Gen:Variant.Symmi.35853 (B) (Emsisoft), Gen:Variant.Graftor.23084 (AdAware), Trojan.Win32.FlyStudio.FD, Trojan.Win32.IEDummy.FD, GenericEmailWorm.YR (Lavasoft MAS)Behaviour: Trojan, Worm, EmailWorm
The description has been automatically generated by Lavasoft Malware Analysis System and it may contain incomplete or inaccurate information.
Summary
MD5: 16a363c83a1d29dd2a354649bfa8ffd2
SHA1: 4369d2b27db465b0fbd5fd92efeb0c357b6c6dd8
SHA256: 2be6f157ce9a6a3754bc299a617ec767887a470c1f29eff7efee98a9c84b9da1
SSDeep: 12288:Ej1Eh8MothJ9 3rLQulCGaE/q1pabEzD0Az:ES8dt/9yrkKCh14oD3
Size: 839680 bytes
File type: EXE
Platform: WIN32
Entropy: Not Packed
PEID: UPolyXv05_v6, MicrosoftVisualC, MicrosoftVisualCv50v60MFC, MicrosoftVisualC50, Armadillov171
Company: no certificate found
Created at: 2010-11-05 15:27:27
Analyzed on: WindowsXPESX SP3 32-bit
Summary: Trojan. A program that appears to do one thing but actually does another (a.k.a. Trojan Horse).
Dynamic Analysis
Payload
Behaviour | Description |
---|---|
EmailWorm | Worm can send e-mails. |
Process activity
The Trojan creates the following process(es):
%original file name%.exe:580
The Trojan injects its code into the following process(es):No processes have been created.
Mutexes
The following mutexes were created/opened:No objects were found.
File activity
The process %original file name%.exe:580 makes changes in the file system.
The Trojan creates and/or writes to the following file(s):
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini (67 bytes)
Registry activity
The process %original file name%.exe:580 makes changes in the system registry.
The Trojan creates and/or sets the following values in system registry:
[HKLM\SOFTWARE\Microsoft\Cryptography\RNG]
"Seed" = "09 96 65 86 D8 7A F2 C3 E0 17 A8 11 84 06 E4 79"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Cookies" = "%Documents and Settings%\%current user%\Cookies"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path2]
"CachePath" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\Cache2"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path1]
"CachePath" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\Cache1"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path3]
"CacheLimit" = "65452"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path1]
"CacheLimit" = "65452"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"History" = "%Documents and Settings%\%current user%\Local Settings\History"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths]
"Directory" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path4]
"CacheLimit" = "65452"
"CachePath" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\Cache4"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path3]
"CachePath" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\Cache3"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths]
"Paths" = "4"
[HKCU\Software\Microsoft\Windows\ShellNoRoam\MUICache\%Program Files%\Internet Explorer]
"iexplore.exe" = "Internet Explorer"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Cache" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path2]
"CacheLimit" = "65452"
The Trojan modifies IE settings for security zones to map all web-nodes that bypassing the proxy to the Intranet Zone:
[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]
"ProxyBypass" = "1"
The Trojan modifies IE settings for security zones to map all local web-nodes with no dots which do not refer to any zone to the Intranet Zone:
"UNCAsIntranet" = "1"
The Trojan modifies IE settings for security zones to map all urls to the Intranet Zone:
"IntranetName" = "1"
Dropped PE files
There are no dropped PE files.
HOSTS file anomalies
No changes have been detected.
Rootkit activity
No anomalies have been detected.
Propagation
Removals
Remove it with Ad-Aware
- Click (here) to download and install Ad-Aware Free Antivirus.
- Update the definition files.
- Run a full scan of your computer.
Manual removal*
- Terminate malicious process(es) (How to End a Process With the Task Manager):
%original file name%.exe:580
- Delete the original Trojan file.
- Delete or disinfect the following files created/modified by the Trojan:
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini (67 bytes)
- Clean the Temporary Internet Files folder, which may contain infected files (How to clean Temporary Internet Files folder).
- Reboot the computer.
Static Analysis
VersionInfo
Company Name: ?????
Product Name: ??DNF???
Product Version: 1.0.0.0
Legal Copyright: ??
