N1oRz; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gsZxH7sh_eDX4gwWKC_oSAs8BUBhZre4wSyBjfcD57F8Q53i5qDmXVNjZo0icjV-BAMnClxf7fISBv6acmNGXfwEanVGuVx93uFpjnfVuRttxc1htMj338iZf604DoQqgAyS16muRBEobc1hZMj33-oaTSh2sOe5exkH1cgjGY6-Kvi6cVtXPQGrCcisGxwSNvkXcEG6cTeSaAis1wJdkb9jThUZH9PfB6DefhZ-HqiQhjtsUuHxkXwXSht6Qx3xO-GPT1igf2FjWlWp27Et6VcEup9C4jr3vDz6tXHMkTE67FujUxHZlhh_tz1meXXAHF8ZyYk-tTBJ7FujUYhhHtLw74HP.
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
GET 127.0.0.1:9127/desktop_info?__dt=21008&__t=1728532362016
0.0.0.0 0 B URL GET 127.0.0.1:9127/desktop_info?__dt=21008&__t=1728532362016
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=21008&__t=1728532362016 HTTP/1.1
Host: 127.0.0.1:9127
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET bdc.alibabachengdun.com/wcfg.json?href=https%3A%2F%2Fpan.quark.cn%2Fs%2Fd362d7bc924b&v=007356289575373354
0.0.0.0 0 B URL GET bdc.alibabachengdun.com/wcfg.json?href=https%3A%2F%2Fpan.quark.cn%2Fs%2Fd362d7bc924b&v=007356289575373354
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wcfg.json?href=https%3A%2F%2Fpan.quark.cn%2Fs%2Fd362d7bc924b&v=007356289575373354 HTTP/1.1
Host: bdc.alibabachengdun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9125/desktop_info?__dt=13544&__t=1728532354552
0.0.0.0 0 B URL GET 127.0.0.1:9125/desktop_info?__dt=13544&__t=1728532354552
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=13544&__t=1728532354552 HTTP/1.1
Host: 127.0.0.1:9125
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9130/desktop_info?__dt=4711&__t=1728532345719
0.0.0.0 0 B URL GET 127.0.0.1:9130/desktop_info?__dt=4711&__t=1728532345719
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=4711&__t=1728532345719 HTTP/1.1
Host: 127.0.0.1:9130
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9125/desktop_info?__dt=20984&__t=1728532361992
0.0.0.0 0 B URL GET 127.0.0.1:9125/desktop_info?__dt=20984&__t=1728532361992
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=20984&__t=1728532361992 HTTP/1.1
Host: 127.0.0.1:9125
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9126/desktop_info?__dt=20997&__t=1728532362005
0.0.0.0 0 B URL GET 127.0.0.1:9126/desktop_info?__dt=20997&__t=1728532362005
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=20997&__t=1728532362005 HTTP/1.1
Host: 127.0.0.1:9126
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
POST track.lc.quark.cn/collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=b7b8bf19-97ab-5553-7700-9a0797206989&sid=409eab35-464e-b041-bde9-351b80cd6e8d&appid=29351a4155a4&dn=b7b8bf19-97ab-5553-7700-9a0797206989&ut=b7b8bf19-97ab-5553-7700-9a0797206989&ds=b7b8bf19-97ab-5553-7700-9a0797206989&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=0f844df0-86bb-11ef-8034-77a9fff62d0e&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.17&system_enter_type=others&pwdid=d362d7bc924b&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.17&auto_save=0&sharelink_source=other&computer_info_succ=0&webshare_to_native=quark&file_download_limit=C&pagetype=normal&tg=undefined&page=page_clouddrive_websharedetail&page_h5=page_clouddrive_websharedetail&function=share&stat_a=a2s0k&stat_b=websharedetail&stat_c=pc_share_login&stat_d=display&event_id=2201&display_source=second&type=exposure&arg1=pc_login_page_display&arg1_h5=pc_login_page_display<=exposure&c_lt=exposure&no_url_de=1&spm=a2s0k.websharedetail.pc_share_login.display&time=1728532350129
0.0.0.0 0 B URL POST track.lc.quark.cn/collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=b7b8bf19-97ab-5553-7700-9a0797206989&sid=409eab35-464e-b041-bde9-351b80cd6e8d&appid=29351a4155a4&dn=b7b8bf19-97ab-5553-7700-9a0797206989&ut=b7b8bf19-97ab-5553-7700-9a0797206989&ds=b7b8bf19-97ab-5553-7700-9a0797206989&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=0f844df0-86bb-11ef-8034-77a9fff62d0e&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.17&system_enter_type=others&pwdid=d362d7bc924b&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.17&auto_save=0&sharelink_source=other&computer_info_succ=0&webshare_to_native=quark&file_download_limit=C&pagetype=normal&tg=undefined&page=page_clouddrive_websharedetail&page_h5=page_clouddrive_websharedetail&function=share&stat_a=a2s0k&stat_b=websharedetail&stat_c=pc_share_login&stat_d=display&event_id=2201&display_source=second&type=exposure&arg1=pc_login_page_display&arg1_h5=pc_login_page_display<=exposure&c_lt=exposure&no_url_de=1&spm=a2s0k.websharedetail.pc_share_login.display&time=1728532350129
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=b7b8bf19-97ab-5553-7700-9a0797206989&sid=409eab35-464e-b041-bde9-351b80cd6e8d&appid=29351a4155a4&dn=b7b8bf19-97ab-5553-7700-9a0797206989&ut=b7b8bf19-97ab-5553-7700-9a0797206989&ds=b7b8bf19-97ab-5553-7700-9a0797206989&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=0f844df0-86bb-11ef-8034-77a9fff62d0e&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.17&system_enter_type=others&pwdid=d362d7bc924b&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.17&auto_save=0&sharelink_source=other&computer_info_succ=0&webshare_to_native=quark&file_download_limit=C&pagetype=normal&tg=undefined&page=page_clouddrive_websharedetail&page_h5=page_clouddrive_websharedetail&function=share&stat_a=a2s0k&stat_b=websharedetail&stat_c=pc_share_login&stat_d=display&event_id=2201&display_source=second&type=exposure&arg1=pc_login_page_display&arg1_h5=pc_login_page_display<=exposure&c_lt=exposure&no_url_de=1&spm=a2s0k.websharedetail.pc_share_login.display&time=1728532350129 HTTP/1.1
Host: track.lc.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BGRk2lUb39C1bSscYQKh4nLqNmtW_YhnTjS5cn6F8C_yKQTzpg1Y95qL7Rsx6sC_; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gOXqH_vO-XH5JwyUo3pwYAseGAOvIKzBoOT6jGjMcEYDCSCNaGsUDh_fjF5wrGLcCExMZh-h5tiDsFAwzUblcxT6nFmN5G1f7GEvjFbG7F1bVJsADdpgRF2QdiBJKpIN3d01qi3ulaVYdJsAmdpgRywChqQR2eTMIAxiqu-6XAvMjdqyrh-KsqbMIuryjH8inFDMrYxpvdYGSdqPqw8FItDyXIqBEPEw-bY6gejDzAuNU3AqMiYrIAXrdI8nCUkiIT-AVFKdtY2M-6QlZsfEmYO6eU8h4-g9q-5VBsuisID64eZz4X3Q42i_Xm7o6fdk238Qmoct6IxJ4eZz4fh9Z3KyRoqc.