Legal Trademarks:
Original Filename:
Internal Name:
File Version: 1.0.0.0
File Description: www.tongtong.com.cn
Comments:
Language: Language Neutral
Company Name: ?????Product Name: ??DNF???Product Version: 1.0.0.0Legal Copyright: ??Legal Trademarks: Original Filename: Internal Name: File Version: 1.0.0.0File Description: www.tongtong.com.cnComments: Language: Language Neutral
PE Sections
Name | Virtual Address | Virtual Size | Raw Size | Entropy | Section MD5 |
---|---|---|---|---|---|
.text | 4096 | 466758 | 466944 | 4.54466 | 745422ba2793f0779c4a31ca5acdd823 |
.rdata | 471040 | 181280 | 184320 | 2.81904 | 5a10c1d80c364e1426ca45f71bcd7669 |
.data | 655360 | 226090 | 61440 | 3.44739 | b16b40c5c33960e0dd4d769a0a9a6703 |
.rsrc | 884736 | 119336 | 122880 | 2.75692 | 03582068b950d96f74f35118513743fc |
Dropped from:
Downloaded by:
Similar by SSDeep:
Similar by Lavasoft Polymorphic Checker:
Network Activity
URLs
URL | IP |
---|---|
hxxp://shop.gds.taobao.com/ | |
hxxp://shop.gds.taobao.com/shop/noshop.htm | |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/s/kissy/1.1.6/kissy-min.js?t=20110524.js | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/p/header/header-min.css?t=20110506.css | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/p/header/header-v8-min.js?t=20110629.js | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tbsp/tbsp.css?t=20090602.css | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tbra/1.0/tbra-aio.js?t_1=1&t=201003241751.js | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tbra/1.0/assets/tbra.css?t=201003241751.css | 195.27.31.240 |
hxxp://www.gslb.taobao.com.danuoyi.tbcache.com/home/css/error.css | |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tbsp/img/header/logo.png | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i2/T1CCRNXmRFXXXXXXXX.png | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i4/T1POdHXh8cXXXXXXXX-489-90.png | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i2/T16WJqXaXeXXXXXXXX-32-32.gif | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i4/T1giRRXXNjXXXXXXXX.png | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/app/search/monitor.js?t=20100331.js | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i4/T1z3ypXcBkXXXXXXXX-50-50.jpg | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i1/T1I_56Xl0wXXXXXXXX-104-1.png | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i1/T1XgzaXX0kXXaXezbh-48-70.png | 195.27.31.240 |
hxxp://shuo.gds.taobao.com/ | |
hxxp://shuo.gds.taobao.com/highqualityshop/high_quality_shop.htm | |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/??kissy/k/1.4.2/seed-min.js,tb/global/3.1.5/global-min.js | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tb/global/3.1.5/global-min.css | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tb/phenix/0.0.2/header-min.css | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tb/ishopbook/0.0.8/g/page/found/index-min.css?t=20130925.css | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/t/font_1404888168_2057645.eot? | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/s/aplus_v2.js | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/apps/ishopbook/src/pkg/wgt/nav-v2/iconfont.eot? | 195.27.31.240 |
hxxp://count.gds.taobao.com/counter6?keys=TCART_234_17e002f6e58e45f8d59eecfe815ebe56_q&t=1412117811346&callback=jsonp0&t=1412117811346 | |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tb/phenix/0.0.3/header-v2-min.css | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i4/T17.GqXEFXXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i2/T1psWqXq4cXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i1/T1.qOqXElbXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i1/T1au1rXpNaXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/s/fdc/??spm.js,spmact.js?v=140619 | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i4/T1Jt5pXwxeXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i2/T1ToSpXtdcXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i2/T14xipXrheXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i4/T1GVuqXutdXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i1/T1bKarXqpaXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i3/T1aPSpXCNdXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i3/T1WzepXuXeXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i4/T1n1epXw8fXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i2/T1I2eGXudeXXcwqdnp-233-31.png | 195.27.31.240 |