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
GET fourier.taobao.com/ts?url=&token=BBsbLybW-KVWQwRRsv_mN_HvqXaF8C_yLRFWfw1Y95ox7DvOlcC_QjlqgtbiV4fq&cna=&ext=1
0.0.0.0 0 B URL GET fourier.taobao.com/ts?url=&token=BBsbLybW-KVWQwRRsv_mN_HvqXaF8C_yLRFWfw1Y95ox7DvOlcC_QjlqgtbiV4fq&cna=&ext=1
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ts?url=&token=BBsbLybW-KVWQwRRsv_mN_HvqXaF8C_yLRFWfw1Y95ox7DvOlcC_QjlqgtbiV4fq&cna=&ext=1 HTTP/1.1
Host: fourier.taobao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9127/desktop_info?__dt=12532&__t=1728532353540
0.0.0.0 0 B URL GET 127.0.0.1:9127/desktop_info?__dt=12532&__t=1728532353540
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=12532&__t=1728532353540 HTTP/1.1
Host: 127.0.0.1:9127
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET image.uc.cn/s/uae/g/1g/quark/fact_stat.js
47.246.2.232200 OK 56 kB URL GET HTTP/2 image.uc.cn/s/uae/g/1g/quark/fact_stat.js
IP 47.246.2.232:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
Certificate IssuerGlobalSign nv-sa
Subject*.uc.cn
FingerprintEF:76:66:0B:BC:06:CB:DC:CA:4F:DB:1A:04:75:36:84:9F:9A:72:F3
ValidityFri, 05 Jan 2024 01:56:02 GMT - Wed, 05 Feb 2025 01:56:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/uae/g/1g/quark/fact_stat.js HTTP/1.1
Host: image.uc.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uop.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: text/javascript
content-length: 17591
date: Fri, 13 Sep 2024 16:54:27 GMT
vary: Accept-Encoding
expires: Sat, 09 Dec 2023 14:37:08 GMT
cache-control: max-age=8640000
etag: 18147c78-dae5
access-control-allow-origin: *
content-encoding: gzip
via: ens-cache17.l2de3[0,0,200-0,H], ens-cache3.l2de3[2,0], cache7.ru3[0,0,200-0,H], cache16.ru3[3,0]
age: 66
ali-swift-global-savetime: 1726246467
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Fri, 27 Sep 2024 11:12:30 GMT
x-swift-cachetime: 7450917
timing-allow-origin: *
eagleid: 2ff602a417285323506897886e
X-Firefox-Spdy: h2
GET 127.0.0.1:9125/desktop_info?__dt=4464&__t=1728532345472
0.0.0.0 0 B URL GET 127.0.0.1:9125/desktop_info?__dt=4464&__t=1728532345472
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=4464&__t=1728532345472 HTTP/1.1
Host: 127.0.0.1:9125
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9125/desktop_info?__dt=16738&__t=1728532357746
0.0.0.0 0 B URL GET 127.0.0.1:9125/desktop_info?__dt=16738&__t=1728532357746
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=16738&__t=1728532357746 HTTP/1.1
Host: 127.0.0.1:9125
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
POST track.lc.quark.cn/collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=b7b8bf19-97ab-5553-7700-9a0797206989&sid=409eab35-464e-b041-bde9-351b80cd6e8d&appid=29351a4155a4&dn=b7b8bf19-97ab-5553-7700-9a0797206989&ut=b7b8bf19-97ab-5553-7700-9a0797206989&ds=b7b8bf19-97ab-5553-7700-9a0797206989&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=0f844df0-86bb-11ef-8034-77a9fff62d0e&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.17&system_enter_type=others&pwdid=d362d7bc924b&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.17&auto_save=0&sharelink_source=other&computer_info_succ=0&stat_a=a2s0k&stat_b=activity&stat_c=0&stat_d=0&event_id=19999¬_product_log=1&type=event&arg1=weak_computer_info&arg1_h5=weak_computer_info<=event&c_lt=event&cost_time=526&no_url_de=1&spm=a2s0k.activity.0.0&time=1728532345413
0.0.0.0 0 B URL POST track.lc.quark.cn/collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=b7b8bf19-97ab-5553-7700-9a0797206989&sid=409eab35-464e-b041-bde9-351b80cd6e8d&appid=29351a4155a4&dn=b7b8bf19-97ab-5553-7700-9a0797206989&ut=b7b8bf19-97ab-5553-7700-9a0797206989&ds=b7b8bf19-97ab-5553-7700-9a0797206989&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=0f844df0-86bb-11ef-8034-77a9fff62d0e&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.17&system_enter_type=others&pwdid=d362d7bc924b&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.17&auto_save=0&sharelink_source=other&computer_info_succ=0&stat_a=a2s0k&stat_b=activity&stat_c=0&stat_d=0&event_id=19999¬_product_log=1&type=event&arg1=weak_computer_info&arg1_h5=weak_computer_info<=event&c_lt=event&cost_time=526&no_url_de=1&spm=a2s0k.activity.0.0&time=1728532345413
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=b7b8bf19-97ab-5553-7700-9a0797206989&sid=409eab35-464e-b041-bde9-351b80cd6e8d&appid=29351a4155a4&dn=b7b8bf19-97ab-5553-7700-9a0797206989&ut=b7b8bf19-97ab-5553-7700-9a0797206989&ds=b7b8bf19-97ab-5553-7700-9a0797206989&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=0f844df0-86bb-11ef-8034-77a9fff62d0e&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.17&system_enter_type=others&pwdid=d362d7bc924b&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.17&auto_save=0&sharelink_source=other&computer_info_succ=0&stat_a=a2s0k&stat_b=activity&stat_c=0&stat_d=0&event_id=19999¬_product_log=1&type=event&arg1=weak_computer_info&arg1_h5=weak_computer_info<=event&c_lt=event&cost_time=526&no_url_de=1&spm=a2s0k.activity.0.0&time=1728532345413 HTTP/1.1
Host: track.lc.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BJ-fpUrCBFGy8QBNbmsqA1UDLfopBPOmCU1SQzHsO86VwL9COdSD9h2Shsq-w8se; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gTa-w6bGLhcW16FXspsmxX_Y9nCGmuFzH8P6-vDkA-eYTJnnA0coJDwSnzmnPY2x9XGiOyY5YvQj9f1UP4whJvNZ3U2h4DYpare9-UXP4WTKS26GINbgaSgEROmzyzIrUXPjdO00fdUm826GnNbga7uUQ8HyqHFfMblMF2G7dZ1xOXvWAUwQGsHqO2MQd21YGwf12xOSQeEEw1y592HvReaxNbH_Mxhqgrh-2A_ZHeNukbn-C74k7aGs6lUxju15Vf3K37zm2esyQP4t7k9iBXxRMyteY0GqwXoWJvwgcTcxI_CJYHoxgjHGMsKeY0GqMAfRwH-EDj5..
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
POST px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323456134%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
111.63.205.135200 OK 0 B URL POST HTTP/1.1 px.wpk.quark.cn/api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323456134%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b
IP 111.63.205.135:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.wpk.quark.cn
Fingerprint13:78:FA:DF:D9:09:59:B6:26:E9:62:54:79:AC:0B:08:0D:B1:9B:81
ValidityWed, 06 Mar 2024 09:56:05 GMT - Mon, 07 Apr 2025 09:56:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v1/jssdk/upload?wpk-header=app%3Diltsi7g3-0w3asjm9%26cp%3Dnone%26de%3D4%26seq%3D17285323456134%26tm%3D1728532345%26ud%3D0f844df0-86bb-11ef-8034-77a9fff62d0e%26ver%3D4.5.17%26type%3Djssdkidx%26sver%3D1.2.8%26sign%3D9bf8a190ef82c5049df7b199c599c45b HTTP/1.1
Host: px.wpk.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1740
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BJ-fpUrCBFGy8QBNbmsqA1UDLfopBPOmCU1SQzHsO86VwL9COdSD9h2Shsq-w8se; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gTa-w6bGLhcW16FXspsmxX_Y9nCGmuFzH8P6-vDkA-eYTJnnA0coJDwSnzmnPY2x9XGiOyY5YvQj9f1UP4whJvNZ3U2h4DYpare9-UXP4WTKS26GINbgaSgEROmzyzIrUXPjdO00fdUm826GnNbga7uUQ8HyqHFfMblMF2G7dZ1xOXvWAUwQGsHqO2MQd21YGwf12xOSQeEEw1y592HvReaxNbH_Mxhqgrh-2A_ZHeNukbn-C74k7aGs6lUxju15Vf3K37zm2esyQP4t7k9iBXxRMyteY0GqwXoWJvwgcTcxI_CJYHoxgjHGMsKeY0GqMAfRwH-EDj5..
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 10 Oct 2024 03:52:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
GET ynuf.aliapp.org/w/wu.json
0.0.0.0 0 B URL GET ynuf.aliapp.org/w/wu.json
IP 0.0.0.0:0
Requested by https://uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /w/wu.json HTTP/1.1
Host: ynuf.aliapp.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uop.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9126/desktop_info?__dt=16758&__t=1728532357766
0.0.0.0 0 B URL GET 127.0.0.1:9126/desktop_info?__dt=16758&__t=1728532357766
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=16758&__t=1728532357766 HTTP/1.1
Host: 127.0.0.1:9126
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9125/desktop_info?__dt=22022&__t=1728532363030
0.0.0.0 0 B URL GET 127.0.0.1:9125/desktop_info?__dt=22022&__t=1728532363030
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=22022&__t=1728532363030 HTTP/1.1
Host: 127.0.0.1:9125
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9129/desktop_info?__dt=4677&__t=1728532345685
0.0.0.0 0 B URL GET 127.0.0.1:9129/desktop_info?__dt=4677&__t=1728532345685
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=4677&__t=1728532345685 HTTP/1.1
Host: 127.0.0.1:9129
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
POST track.lc.quark.cn/collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=b7b8bf19-97ab-5553-7700-9a0797206989&sid=409eab35-464e-b041-bde9-351b80cd6e8d&appid=29351a4155a4&dn=b7b8bf19-97ab-5553-7700-9a0797206989&ut=b7b8bf19-97ab-5553-7700-9a0797206989&ds=b7b8bf19-97ab-5553-7700-9a0797206989&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=0f844df0-86bb-11ef-8034-77a9fff62d0e&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.17&system_enter_type=others&pwdid=d362d7bc924b&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.17&auto_save=0&sharelink_source=other&computer_info_succ=0&webshare_to_native=quark&file_download_limit=C&pagetype=normal&tg=undefined&page=page_clouddrive_websharedetail&page_h5=page_clouddrive_websharedetail&function=share&stat_a=a2s0k&stat_b=websharedetail&stat_c=0&stat_d=0&event_id=19999&login_way=mobile&type=event&arg1=default_login_way&arg1_h5=default_login_way<=event&c_lt=event&cost_time=4759&no_url_de=1&spm=a2s0k.websharedetail.0.0&time=1728532350172
0.0.0.0 0 B URL POST track.lc.quark.cn/collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=b7b8bf19-97ab-5553-7700-9a0797206989&sid=409eab35-464e-b041-bde9-351b80cd6e8d&appid=29351a4155a4&dn=b7b8bf19-97ab-5553-7700-9a0797206989&ut=b7b8bf19-97ab-5553-7700-9a0797206989&ds=b7b8bf19-97ab-5553-7700-9a0797206989&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=0f844df0-86bb-11ef-8034-77a9fff62d0e&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.17&system_enter_type=others&pwdid=d362d7bc924b&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.17&auto_save=0&sharelink_source=other&computer_info_succ=0&webshare_to_native=quark&file_download_limit=C&pagetype=normal&tg=undefined&page=page_clouddrive_websharedetail&page_h5=page_clouddrive_websharedetail&function=share&stat_a=a2s0k&stat_b=websharedetail&stat_c=0&stat_d=0&event_id=19999&login_way=mobile&type=event&arg1=default_login_way&arg1_h5=default_login_way<=event&c_lt=event&cost_time=4759&no_url_de=1&spm=a2s0k.websharedetail.0.0&time=1728532350172
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=b7b8bf19-97ab-5553-7700-9a0797206989&sid=409eab35-464e-b041-bde9-351b80cd6e8d&appid=29351a4155a4&dn=b7b8bf19-97ab-5553-7700-9a0797206989&ut=b7b8bf19-97ab-5553-7700-9a0797206989&ds=b7b8bf19-97ab-5553-7700-9a0797206989&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=0f844df0-86bb-11ef-8034-77a9fff62d0e&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.17&system_enter_type=others&pwdid=d362d7bc924b&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.17&auto_save=0&sharelink_source=other&computer_info_succ=0&webshare_to_native=quark&file_download_limit=C&pagetype=normal&tg=undefined&page=page_clouddrive_websharedetail&page_h5=page_clouddrive_websharedetail&function=share&stat_a=a2s0k&stat_b=websharedetail&stat_c=0&stat_d=0&event_id=19999&login_way=mobile&type=event&arg1=default_login_way&arg1_h5=default_login_way<=event&c_lt=event&cost_time=4759&no_url_de=1&spm=a2s0k.websharedetail.0.0&time=1728532350172 HTTP/1.1
Host: track.lc.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BGRk2lUb39C1bSscYQKh4nLqNmtW_YhnTjS5cn6F8C_yKQTzpg1Y95qL7Rsx6sC_; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gOXqH_vO-XH5JwyUo3pwYAseGAOvIKzBoOT6jGjMcEYDCSCNaGsUDh_fjF5wrGLcCExMZh-h5tiDsFAwzUblcxT6nFmN5G1f7GEvjFbG7F1bVJsADdpgRF2QdiBJKpIN3d01qi3ulaVYdJsAmdpgRywChqQR2eTMIAxiqu-6XAvMjdqyrh-KsqbMIuryjH8inFDMrYxpvdYGSdqPqw8FItDyXIqBEPEw-bY6gejDzAuNU3AqMiYrIAXrdI8nCUkiIT-AVFKdtY2M-6QlZsfEmYO6eU8h4-g9q-5VBsuisID64eZz4X3Q42i_Xm7o6fdk238Qmoct6IxJ4eZz4fh9Z3KyRoqc.