hxxp://log.gds.mmstat.com/1.gif?logtype=1&title=%u5E97%u94FA%u52A8%u6001-%u53D1%u73B0%u597D%u5E97&pre=&cache=12a20d5&scr=1024x768&isbeta=4&spm-cnt=a310h.2220293.0.0.l7tB25&category=&uidaplus=&aplus | |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i2/T1iHqOXANXXXbjYjco-59-689.png | 195.27.31.240 |
hxxp://c.split.cnzz.com/c.php?id=30062430 | |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i1/T1pyCFXspgXXcSYPgT-81-164.png | 195.27.31.240 |
hxxp://gtms01.alicdn.com.danuoyi.tbcache.com/tps/i1/T1IJ8DFGpdXXc6EcHc-150-52.png | 66.102.255.40 |
hxxp://gtms01.alicdn.com.danuoyi.tbcache.com/tps/i1/T1ga4HFCJ3XXaSQP_X-16-16.png | 66.102.255.40 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i3/T1b1m3XkVpXXXXXXXX-32-32.gif | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tb/ishopbook/0.0.8/g/pkg/??global/index-min.js?t=20130925.js | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tb/ishopbook/0.0.8/g/page/??found/index-min.js?t=20130925.js | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tbc/??umpp/1.4.20/index-min.js | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/kissy/k/1.4.2/??dom/base-min.js,dom/ie-min.js,dom/class-list-min.js,dom/selector-min.js,event-min.js,event/dom/base-min.js,event/base-min.js,event/dom/hashchange-min.js,event/dom/ie-min.js,event/custom-min.js,io-min.js,promise-min.js,anim-min.js,anim/base-min.js,anim/timer-min.js,base-min.js,attribute-min.js,node-min.js,json-min.js,cookie-min.js | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/s/kissy/gallery/??datalazyload/1.0/index-min.js,kscroll/1.2/index-min.js | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/kissy/k/1.4.2/??overlay-min.js,component/container-min.js,component/control-min.js,component/manager-min.js,xtemplate/runtime-min.js,component/extension/shim-min.js,component/extension/align-min.js,component/extension/content-xtpl-min.js,component/extension/content-render-min.js,xtemplate-min.js,xtemplate/compiler-min.js | 195.27.31.240 |
hxxp://log.gds.mmstat.com/app.gif?&cna=MmqyDMhU6lECAbhrJiYFiPcH | |
hxxp://c.split.cnzz.com/core.php?web_id=30062430&t=q | |
hxxp://q4.cnzz.com/stat.htm?id=30062430&r=&lg=en-us&ntime=none&cnzz_eid=1516345071-1412135986-&showp=1024x768&t=undefinedundefinedundefinedundefinedundefinedundefinedundefinedundefinedundefined&h=1&rnd=1199409612 | 42.156.140.136 |
hxxp://shuo.gds.taobao.com/highqualityshop/high_quality_shop_more.htm?styleId=56&catId=4&page=2&startPoint=0 | |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tb/tracker/1.0.13/index.js | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tbc/??fixtool/1.3.0/index-min.css | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/s/kissy/gallery/??flash/1.0/index-min.js | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tbc/??fixtool/1.3.0/index-min.js | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/sd/data_sufei/1.1.8/aplus/index.js | 195.27.31.240 |
hxxp://pcookie.split.cnzz.com/9.gif?abc=1&rnd=37872731 | |
hxxp://pcookie.split.cnzz.com/app.gif?&cna=MmqyDMhU6lECAbhrJiYFiPcH | |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tbc/umpp/1.4.20/flash-post-message.swf | 195.27.31.240 |
hxxp://a1293.d.akamai.net/get/flashplayer/update/current/install/version.xml11.6.602.168~installVector=6&lang=en&cpuWordLength=32&playerType=ax&os=win&osVer=7 | |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i1/T1peCbFoJfXXc9zjvi-54-54.png | 195.27.31.240 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i3/T1twurXApXXXai.eUc-54-225.png | 195.27.31.240 |
hxxp://gtms01.alicdn.com.danuoyi.tbcache.com/tps/i2/T1mEW0FXVXXXc_GIzs-25-136.png | 66.102.255.40 |
hxxp://gtms01.alicdn.com.danuoyi.tbcache.com/tps/i4/T10ielFtVdXXbQPHYA-152-152.png | 66.102.255.40 |
hxxp://a.tbcdn.cn.danuoyi.tbcache.com/tps/i1/T19EqoXzBeXXaXezbh-48-70.png | 195.27.31.240 |
hxxp://g.tbcdn.cn/tb/ishopbook/0.0.8/g/page/??found/index-min.js?t=20130925.js | 195.27.31.240 |
hxxp://log.mmstat.com/1.gif?logtype=1&title=%u5E97%u94FA%u52A8%u6001-%u53D1%u73B0%u597D%u5E97&pre=&cache=12a20d5&scr=1024x768&isbeta=4&spm-cnt=a310h.2220293.0.0.l7tB25&category=&uidaplus=&aplus | 140.205.96.1 |
hxxp://img01.taobaocdn.com/tps/i1/T1bKarXqpaXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://img01.taobaocdn.com/tps/i1/T1XgzaXX0kXXaXezbh-48-70.png | 195.27.31.240 |
hxxp://g.tbcdn.cn/kissy/k/1.4.2/??overlay-min.js,component/container-min.js,component/control-min.js,component/manager-min.js,xtemplate/runtime-min.js,component/extension/shim-min.js,component/extension/align-min.js,component/extension/content-xtpl-min.js,component/extension/content-render-min.js,xtemplate-min.js,xtemplate/compiler-min.js | 195.27.31.240 |
hxxp://jie.taobao.com/ | 140.205.134.80 |
hxxp://a.tbcdn.cn/p/header/header-min.css?t=20110506.css | 195.27.31.240 |
hxxp://at.alicdn.com/t/font_1404888168_2057645.eot? | 195.27.31.240 |
hxxp://gtms02.alicdn.com/tps/i2/T1mEW0FXVXXXc_GIzs-25-136.png | 66.102.255.40 |
hxxp://g.tbcdn.cn/tbc/umpp/1.4.20/flash-post-message.swf | 195.27.31.240 |
hxxp://a.tbcdn.cn/p/header/header-v8-min.js?t=20110629.js | 195.27.31.240 |
hxxp://gtms04.alicdn.com/tps/i4/T10ielFtVdXXbQPHYA-152-152.png | 66.102.255.40 |
hxxp://img02.taobaocdn.com/tps/i2/T1CCRNXmRFXXXXXXXX.png | 195.27.31.240 |
hxxp://img01.taobaocdn.com/tps/i1/T1.qOqXElbXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://store.taobao.com/shop/noshop.htm | 140.205.152.99 |
hxxp://g.tbcdn.cn/tb/ishopbook/0.0.8/g/page/found/index-min.css?t=20130925.css | 195.27.31.240 |
hxxp://gtms01.alicdn.com/tps/i1/T1ga4HFCJ3XXaSQP_X-16-16.png | 66.102.255.40 |
hxxp://g.tbcdn.cn/tb/global/3.1.5/global-min.css | 195.27.31.240 |
hxxp://img02.taobaocdn.com/tps/i2/T1psWqXq4cXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://g.tbcdn.cn/tb/phenix/0.0.2/header-min.css | 195.27.31.240 |
hxxp://img02.taobaocdn.com/tps/i2/T1ToSpXtdcXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://a.tbcdn.cn/s/kissy/1.1.6/kissy-min.js?t=20110524.js | 195.27.31.240 |
hxxp://a.tbcdn.cn/s/fdc/??spm.js,spmact.js?v=140619 | 195.27.31.240 |
hxxp://img01.taobaocdn.com/tps/i2/T1iHqOXANXXXbjYjco-59-689.png | 195.27.31.240 |
hxxp://img04.taobaocdn.com/tps/i4/T1giRRXXNjXXXXXXXX.png | 195.27.31.240 |
hxxp://a.tbcdn.cn/tbra/1.0/assets/tbra.css?t=201003241751.css | 195.27.31.240 |
hxxp://a.tbcdn.cn/s/kissy/gallery/??flash/1.0/index-min.js | 195.27.31.240 |
hxxp://img02.taobaocdn.com/tps/i2/T14xipXrheXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://pcookie.taobao.com/app.gif?&cna=MmqyDMhU6lECAbhrJiYFiPcH | 140.205.96.1 |
hxxp://g.tbcdn.cn/tb/ishopbook/0.0.8/g/pkg/??global/index-min.js?t=20130925.js | 195.27.31.240 |
hxxp://g.tbcdn.cn/kissy/k/1.4.2/??dom/base-min.js,dom/ie-min.js,dom/class-list-min.js,dom/selector-min.js,event-min.js,event/dom/base-min.js,event/base-min.js,event/dom/hashchange-min.js,event/dom/ie-min.js,event/custom-min.js,io-min.js,promise-min.js,anim-min.js,anim/base-min.js,anim/timer-min.js,base-min.js,attribute-min.js,node-min.js,json-min.js,cookie-min.js | 195.27.31.240 |
hxxp://w.cnzz.com/c.php?id=30062430 | 1.99.192.14 |
hxxp://img04.taobaocdn.com/tps/i4/T1n1epXw8fXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://img02.taobaocdn.com/tps/i2/T1I2eGXudeXXcwqdnp-233-31.png | 195.27.31.240 |
hxxp://fpdownload2.macromedia.com/get/flashplayer/update/current/install/version.xml11.6.602.168~installVector=6&lang=en&cpuWordLength=32&playerType=ax&os=win&osVer=7 | 184.84.243.10 |
hxxp://c.cnzz.com/core.php?web_id=30062430&t=q | 42.120.219.6 |
hxxp://img01.taobaocdn.com/tps/i1/T1peCbFoJfXXc9zjvi-54-54.png | 195.27.31.240 |
hxxp://img02.taobaocdn.com/tps/i2/T16WJqXaXeXXXXXXXX-32-32.gif | 195.27.31.240 |
hxxp://pcookie.cnzz.com/app.gif?&cna=MmqyDMhU6lECAbhrJiYFiPcH | 42.120.219.171 |
hxxp://img04.taobaocdn.com/tps/i4/T1POdHXh8cXXXXXXXX-489-90.png | 195.27.31.240 |
hxxp://dongtai.taobao.com/highqualityshop/high_quality_shop_more.htm?styleId=56&catId=4&page=2&startPoint=0 | 140.205.152.86 |