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
GET 127.0.0.1:9127/desktop_info?__dt=10461&__t=1728532351469
0.0.0.0 0 B URL GET 127.0.0.1:9127/desktop_info?__dt=10461&__t=1728532351469
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=10461&__t=1728532351469 HTTP/1.1
Host: 127.0.0.1:9127
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9126/desktop_info?__dt=17810&__t=1728532358818
0.0.0.0 0 B URL GET 127.0.0.1:9126/desktop_info?__dt=17810&__t=1728532358818
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=17810&__t=1728532358818 HTTP/1.1
Host: 127.0.0.1:9126
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9125/desktop_info?__dt=10315&__t=1728532351323
0.0.0.0 0 B URL GET 127.0.0.1:9125/desktop_info?__dt=10315&__t=1728532351323
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=10315&__t=1728532351323 HTTP/1.1
Host: 127.0.0.1:9125
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9127/desktop_info?__dt=23106&__t=1728532364114
0.0.0.0 0 B URL GET 127.0.0.1:9127/desktop_info?__dt=23106&__t=1728532364114
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=23106&__t=1728532364114 HTTP/1.1
Host: 127.0.0.1:9127
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9125/desktop_info?__dt=14594&__t=1728532355602
0.0.0.0 0 B URL GET 127.0.0.1:9125/desktop_info?__dt=14594&__t=1728532355602
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=14594&__t=1728532355602 HTTP/1.1
Host: 127.0.0.1:9125
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9126/desktop_info?__dt=18892&__t=1728532359900
0.0.0.0 0 B URL GET 127.0.0.1:9126/desktop_info?__dt=18892&__t=1728532359900
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=18892&__t=1728532359900 HTTP/1.1
Host: 127.0.0.1:9126
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9126/desktop_info?__dt=19952&__t=1728532360960
0.0.0.0 0 B URL GET 127.0.0.1:9126/desktop_info?__dt=19952&__t=1728532360960
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=19952&__t=1728532360960 HTTP/1.1
Host: 127.0.0.1:9126
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9125/desktop_info?__dt=23060&__t=1728532364068
0.0.0.0 0 B URL GET 127.0.0.1:9125/desktop_info?__dt=23060&__t=1728532364068
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=23060&__t=1728532364068 HTTP/1.1
Host: 127.0.0.1:9125
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9126/desktop_info?__dt=4493&__t=1728532345501
0.0.0.0 0 B URL GET 127.0.0.1:9126/desktop_info?__dt=4493&__t=1728532345501
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=4493&__t=1728532345501 HTTP/1.1
Host: 127.0.0.1:9126
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9125/desktop_info?__dt=9158&__t=1728532350166
0.0.0.0 0 B URL GET 127.0.0.1:9125/desktop_info?__dt=9158&__t=1728532350166
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=9158&__t=1728532350166 HTTP/1.1
Host: 127.0.0.1:9125
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9127/desktop_info?__dt=14657&__t=1728532355665
0.0.0.0 0 B URL GET 127.0.0.1:9127/desktop_info?__dt=14657&__t=1728532355665
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=14657&__t=1728532355665 HTTP/1.1
Host: 127.0.0.1:9127
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9125/desktop_info?__dt=19927&__t=1728532360935
0.0.0.0 0 B URL GET 127.0.0.1:9125/desktop_info?__dt=19927&__t=1728532360935
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=19927&__t=1728532360935 HTTP/1.1
Host: 127.0.0.1:9125
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9126/desktop_info?__dt=23094&__t=1728532364102
0.0.0.0 0 B URL GET 127.0.0.1:9126/desktop_info?__dt=23094&__t=1728532364102
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=23094&__t=1728532364102 HTTP/1.1
Host: 127.0.0.1:9126
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9127/desktop_share_visiting?pwd_id=d362d7bc924b&passcode=&__dt=4561&__t=1728532345569
0.0.0.0 0 B URL GET 127.0.0.1:9127/desktop_share_visiting?pwd_id=d362d7bc924b&passcode=&__dt=4561&__t=1728532345569
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_share_visiting?pwd_id=d362d7bc924b&passcode=&__dt=4561&__t=1728532345569 HTTP/1.1
Host: 127.0.0.1:9127
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET bjytly.tdum.alibaba.com/dss.js
47.254.177.101200 OK 52 B URL GET HTTP/2 bjytly.tdum.alibaba.com/dss.js
IP 47.254.177.101:443
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by https://uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
Certificate IssuerGlobalSign nv-sa
Subject*.alibaba.com
FingerprintDD:7F:4F:EB:01:41:A8:02:59:C5:4B:CD:12:26:60:E8:9D:C1:04:8E
ValidityWed, 13 Mar 2024 08:47:05 GMT - Mon, 14 Apr 2025 08:41:13 GMT
File type ASCII text, with no line terminators
Hash 046755cd0a458f31804599dcbcc7edfb
3c49a7c228c832bd0e9b56d86ac76a06795de997
421611dc8a128581656473cfe79324f8e7eb9d706bb4515d04b1c79962860c64
GET /dss.js HTTP/1.1
Host: bjytly.tdum.alibaba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uop.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 10 Oct 2024 03:52:32 GMT
content-type: application/javascript
server: Tengine
vary: Accept-Encoding
content-encoding: gzip
eagleeye-traceid: 211b88f117285323525117130e2b25
strict-transport-security: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
GET 127.0.0.1:9128/desktop_info?__dt=4645&__t=1728532345653
0.0.0.0 0 B URL GET 127.0.0.1:9128/desktop_info?__dt=4645&__t=1728532345653
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=4645&__t=1728532345653 HTTP/1.1
Host: 127.0.0.1:9128
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
POST track.lc.quark.cn/collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=b7b8bf19-97ab-5553-7700-9a0797206989&sid=409eab35-464e-b041-bde9-351b80cd6e8d&appid=29351a4155a4&dn=b7b8bf19-97ab-5553-7700-9a0797206989&ut=b7b8bf19-97ab-5553-7700-9a0797206989&ds=b7b8bf19-97ab-5553-7700-9a0797206989&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=0f844df0-86bb-11ef-8034-77a9fff62d0e&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.17&system_enter_type=others&pwdid=d362d7bc924b&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.17&auto_save=0&sharelink_source=other&computer_info_succ=0&webshare_to_native=quark&file_download_limit=C&pagetype=normal&tg=undefined&page=page_clouddrive_websharedetail&page_h5=page_clouddrive_websharedetail&function=share&stat_a=a2s0k&stat_b=websharedetail&refer=<=onlinetime&c_lt=onlinetime&page_time=4759&no_url_de=1&event_id=19999&spm=a2s0k.websharedetail.0.0&time=1728532350173
0.0.0.0 0 B URL POST track.lc.quark.cn/collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=b7b8bf19-97ab-5553-7700-9a0797206989&sid=409eab35-464e-b041-bde9-351b80cd6e8d&appid=29351a4155a4&dn=b7b8bf19-97ab-5553-7700-9a0797206989&ut=b7b8bf19-97ab-5553-7700-9a0797206989&ds=b7b8bf19-97ab-5553-7700-9a0797206989&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=0f844df0-86bb-11ef-8034-77a9fff62d0e&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.17&system_enter_type=others&pwdid=d362d7bc924b&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.17&auto_save=0&sharelink_source=other&computer_info_succ=0&webshare_to_native=quark&file_download_limit=C&pagetype=normal&tg=undefined&page=page_clouddrive_websharedetail&page_h5=page_clouddrive_websharedetail&function=share&stat_a=a2s0k&stat_b=websharedetail&refer=<=onlinetime&c_lt=onlinetime&page_time=4759&no_url_de=1&event_id=19999&spm=a2s0k.websharedetail.0.0&time=1728532350173
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=b7b8bf19-97ab-5553-7700-9a0797206989&sid=409eab35-464e-b041-bde9-351b80cd6e8d&appid=29351a4155a4&dn=b7b8bf19-97ab-5553-7700-9a0797206989&ut=b7b8bf19-97ab-5553-7700-9a0797206989&ds=b7b8bf19-97ab-5553-7700-9a0797206989&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=0f844df0-86bb-11ef-8034-77a9fff62d0e&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.17&system_enter_type=others&pwdid=d362d7bc924b&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.17&auto_save=0&sharelink_source=other&computer_info_succ=0&webshare_to_native=quark&file_download_limit=C&pagetype=normal&tg=undefined&page=page_clouddrive_websharedetail&page_h5=page_clouddrive_websharedetail&function=share&stat_a=a2s0k&stat_b=websharedetail&refer=<=onlinetime&c_lt=onlinetime&page_time=4759&no_url_de=1&event_id=19999&spm=a2s0k.websharedetail.0.0&time=1728532350173 HTTP/1.1
Host: track.lc.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BGRk2lUb39C1bSscYQKh4nLqNmtW_YhnTjS5cn6F8C_yKQTzpg1Y95qL7Rsx6sC_; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gOXqH_vO-XH5JwyUo3pwYAseGAOvIKzBoOT6jGjMcEYDCSCNaGsUDh_fjF5wrGLcCExMZh-h5tiDsFAwzUblcxT6nFmN5G1f7GEvjFbG7F1bVJsADdpgRF2QdiBJKpIN3d01qi3ulaVYdJsAmdpgRywChqQR2eTMIAxiqu-6XAvMjdqyrh-KsqbMIuryjH8inFDMrYxpvdYGSdqPqw8FItDyXIqBEPEw-bY6gejDzAuNU3AqMiYrIAXrdI8nCUkiIT-AVFKdtY2M-6QlZsfEmYO6eU8h4-g9q-5VBsuisID64eZz4X3Q42i_Xm7o6fdk238Qmoct6IxJ4eZz4fh9Z3KyRoqc.
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
GET fourier.taobao.com/ts?url=https%3A%2F%2Fpx.effirst.com%2Fapi%2Fv1%2Fjconfig%3Fwpk-header%3Dapp%253Dcy68jy8t-3i4dxwgn%2526tm%253D1728532344%2526ud%253D2a62dda3-cb54-4298-3fc4-ab4224be5f47%2526sver%253D2.3.22%2526sign%253Dc41e43c828c16c16a6eb1c9c1e68e8ce&token=BN3d6hRcZnvEpgJXQCWIGQP177DX-hFMHzvQ-Z-iGTRjVv2IZ0ohHKvAhNDQjSkE&cna=&ext=0
0.0.0.0 0 B URL GET fourier.taobao.com/ts?url=https%3A%2F%2Fpx.effirst.com%2Fapi%2Fv1%2Fjconfig%3Fwpk-header%3Dapp%253Dcy68jy8t-3i4dxwgn%2526tm%253D1728532344%2526ud%253D2a62dda3-cb54-4298-3fc4-ab4224be5f47%2526sver%253D2.3.22%2526sign%253Dc41e43c828c16c16a6eb1c9c1e68e8ce&token=BN3d6hRcZnvEpgJXQCWIGQP177DX-hFMHzvQ-Z-iGTRjVv2IZ0ohHKvAhNDQjSkE&cna=&ext=0
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ts?url=https%3A%2F%2Fpx.effirst.com%2Fapi%2Fv1%2Fjconfig%3Fwpk-header%3Dapp%253Dcy68jy8t-3i4dxwgn%2526tm%253D1728532344%2526ud%253D2a62dda3-cb54-4298-3fc4-ab4224be5f47%2526sver%253D2.3.22%2526sign%253Dc41e43c828c16c16a6eb1c9c1e68e8ce&token=BN3d6hRcZnvEpgJXQCWIGQP177DX-hFMHzvQ-Z-iGTRjVv2IZ0ohHKvAhNDQjSkE&cna=&ext=0 HTTP/1.1
Host: fourier.taobao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9127/desktop_info?__dt=19968&__t=1728532360976
0.0.0.0 0 B URL GET 127.0.0.1:9127/desktop_info?__dt=19968&__t=1728532360976
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=19968&__t=1728532360976 HTTP/1.1
Host: 127.0.0.1:9127
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
POST track.lc.quark.cn/collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=b7b8bf19-97ab-5553-7700-9a0797206989&sid=409eab35-464e-b041-bde9-351b80cd6e8d&appid=29351a4155a4&dn=b7b8bf19-97ab-5553-7700-9a0797206989&ut=b7b8bf19-97ab-5553-7700-9a0797206989&ds=b7b8bf19-97ab-5553-7700-9a0797206989&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=0f844df0-86bb-11ef-8034-77a9fff62d0e&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.17&system_enter_type=others&pwdid=d362d7bc924b&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.17&auto_save=0&sharelink_source=other&computer_info_succ=0&webshare_to_native=quark&file_download_limit=C&pagetype=normal&tg=undefined&page=page_clouddrive_websharedetail&page_h5=page_clouddrive_websharedetail&stat_a=a2s0k&stat_b=websharedetail&refer=&event_id=2001&sourcetype=directaccess<=pageview&c_lt=pageview&spm-cnt=a2s0k.websharedetail.0.0&no_url_de=1&spm=a2s0k.websharedetail.0.0&time=1728532348624
0.0.0.0 0 B URL POST track.lc.quark.cn/collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=b7b8bf19-97ab-5553-7700-9a0797206989&sid=409eab35-464e-b041-bde9-351b80cd6e8d&appid=29351a4155a4&dn=b7b8bf19-97ab-5553-7700-9a0797206989&ut=b7b8bf19-97ab-5553-7700-9a0797206989&ds=b7b8bf19-97ab-5553-7700-9a0797206989&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=0f844df0-86bb-11ef-8034-77a9fff62d0e&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.17&system_enter_type=others&pwdid=d362d7bc924b&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.17&auto_save=0&sharelink_source=other&computer_info_succ=0&webshare_to_native=quark&file_download_limit=C&pagetype=normal&tg=undefined&page=page_clouddrive_websharedetail&page_h5=page_clouddrive_websharedetail&stat_a=a2s0k&stat_b=websharedetail&refer=&event_id=2001&sourcetype=directaccess<=pageview&c_lt=pageview&spm-cnt=a2s0k.websharedetail.0.0&no_url_de=1&spm=a2s0k.websharedetail.0.0&time=1728532348624
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=b7b8bf19-97ab-5553-7700-9a0797206989&sid=409eab35-464e-b041-bde9-351b80cd6e8d&appid=29351a4155a4&dn=b7b8bf19-97ab-5553-7700-9a0797206989&ut=b7b8bf19-97ab-5553-7700-9a0797206989&ds=b7b8bf19-97ab-5553-7700-9a0797206989&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=0f844df0-86bb-11ef-8034-77a9fff62d0e&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.17&system_enter_type=others&pwdid=d362d7bc924b&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.17&auto_save=0&sharelink_source=other&computer_info_succ=0&webshare_to_native=quark&file_download_limit=C&pagetype=normal&tg=undefined&page=page_clouddrive_websharedetail&page_h5=page_clouddrive_websharedetail&stat_a=a2s0k&stat_b=websharedetail&refer=&event_id=2001&sourcetype=directaccess<=pageview&c_lt=pageview&spm-cnt=a2s0k.websharedetail.0.0&no_url_de=1&spm=a2s0k.websharedetail.0.0&time=1728532348624 HTTP/1.1
Host: track.lc.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BKKiEWeVMfrHHC0mU9z_-CDc8CEE86YNXOI_6Ow7zpXAv0I51IP2HSg962FDtB6l; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gu2KL_6czImCaTZ6mU1iZ06T2CIciWEUWyrXE40HNPUT4zhoNXmnebaISJcod24t20imV8vCa4Bs2mszdvale4Zq7p4lTbvJYRUvEpbFTu9-nY_cotX0YlMrFZcUpJCE80rsPZDgGEeiUY_cStX0Ykkzuy3e-aE1XDoDPYiQPc9s70oWR09CXlgZ5pOIF2i6f0ivFeaSFGEs70_eZ636AqJ8aDI4RgIxvL97BDhIhkgBFcytvX3bAQvWFnoK9qZI7Z7SE8GYRbePDdUTe4houX-Xcgyan-H4NE0xqBITFQRrOcoK4X9-PrV1-c3cvMdyafnZXqjOXQRrOcotoMIpaQltb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
GET 127.0.0.1:9126/desktop_share_visiting?pwd_id=d362d7bc924b&passcode=&__dt=4561&__t=1728532345569
0.0.0.0 0 B URL GET 127.0.0.1:9126/desktop_share_visiting?pwd_id=d362d7bc924b&passcode=&__dt=4561&__t=1728532345569
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_share_visiting?pwd_id=d362d7bc924b&passcode=&__dt=4561&__t=1728532345569 HTTP/1.1
Host: 127.0.0.1:9126
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
POST px.effirst.com/api/v1/jssdk/upload?wpk-header=app%3Dj7k7bn0u-4djxv8el%26cp%3Dnone%26de%3D1%26seq%3D17285323509461%26tm%3D1728532350%26ud%3Df665db1e-76ab-4595-9464-a60ce3736aee%26ver%3D%26type%3Dflow%26sver%3D2.3.23%26sign%3D9bf8a190ef82c5049df7b199c599c45b&uc_param_str=prveosfrnwutmisvbditcu
111.63.205.165200 OK 0 B URL POST HTTP/2 px.effirst.com/api/v1/jssdk/upload?wpk-header=app%3Dj7k7bn0u-4djxv8el%26cp%3Dnone%26de%3D1%26seq%3D17285323509461%26tm%3D1728532350%26ud%3Df665db1e-76ab-4595-9464-a60ce3736aee%26ver%3D%26type%3Dflow%26sver%3D2.3.23%26sign%3D9bf8a190ef82c5049df7b199c599c45b&uc_param_str=prveosfrnwutmisvbditcu
IP 111.63.205.165:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
Certificate IssuerGlobalSign nv-sa
Subject*.effirst.com
FingerprintBD:4C:8B:7D:E1:C8:6C:3F:5B:55:EB:D7:91:64:F4:3A:9E:86:47:CD