hxxp://img03.taobaocdn.com/tps/i3/T1b1m3XkVpXXXXXXXX-32-32.gif | 195.27.31.240 |
hxxp://img01.taobaocdn.com/tps/i1/T1pyCFXspgXXcSYPgT-81-164.png | 195.27.31.240 |
hxxp://img04.taobaocdn.com/tps/i4/T1Jt5pXwxeXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://a.tbcdn.cn/tbra/1.0/tbra-aio.js?t_1=1&t=201003241751.js | 195.27.31.240 |
hxxp://img04.taobaocdn.com/tps/i4/T17.GqXEFXXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://www.taobao.com/home/css/error.css | 195.27.31.241 |
hxxp://count.tbcdn.cn/counter6?keys=TCART_234_17e002f6e58e45f8d59eecfe815ebe56_q&t=1412117811346&callback=jsonp0&t=1412117811346 | 140.205.135.67 |
hxxp://shop63216378.taobao.com/ | 140.205.134.242 |
hxxp://a.tbcdn.cn/tbsp/img/header/logo.png | 195.27.31.240 |
hxxp://cnzz.mmstat.com/9.gif?abc=1&rnd=37872731 | 42.120.219.171 |
hxxp://g.tbcdn.cn/tbc/??fixtool/1.3.0/index-min.css | 195.27.31.240 |
hxxp://img03.taobaocdn.com/tps/i3/T1aPSpXCNdXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://img04.taobaocdn.com/tps/i4/T1GVuqXutdXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://img01.taobaocdn.com/tps/i3/T1twurXApXXXai.eUc-54-225.png | 195.27.31.240 |
hxxp://img01.taobaocdn.com/tps/i1/T1au1rXpNaXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://a.tbcdn.cn/s/aplus_v2.js | 195.27.31.240 |
hxxp://g.tbcdn.cn/??kissy/k/1.4.2/seed-min.js,tb/global/3.1.5/global-min.js | 195.27.31.240 |
hxxp://a.tbcdn.cn/app/search/monitor.js?t=20100331.js | 195.27.31.240 |
hxxp://gtms01.alicdn.com/tps/i1/T1IJ8DFGpdXXc6EcHc-150-52.png | 66.102.255.40 |
hxxp://a.tbcdn.cn/s/kissy/gallery/??datalazyload/1.0/index-min.js,kscroll/1.2/index-min.js | 195.27.31.240 |
hxxp://img04.taobaocdn.com/tps/i4/T1z3ypXcBkXXXXXXXX-50-50.jpg | 195.27.31.240 |
hxxp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm | 140.205.152.86 |
hxxp://t.tbcdn.cn/apps/ishopbook/src/pkg/wgt/nav-v2/iconfont.eot? | 195.27.31.240 |
hxxp://img03.taobaocdn.com/tps/i3/T1WzepXuXeXXbCFbsb-100-100.jpg | 195.27.31.240 |
hxxp://g.tbcdn.cn/tbc/??fixtool/1.3.0/index-min.js | 195.27.31.240 |
hxxp://g.tbcdn.cn/tb/tracker/1.0.13/index.js | 195.27.31.240 |
hxxp://g.tbcdn.cn/tb/phenix/0.0.3/header-v2-min.css | 195.27.31.240 |
hxxp://g.tbcdn.cn/tbc/??umpp/1.4.20/index-min.js | 195.27.31.240 |
hxxp://g.tbcdn.cn/sd/data_sufei/1.1.8/aplus/index.js | 195.27.31.240 |
hxxp://img01.taobaocdn.com/tps/i1/T1I_56Xl0wXXXXXXXX-104-1.png | 195.27.31.240 |
hxxp://img01.taobaocdn.com/tps/i1/T19EqoXzBeXXaXezbh-48-70.png | 195.27.31.240 |
hxxp://a.tbcdn.cn/tbsp/tbsp.css?t=20090602.css | 195.27.31.240 |
s.tbcdn.cn | 195.27.31.241 |
login.taobao.com | 140.205.76.163 |
IDS verdicts (Suricata alerts: Emerging Threats ET ruleset)
Traffic
GET /s/kissy/1.1.6/kissy-min.js?t=20110524.js HTTP/1.1
Accept: */*
Referer: hXXp://store.taobao.com/shop/noshop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: a.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/x-javascript
Content-Length: 19706
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:33:48 GMT
Last-Modified: Wed, 07 Mar 2012 07:21:18 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Vary: Accept-Encoding
Via: cache7.l2cn201[0,304-0,H], cache14.l2cn201[1,0], cache1.de1[0,200-0,H], cache10.de1[0,0]
Content-Encoding: gzip
Age: 1543
X-Cache: HIT TCP_MEM_HIT dirn:5:857546816
X-Swift-SaveTime: Wed, 01 Oct 2014 03:33:48 GMT
X-Swift-CacheTime: 3600
............k....0..,......!j#.a...4m.x<N..q...{.e..H..B.$n.<......%.....u............j{.J.<J...,.....em...h..Oc'prg.........1[..j....$.....<_.B......./.z.^.M ..Q>fl......f7ko.h...o...f]....0.....Pb.].x...a..5.....T..Gg...z........C.}>j}........[=.>~g..c^>m....3u.}h..)a..?..................,..}?.z.....w. ...?....?GI...u......n.[...Y.........z.....h5..<...p..t?.... 'z4vt.n.c....j........g.........{.s6......4.=g..8=..V......=cl..3o.3..Q}}..q.O..}......&....yk.L.4..C...x=....83=.....<L.?...|..`..y._..<........Z.._.~.d..~..].T....xdG.\\..B..1,..#j..I.....2*......x.......c.g...3H.V.p...,...yy....vr.m...@a...7s..q....d....|8<..?z.r...z.....ZA8X..e...._.......U..|"=@.j.{@ .N..A.IX......l.=.-.1.nz....(....c..N..^y.....@V...v..,.Ji4fH. ..2._......|^B(1..#....Q2....B..w.T.......[.N...H..l....#uT.I5.v....{.2.n.....Q.g.`..........8ac.y... s...\h.,K3JI9................./.......U2...t2..N.Z.........%,...s...e.....y....b...p.,.... Qn......Gf.|...}..; ..g....|f./..3UDA/.V.....At...%A..0.~Q...2.'..O...8....D.fc.h.......q.._]...`..i........iJ5...:.-g..t..?f.P.Ji`.<..g..D.T....z?..0x*..s....N....1.AKLw../qIM....._.~...B5U..a@.VW.CR..U.[P.........?N.2..;..3g.D..P..RG.dX....].D$7.N...<.."1(..5.g.6...d8...c.n..J....^."(........ ]v,...`.O..r.4Z.....1P[;w`5..l5..(_......V./h...{Q..........&.._><t..v.....`.G..2..F..?./os......RuF.,....^..n...a..........I.q.....!.uf...K..!.#....D.U...|.\,.I..1.........r"...qn.\.Z...../...`J..t..\."..i4.B..T.T..u...)....Ny.1.ZEk.s.5.Z.D..........^ak.n.....A
<<< skipped >>>
GET /tbsp/tbsp.css?t=20090602.css HTTP/1.1
Accept: */*
Referer: hXXp://store.taobao.com/shop/noshop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: a.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: text/css
Content-Length: 3814
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:03:14 GMT
Last-Modified: Thu, 18 Nov 2010 05:40:21 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Vary: Accept-Encoding
Via: cache20.l2cn201[0,304-0,H], cache15.l2cn201[1,0], cache8.de1[0,200-0,H], cache10.de1[0,0]
Content-Encoding: gzip
Age: 3379
X-Cache: HIT TCP_MEM_HIT dirn:5:220495861
X-Swift-SaveTime: Wed, 01 Oct 2014 03:03:42 GMT
X-Swift-CacheTime: 3600
.................=@....X{@jx.|....K..~4......H.....0...H.Q-J.$....U.uvWw.......6K[.W.V#..u...?;?..[_.O...G'.......r.U....6....=#...N.....b.<=;Y[.].... ..>....-=......_.....[_.....$.f..e.}t...<..*..'|....QS\..n......C../...4..CY.T:.[T.nQ..v....nK. .....=E.)vO.{Z.]...-.K.u...............q...}.i.R.s..._>_Z.\|rqq=...j...K..j.....Y..Y......u..h?>....KsA0.^...n...:...........(y...E......o.#..5...........>0..D}3....ZW..H..... U.K....kTb...xb....'..=..A.. ..2h.@...)..>C.....OK.z...#./.?....w..(.vV....}..........4.j!>....}../..x.|x..=.....]...~.W...%>..(.a..v...nF...O.......5<.a!.`S..d..=w.VU..S{. .;.B_>...{n.........6b!..4Z..f...m.....z.j_...b...D.... .m....>..:.yD.!...avBuG.>\...T.o.0.>...x"Q:..s......y..^H!y...X..).J.,........5...]zD..7.~..|....P.I....O/...lJ..w.l.....\{..j.d...t............}*....}E......}...*.C.|6..&..1....'...%.. .q..a..I"...w...8......\.p.q.02H8h.....I.!......]B.z ..bU.t.<q..<f..^....T.%..En.}M.........lQv.`....A@.Gb*...&Z.V..aj......>k...<..H4..u..ML....Y........)D.6V..&..~.(......S~s.....6....T.G...[..&.C~`....vV.........wC~..).9@....[...@..XZ.).].`.S.s.h.......U. ^.. ...9...0D..q`-.b=......39.Q..#.:.C.J.G.. `6.u.......K.D.,UKs.'\(.. ....L. #...:....b.0.T..g..e. .7.n2..|.f.*....RN&...P=.x..:@.. ;;...q...I.\...H..:'S=..`.pJ3....H..B..=..b...^......K...........3R.N...'.4..4$.......[4(..)..i..MNh.&sx0.....i..".Cm$F.X.-S..-V.....vu&..@.W.5.Y...icBL...1.v&.D.|......@...j8..i_..H.^h.5.D....2.L.....P...........3..3%.4.....4.'.>....."s..,%........
<<< skipped >>>
GET /tbra/1.0/assets/tbra.css?t=201003241751.css HTTP/1.1
Accept: */*
Referer: hXXp://store.taobao.com/shop/noshop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: a.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: text/css
Content-Length: 491
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:53:24 GMT
Last-Modified: Thu, 27 May 2010 07:19:05 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Vary: Accept-Encoding
Via: cache25.l2cn201[0,304-0,H], cache25.l2cn201[0,0], cache1.de1[0,200-0,H], cache10.de1[0,0]
Content-Encoding: gzip
Age: 369
X-Cache: HIT TCP_MEM_HIT dirn:6:858572981
X-Swift-SaveTime: Wed, 01 Oct 2014 03:53:43 GMT
X-Swift-CacheTime: 3600
...........R.n.0....}i.(..nK$.._R..m..%C.s....}K.lH....H.s..............@:........d...U.6kq..9..!..Q.....CG.$..ZP.G4.u.ez...zX..r..*.7..l.4E.u.>...<.....F.-.6.m..8\.x"..1..:t......@k.(..!ct.....<...9.#.]*..xW:J.*.....l..p....L..4C%_..r62U.jJ.1..Q.*.9/.~..-.U......F>TU...)&..M..F8F..k K...*{.xR.p..L...=w.{.v.q........Y.8...#3'.~......j.p%iU..*.......5.eB...[]C........75VO.u.C....WJ..,..cN.)S[m.g/.....4M....`;..W.V...oO.:]b<..VUH.Ij......n..[4...-..Mo@..N.....o.C..q..@4l.a.....{~.<.`.h.......