ValidityMon, 26 Aug 2024 03:21:05 GMT - Thu, 04 Sep 2025 00:00:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v1/jssdk/upload?wpk-header=app%3Dj7k7bn0u-4djxv8el%26cp%3Dnone%26de%3D1%26seq%3D17285323509461%26tm%3D1728532350%26ud%3Df665db1e-76ab-4595-9464-a60ce3736aee%26ver%3D%26type%3Dflow%26sver%3D2.3.23%26sign%3D9bf8a190ef82c5049df7b199c599c45b&uc_param_str=prveosfrnwutmisvbditcu HTTP/1.1
Host: px.effirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 717
Origin: https://uop.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://uop.quark.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Oct 2024 03:52:31 GMT
content-type: text/html; charset=utf-8
server: Tengine/2.1.3_400
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
content-encoding: gzip
X-Firefox-Spdy: h2
GET 127.0.0.1:9126/desktop_info?__dt=10363&__t=1728532351371
0.0.0.0 0 B URL GET 127.0.0.1:9126/desktop_info?__dt=10363&__t=1728532351371
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=10363&__t=1728532351371 HTTP/1.1
Host: 127.0.0.1:9126
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET pan.quark.cn/s/d362d7bc924b
203.119.175.188200 OK 11 kB URL User Request GET HTTP/2 pan.quark.cn/s/d362d7bc924b
IP 203.119.175.188:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Certificate IssuerGlobalSign nv-sa
Subject*.alibaba.com
FingerprintDD:7F:4F:EB:01:41:A8:02:59:C5:4B:CD:12:26:60:E8:9D:C1:04:8E
ValidityWed, 13 Mar 2024 08:47:05 GMT - Mon, 14 Apr 2025 08:41:13 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (9144), with no line terminators
Hash af7f725f28f0f23fbfceeca973f44b9f
321cd030eb4c64e4c05fc385c80e26fe2f36e7a5
5a22b0f412ed2c98d784d4c2d665a5235be73ffb02defef5c6cf0dc6ad73fb77
GET /s/d362d7bc924b HTTP/1.1
Host: pan.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 10 Oct 2024 03:52:21 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Origin
x-server-id: a132805fe77874e4b29c9334f3d6bf617efccfb643b4fef0f62a1d1c5235b4da4c427b5349595857c69a1e02a9ed5ad1
set-cookie: ctoken=7y0Lx8iuQ21wFnXH054SJIJO; path=/
cache-control: no-cache
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Mobile
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
strict-transport-security: max-age=31536000
x-readtime: 2
content-encoding: gzip
server: Tengine/Aserver
eagleeye-traceid: 213e363217285323418218988e8052
timing-allow-origin: *
X-Firefox-Spdy: h2
GET fourier.taobao.com/rp?ext=51&data=jm_null&random=7940118530461152&href=https%3A%2F%2Fpan.quark.cn%2Fs%2Fd362d7bc924b&protocol=https:&callback=jsonpCallback
0.0.0.0 0 B URL GET fourier.taobao.com/rp?ext=51&data=jm_null&random=7940118530461152&href=https%3A%2F%2Fpan.quark.cn%2Fs%2Fd362d7bc924b&protocol=https:&callback=jsonpCallback
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rp?ext=51&data=jm_null&random=7940118530461152&href=https%3A%2F%2Fpan.quark.cn%2Fs%2Fd362d7bc924b&protocol=https:&callback=jsonpCallback HTTP/1.1
Host: fourier.taobao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9125/desktop_info?__dt=17788&__t=1728532358796
0.0.0.0 0 B URL GET 127.0.0.1:9125/desktop_info?__dt=17788&__t=1728532358796
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=17788&__t=1728532358796 HTTP/1.1
Host: 127.0.0.1:9125
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9125/desktop_info?__dt=18854&__t=1728532359862
0.0.0.0 0 B URL GET 127.0.0.1:9125/desktop_info?__dt=18854&__t=1728532359862
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=18854&__t=1728532359862 HTTP/1.1
Host: 127.0.0.1:9125
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/2.js
163.181.131.243200 OK 67 kB URL GET HTTP/2 g.alicdn.com/uc-cloud-drive-web-system/cloud-drive-web/4.5.17/2.js
IP 163.181.131.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
FingerprintC8:28:74:DB:88:66:17:4F:5C:A5:AB:AD:F0:E1:14:74:AC:F8:FE:8F
ValidityWed, 19 Jun 2024 09:06:02 GMT - Mon, 21 Jul 2025 09:06:01 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash 8dde39a31d54bcfe6b792e2f9817d929
e78469e06d3f033f272c6746d38832b657b3de84
b66070ffc80f8b51570a0cd4d8251501d951f2fb7502f3ed864b0d1e528b9f68
GET /uc-cloud-drive-web-system/cloud-drive-web/4.5.17/2.js HTTP/1.1
Host: g.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 26015
date: Wed, 09 Oct 2024 08:27:20 GMT
vary: Accept-Encoding
x-oss-request-id: 67063E687314F535381CF59C
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17601257832465919148
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: jd45ox1UvP5reS4vmBfZKQ==
x-oss-server-time: 3
access-control-allow-origin: *
x-source-scheme: https
content-encoding: gzip
via: ens-cache3.l2de3[0,0,200-0,H], ens-cache11.l2de3[1,0], ens-cache11.l2de3[1,0], ens-cache8.de7[0,0,200-0,H], ens-cache7.de7[1,0]
age: 69908
ali-swift-global-savetime: 1728462440
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 09 Oct 2024 08:28:36 GMT
x-swift-cachetime: 86324
timing-allow-origin: *
eagleid: a3b5839b17285323481813199e
X-Firefox-Spdy: h2
GET 127.0.0.1:9125/desktop_info?__dt=12514&__t=1728532353522
0.0.0.0 0 B URL GET 127.0.0.1:9125/desktop_info?__dt=12514&__t=1728532353522
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=12514&__t=1728532353522 HTTP/1.1
Host: 127.0.0.1:9125
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9126/desktop_info?__dt=14638&__t=1728532355646
0.0.0.0 0 B URL GET 127.0.0.1:9126/desktop_info?__dt=14638&__t=1728532355646
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=14638&__t=1728532355646 HTTP/1.1
Host: 127.0.0.1:9126
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9130/desktop_share_visiting?pwd_id=d362d7bc924b&passcode=&__dt=4469&__t=1728532345477
0.0.0.0 0 B URL GET 127.0.0.1:9130/desktop_share_visiting?pwd_id=d362d7bc924b&passcode=&__dt=4469&__t=1728532345477
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_share_visiting?pwd_id=d362d7bc924b&passcode=&__dt=4469&__t=1728532345477 HTTP/1.1
Host: 127.0.0.1:9130
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9127/desktop_info?__dt=9286&__t=1728532350294
0.0.0.0 0 B URL GET 127.0.0.1:9127/desktop_info?__dt=9286&__t=1728532350294
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=9286&__t=1728532350294 HTTP/1.1
Host: 127.0.0.1:9127
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