GET /app/search/monitor.js?t=20100331.js HTTP/1.1
Accept: */*
Referer: hXXp://store.taobao.com/shop/noshop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: a.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/x-javascript
Content-Length: 2578
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:37:56 GMT
Last-Modified: Thu, 02 Sep 2010 07:30:34 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Vary: Accept-Encoding
Via: cache19.l2cn201[1,304-0,H], cache1.l2cn201[1,0], cache9.de1[0,200-0,H], cache10.de1[0,0]
Content-Encoding: gzip
Age: 1299
X-Cache: HIT TCP_MEM_HIT dirn:2:321022763
X-Swift-SaveTime: Wed, 01 Oct 2014 03:37:56 GMT
X-Swift-CacheTime: 3600
...........Y.o.8..^..C*..i....].{.......K..`{.Z.m%.(S..9[....z.J...@.....g~. .........J..8....`\.-Y...s..........d..H.. lJ...%Nw^.0g2.D."...3.g.\.H8>[. r.....63.9sJ^.z{..6....tM...5.B.......CDL"."i.>...{0...1..lz.......k#.ti.8J.....tF`4Y.X.......Gat.......B..g.8....w~9.........y..........=.....y.r....ua|... \....;%3T3........'.`z...........F.w.U...%<._..kB...L.>p.....<.>.r>..m<V5.U.^.f..q..H......@.......OL....3..P..O1...wF......[ ...?B:6;b.....h.w.t.T|.)>......5K.(..(.p....f..qr....u..aX.)(......=@..9..uq..Qj8..C D.FLQ...s.41.8...}..s...D.....p.!.^... .....$I~%KZ..,.f/.."....^"..!p..].....j...<y.tK.(.......Pm.....i4..!?>V..0.....emV.U6;qq0..[i.hm..J.?....].o.q.k......".......-.Z).. .. ./A"hD...me. ../......u8....u.pq.9.X4.v..e...0.^Q.W.X..Q.%.D......n....*.....Y%(E...".y.r......O.)....I..v..y.O...;.........0...s7.ow.d}.v|_..........Li5..iC.."..&\..'.E....a.]B#..D...>..K...!.x...4.....I...t..r.$...j.6s .tB.m.0.r..0.z.:KC..JV..5'.AX...[....B$~....g....Q<.....Q 9.rJ..4E....YM..[...Yq=....O16Q..._>~.5 (...7..b.Y2....R..?c..@J.......kR_.D........m....".?/....=.sGS.x.2.......3U&_' I...J|...9S....G.5.w..A<.......t@.yi^X.......=..;.,J..u.@n.%;.Ngv....Y. $.."*F..^....`.nDKWZ......muV.D8..9IDE.....z...(BO..$=.....F-{K..a............\k.....i0..%R.ft.("-...Y..6e.}3........Ev..9D.....?.N.3:(..........V.r........,..f.S..Q...........x..|U..^..Vi.6...|...q\._I.r....VAc.\..........W$... .(.......C ..A...j....fX._..[......m%....X.).9.U..:p..'.{....c..g*..L....Xb.. .E.Z4".#Tc#..w .../
<<< skipped >>>
GET /s/fdc/??spm.js,spmact.js?v=140619 HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: a.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/x-javascript
Content-Length: 5446
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:35:31 GMT
Last-Modified: Thu, 28 Aug 2014 02:43:25 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Vary: Accept-Encoding
Via: cache23.l2cn201[0,304-0,H], cache23.l2cn201[0,0], cache4.de1[0,200-0,H], cache10.de1[0,0]
Content-Encoding: gzip
Age: 1454
X-Cache: HIT TCP_MEM_HIT dirn:0:118839362
X-Swift-SaveTime: Wed, 01 Oct 2014 03:35:31 GMT
X-Swift-CacheTime: 3600
...........Z...6.. .....F.q..............nN.LA.$q,..E.F..~_.|..H..j.....F$A.h...n.............O:.n..n...Vm...4.#....')K...L.(.yi..'*]'..%...j..........L..K.=...H.s.M..7..FCH...3..F.U..z5c.@.]/..x,.U,...gK...9Ui/M.p.N._}d.=....8.....#w.N..~e}..R.M.:...hI.-.8.Z.7..PwZAQ9.!.q\kPYY`[.]a4V..'.i.-$..N..cGS.].K.O..e...6.G.*H...Dn.......2....m..'=V!.b...w..3......v.).ML.\."...P.^$g..A..X=. ..n6.X.Z1U.x.r..3>.}9..b...W...........,..A.$...AF....ZEJ.....#1VA<V?.|s./.q..........o....%..8W...s.........(..93%..;h....X..5}.H..J%V9.Z..[...K..j9.S.x..C!m..0.0.@"$..w...........5.s.Gc...6..0..\k.)3S..L....3.s.^j..a.t.....W'.J.a$...b.w"..3.....Q..8.7J....:)..U... !...).I.2.......$.|x..U..&J7.U..G.;..B.....D...L.......Z...........P.\..2...r....{##.i.....F.R..l.!0.w]g..K<w.._.1...6..}.yG.I..$.T...c......hz..oJ.~'.Ys2....o......_|.L7&2.......a.o,Vn-d...C-).$.?q..L..o..I.TI..c...p.F:PC....p._..G]..:6Tt.>#.h..$S..c.qU..J......@m...K..D:H.d.....y.?.&'&|....b4.*..WE:g....O...D......l.#`:....}V..G..nC...1c*..a....Dzz~p ...>..E. sA^D...6F..D.....O.~.........E..Ok.l}sas..o....\...j.}.).....n...9.....T......<y..S..v.....iT...=..0.........M.1.._..K..6..Z).)".....".F%I.3/c&. Z..G...D$.?m......x.-h......[.....N*f....m.6...6.}.<[-...~...m......6v.......V,Q..&.....>}xw%...v..PZ^....{v.i.G..O;p.Q.o.G..(.$....o:.Hq.dn.........u..@:^...)......k...W"..h9..[.0&)...j|...jvK.5......O.H...4..p...&..CNo...U....{.:"R.L..|.W..K.....%.K.Q......h...9.......s..8.x.8$.].E....E<..=.....(Q.#<.\gP..G..X@.p....!...o<X...dU.....j....
<<< skipped >>>
GET /s/kissy/gallery/??flash/1.0/index-min.js HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: a.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/x-javascript
Content-Length: 1824
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:03:19 GMT
Last-Modified: Tue, 18 Dec 2012 08:10:13 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Vary: Accept-Encoding
Via: cache28.l2cn201[0,304-0,H], cache19.l2cn201[0,0], cache8.de1[0,200-0,H], cache10.de1[0,0]
Content-Encoding: gzip
Age: 3388
X-Cache: HIT TCP_MEM_HIT dirn:7:223508040
X-Swift-SaveTime: Wed, 01 Oct 2014 03:03:19 GMT
X-Swift-CacheTime: 3600
...........W}o....?..f.G.h..\...^P...h..M..x.@..D[..I./.......8w....8.............F...Jx...i.g.Jg.:.E.R...B....nJU.....q.4-.T..i0'{UV@....Am....?%W.....'D.......6Z{.D'.#.s......l...9.....<..<W.]..5..y.s...fo..=/G[6....L.V.>:c.L. .!R0..yd.....O..nKS..i.H.T!.T.....&..B.5.Ys..1@....P.Rok......P....]$.S..2.U..O..?.(...zf..>........t.d.....U.S.X.D....(.^.......W?...=....<dz..).p.=(.g`m.....%;....\....p..2.jqKR.....7_.C..l......'I.o....I......].@.,.!..C"pc.....D..I....9..O.E.^@.*... .aD.9...N.w........|.8...T.^.<.."....:...g....h0.gH....N..HK...G.....T...B........T5.F. G5..|..b..P...2.....T.5...a..[Z.....9..x......44......B^j..UN...X*..qD...t...wKd.s..0n......>_.....)...x..!.....M.r.k|<...3..k8.W..e-...]..@...>......I....F....cj2.s.%6.x..lU.....4.iir...q.H2p.............T..jUvv....*G/.Y....j.YI......c.....|..R.f............H.....Z..`..H.a..-Z..Au!........el......g..t1.\.G.)=...(..X1.@......~...d-.B..CI.....l..}...w^D.8./C....< ..............?.n...N.4G...j..2.HJ.s .......`.db.......{.`\....h..@.8.D>..."......<...&O& .....!_>[X....SF....m....BlWw.........m.......C...f0..2^.Y.........h.b.I^...E>[{1.....m &p..@..\....r.FN...O.|.}1}........9.C...c.U.x...._.N..".k.. ...P...N.hx......^..W..1..2t.|....E.....^..:.F.[.z. .N..%Dv.C|.v.i.m.f..Uj.......... .....X./..n...3........&'T....'D.1...v....n.b..D..{1..H.R..3[......#Y`L..e.b...iK.9.....1.cD(..g...n.....D.........."..........&..O].T(...{. o..Z.x...........0.P@...J.N`!..>.A.....&...".......i,...>.t..`.v..K..>i.X.ue.w..W....Y
<<< skipped >>>
GET /tps/i4/T10ielFtVdXXbQPHYA-152-152.png HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: gtms04.alicdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 3001
Connection: keep-alive
Date: Tue, 26 Aug 2014 10:30:30 GMT
Last-Modified: Wed, 12