POST track.lc.quark.cn/collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=b7b8bf19-97ab-5553-7700-9a0797206989&sid=409eab35-464e-b041-bde9-351b80cd6e8d&appid=29351a4155a4&dn=b7b8bf19-97ab-5553-7700-9a0797206989&ut=b7b8bf19-97ab-5553-7700-9a0797206989&ds=b7b8bf19-97ab-5553-7700-9a0797206989&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=0f844df0-86bb-11ef-8034-77a9fff62d0e&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.17&system_enter_type=others&pwdid=d362d7bc924b&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.17&auto_save=0&sharelink_source=other&computer_info_succ=0&stat_a=a2s0k&stat_b=activity&refer=<=onlinetime&c_lt=onlinetime&page_time=527&no_url_de=1&event_id=19999&spm=a2s0k.activity.0.0&time=1728532345414
0.0.0.0 0 B URL POST track.lc.quark.cn/collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=b7b8bf19-97ab-5553-7700-9a0797206989&sid=409eab35-464e-b041-bde9-351b80cd6e8d&appid=29351a4155a4&dn=b7b8bf19-97ab-5553-7700-9a0797206989&ut=b7b8bf19-97ab-5553-7700-9a0797206989&ds=b7b8bf19-97ab-5553-7700-9a0797206989&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=0f844df0-86bb-11ef-8034-77a9fff62d0e&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.17&system_enter_type=others&pwdid=d362d7bc924b&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.17&auto_save=0&sharelink_source=other&computer_info_succ=0&stat_a=a2s0k&stat_b=activity&refer=<=onlinetime&c_lt=onlinetime&page_time=527&no_url_de=1&event_id=19999&spm=a2s0k.activity.0.0&time=1728532345414
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect?uc_param_str=dndsfrpfbibdosvessbtbmnilauputogpintnwmtsvcppcprsnnnchmicckpua&uid=b7b8bf19-97ab-5553-7700-9a0797206989&sid=409eab35-464e-b041-bde9-351b80cd6e8d&appid=29351a4155a4&dn=b7b8bf19-97ab-5553-7700-9a0797206989&ut=b7b8bf19-97ab-5553-7700-9a0797206989&ds=b7b8bf19-97ab-5553-7700-9a0797206989&fr=unknown&ev_ct=clouddrive&fact_app_type=others&entry=default&project_id=quark-cloud-drive&login_status=0&platform=pc&sessionID=0f844df0-86bb-11ef-8034-77a9fff62d0e&wa_param_str=ucid%3A1%3B&ucid=&outerUuid=undefined&bundle_version=4.5.17&system_enter_type=others&pwdid=d362d7bc924b&ref_url=&chkey=&host=pan.quark.cn&fever=4.5.17&auto_save=0&sharelink_source=other&computer_info_succ=0&stat_a=a2s0k&stat_b=activity&refer=<=onlinetime&c_lt=onlinetime&page_time=527&no_url_de=1&event_id=19999&spm=a2s0k.activity.0.0&time=1728532345414 HTTP/1.1
Host: track.lc.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BJ-fpUrCBFGy8QBNbmsqA1UDLfopBPOmCU1SQzHsO86VwL9COdSD9h2Shsq-w8se; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gTa-w6bGLhcW16FXspsmxX_Y9nCGmuFzH8P6-vDkA-eYTJnnA0coJDwSnzmnPY2x9XGiOyY5YvQj9f1UP4whJvNZ3U2h4DYpare9-UXP4WTKS26GINbgaSgEROmzyzIrUXPjdO00fdUm826GnNbga7uUQ8HyqHFfMblMF2G7dZ1xOXvWAUwQGsHqO2MQd21YGwf12xOSQeEEw1y592HvReaxNbH_Mxhqgrh-2A_ZHeNukbn-C74k7aGs6lUxju15Vf3K37zm2esyQP4t7k9iBXxRMyteY0GqwXoWJvwgcTcxI_CJYHoxgjHGMsKeY0GqMAfRwH-EDj5..
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
GET 127.0.0.1:9129/desktop_share_visiting?pwd_id=d362d7bc924b&passcode=&__dt=4469&__t=1728532345477
0.0.0.0 0 B URL GET 127.0.0.1:9129/desktop_share_visiting?pwd_id=d362d7bc924b&passcode=&__dt=4469&__t=1728532345477
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_share_visiting?pwd_id=d362d7bc924b&passcode=&__dt=4469&__t=1728532345477 HTTP/1.1
Host: 127.0.0.1:9129
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9126/desktop_info?__dt=11490&__t=1728532352498
0.0.0.0 0 B URL GET 127.0.0.1:9126/desktop_info?__dt=11490&__t=1728532352498
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=11490&__t=1728532352498 HTTP/1.1
Host: 127.0.0.1:9126
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9126/desktop_info?__dt=13562&__t=1728532354570
0.0.0.0 0 B URL GET 127.0.0.1:9126/desktop_info?__dt=13562&__t=1728532354570
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=13562&__t=1728532354570 HTTP/1.1
Host: 127.0.0.1:9126
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9125/desktop_info?__dt=15677&__t=1728532356685
0.0.0.0 0 B URL GET 127.0.0.1:9125/desktop_info?__dt=15677&__t=1728532356685
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=15677&__t=1728532356685 HTTP/1.1
Host: 127.0.0.1:9125
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9127/desktop_info?__dt=4576&__t=1728532345584
0.0.0.0 0 B URL GET 127.0.0.1:9127/desktop_info?__dt=4576&__t=1728532345584
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=4576&__t=1728532345584 HTTP/1.1
Host: 127.0.0.1:9127
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET image.quark.cn/s/uae/g/3o/broccoli/resource/202204/212cfbb0-b639-11ec-a50f-c5f1520e6c71.png
0.0.0.0 0 B URL GET image.quark.cn/s/uae/g/3o/broccoli/resource/202204/212cfbb0-b639-11ec-a50f-c5f1520e6c71.png
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/uae/g/3o/broccoli/resource/202204/212cfbb0-b639-11ec-a50f-c5f1520e6c71.png HTTP/1.1
Host: image.quark.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Cookie: isg=BKKiEWeVMfrHHC0mU9z_-CDc8CEE86YNXOI_6Ow7zpXAv0I51IP2HSg962FDtB6l; b-user-id=b7b8bf19-97ab-5553-7700-9a0797206989; tfstk=gu2KL_6czImCaTZ6mU1iZ06T2CIciWEUWyrXE40HNPUT4zhoNXmnebaISJcod24t20imV8vCa4Bs2mszdvale4Zq7p4lTbvJYRUvEpbFTu9-nY_cotX0YlMrFZcUpJCE80rsPZDgGEeiUY_cStX0Ykkzuy3e-aE1XDoDPYiQPc9s70oWR09CXlgZ5pOIF2i6f0ivFeaSFGEs70_eZ636AqJ8aDI4RgIxvL97BDhIhkgBFcytvX3bAQvWFnoK9qZI7Z7SE8GYRbePDdUTe4houX-Xcgyan-H4NE0xqBITFQRrOcoK4X9-PrV1-c3cvMdyafnZXqjOXQRrOcotoMIpaQltb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9127/desktop_info?__dt=11500&__t=1728532352508
0.0.0.0 0 B URL GET 127.0.0.1:9127/desktop_info?__dt=11500&__t=1728532352508
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=11500&__t=1728532352508 HTTP/1.1
Host: 127.0.0.1:9127
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9127/desktop_info?__dt=13576&__t=1728532354584
0.0.0.0 0 B URL GET 127.0.0.1:9127/desktop_info?__dt=13576&__t=1728532354584
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=13576&__t=1728532354584 HTTP/1.1
Host: 127.0.0.1:9127
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9125/desktop_info?__dt=11478&__t=1728532352486
0.0.0.0 0 B URL GET 127.0.0.1:9125/desktop_info?__dt=11478&__t=1728532352486
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=11478&__t=1728532352486 HTTP/1.1
Host: 127.0.0.1:9125
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9126/desktop_info?__dt=15693&__t=1728532356701
0.0.0.0 0 B URL GET 127.0.0.1:9126/desktop_info?__dt=15693&__t=1728532356701
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=15693&__t=1728532356701 HTTP/1.1
Host: 127.0.0.1:9126
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9127/desktop_info?__dt=15710&__t=1728532356718
0.0.0.0 0 B URL GET 127.0.0.1:9127/desktop_info?__dt=15710&__t=1728532356718
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=15710&__t=1728532356718 HTTP/1.1
Host: 127.0.0.1:9127
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET px.effirst.com/api/v1/jconfig?wpk-header=app%3Dcy68jy8t-3i4dxwgn%26tm%3D1728532344%26ud%3D2a62dda3-cb54-4298-3fc4-ab4224be5f47%26sver%3D2.3.22%26sign%3Dc41e43c828c16c16a6eb1c9c1e68e8ce
111.63.205.165200 OK 120 B URL GET HTTP/2 px.effirst.com/api/v1/jconfig?wpk-header=app%3Dcy68jy8t-3i4dxwgn%26tm%3D1728532344%26ud%3D2a62dda3-cb54-4298-3fc4-ab4224be5f47%26sver%3D2.3.22%26sign%3Dc41e43c828c16c16a6eb1c9c1e68e8ce
IP 111.63.205.165:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://pan.quark.cn/s/d362d7bc924b
Certificate IssuerGlobalSign nv-sa
Subject*.effirst.com
FingerprintBD:4C:8B:7D:E1:C8:6C:3F:5B:55:EB:D7:91:64:F4:3A:9E:86:47:CD
ValidityMon, 26 Aug 2024 03:21:05 GMT - Thu, 04 Sep 2025 00:00:00 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with no line terminators
Hash aaf92d370743107a7596c44554e9607d
19806bec868e44e6fdf424d4fabdd286870b1671
c6440b1b61170a0c7acedcbc8afdb8bb23650b41f91a4aada844c9641ed8715b
GET /api/v1/jconfig?wpk-header=app%3Dcy68jy8t-3i4dxwgn%26tm%3D1728532344%26ud%3D2a62dda3-cb54-4298-3fc4-ab4224be5f47%26sver%3D2.3.22%26sign%3Dc41e43c828c16c16a6eb1c9c1e68e8ce HTTP/1.1
Host: px.effirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://pan.quark.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 10 Oct 2024 03:52:26 GMT
content-type: text/html; charset=utf-8
server: Tengine/2.1.3_400
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
content-encoding: gzip
X-Firefox-Spdy: h2
GET 127.0.0.1:9126/desktop_info?__dt=9261&__t=1728532350269
0.0.0.0 0 B URL GET 127.0.0.1:9126/desktop_info?__dt=9261&__t=1728532350269
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=9261&__t=1728532350269 HTTP/1.1
Host: 127.0.0.1:9126
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET px.effirst.com/api/v1/jconfig?wpk-header=app%3Dj7k7bn0u-4djxv8el%26tm%3D1728532350%26ud%3D71502a49-3a0f-44b4-1bf0-dc3c0f0ab37a%26sver%3D2.3.23%26sign%3Dc41e43c828c16c16a6eb1c9c1e68e8ce
111.63.205.165200 OK 120 B URL GET HTTP/2 px.effirst.com/api/v1/jconfig?wpk-header=app%3Dj7k7bn0u-4djxv8el%26tm%3D1728532350%26ud%3D71502a49-3a0f-44b4-1bf0-dc3c0f0ab37a%26sver%3D2.3.23%26sign%3Dc41e43c828c16c16a6eb1c9c1e68e8ce
IP 111.63.205.165:443
ASN #24547 Hebei Mobile Communication Company Limited
Requested by https://uop.quark.cn/cas/custom/login?custom_login_type=mobile&client_id=532&display=pc&chkey=&spm_b=websharedetail&stats_extra=page%3Dpage_clouddrive_websharedetail%40spmb%3Dwebsharedetail%40entry%3D
Certificate IssuerGlobalSign nv-sa
Subject*.effirst.com
FingerprintBD:4C:8B:7D:E1:C8:6C:3F:5B:55:EB:D7:91:64:F4:3A:9E:86:47:CD
ValidityMon, 26 Aug 2024 03:21:05 GMT - Thu, 04 Sep 2025 00:00:00 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with no line terminators
Hash db3f2a0b55070d209f108c9017bdc141
cf33ea7fafc2e556b6a88aad34c3b8faedad48d2
08f64f82f756d304d89d610c09ac062f123475f231ed738be3f387eacd7a62e1
GET /api/v1/jconfig?wpk-header=app%3Dj7k7bn0u-4djxv8el%26tm%3D1728532350%26ud%3D71502a49-3a0f-44b4-1bf0-dc3c0f0ab37a%26sver%3D2.3.23%26sign%3Dc41e43c828c16c16a6eb1c9c1e68e8ce HTTP/1.1
Host: px.effirst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://uop.quark.cn
DNT: 1
Connection: keep-alive
Referer: https://uop.quark.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 10 Oct 2024 03:52:31 GMT
content-type: text/html; charset=utf-8
server: Tengine/2.1.3_400
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
content-encoding: gzip
X-Firefox-Spdy: h2
GET 127.0.0.1:9126/desktop_info?__dt=12523&__t=1728532353531
0.0.0.0 0 B URL GET 127.0.0.1:9126/desktop_info?__dt=12523&__t=1728532353531
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=12523&__t=1728532353531 HTTP/1.1
Host: 127.0.0.1:9126
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9126/desktop_info?__dt=22034&__t=1728532363042
0.0.0.0 0 B URL GET 127.0.0.1:9126/desktop_info?__dt=22034&__t=1728532363042
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=22034&__t=1728532363042 HTTP/1.1
Host: 127.0.0.1:9126
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9128/desktop_share_visiting?pwd_id=d362d7bc924b&passcode=&__dt=4469&__t=1728532345477
0.0.0.0 0 B URL GET 127.0.0.1:9128/desktop_share_visiting?pwd_id=d362d7bc924b&passcode=&__dt=4469&__t=1728532345477
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_share_visiting?pwd_id=d362d7bc924b&passcode=&__dt=4469&__t=1728532345477 HTTP/1.1
Host: 127.0.0.1:9128
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9125/desktop_share_visiting?pwd_id=d362d7bc924b&passcode=&__dt=4561&__t=1728532345569
0.0.0.0 0 B URL GET 127.0.0.1:9125/desktop_share_visiting?pwd_id=d362d7bc924b&passcode=&__dt=4561&__t=1728532345569
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_share_visiting?pwd_id=d362d7bc924b&passcode=&__dt=4561&__t=1728532345569 HTTP/1.1
Host: 127.0.0.1:9125
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9127/desktop_info?__dt=18910&__t=1728532359918
0.0.0.0 0 B URL GET 127.0.0.1:9127/desktop_info?__dt=18910&__t=1728532359918
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=18910&__t=1728532359918 HTTP/1.1
Host: 127.0.0.1:9127
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9126/desktop_info?__dt=24131&__t=1728532365139
0.0.0.0 0 B URL GET 127.0.0.1:9126/desktop_info?__dt=24131&__t=1728532365139
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=24131&__t=1728532365139 HTTP/1.1
Host: 127.0.0.1:9126
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9127/desktop_info?__dt=16772&__t=1728532357780
0.0.0.0 0 B URL GET 127.0.0.1:9127/desktop_info?__dt=16772&__t=1728532357780
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=16772&__t=1728532357780 HTTP/1.1
Host: 127.0.0.1:9127
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 127.0.0.1:9127/desktop_info?__dt=17834&__t=1728532358842
0.0.0.0 0 B URL GET 127.0.0.1:9127/desktop_info?__dt=17834&__t=1728532358842
IP 0.0.0.0:0
Requested by https://pan.quark.cn/s/d362d7bc924b
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /desktop_info?__dt=17834&__t=1728532358842 HTTP/1.1
Host: 127.0.0.1:9127
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pan.quark.cn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache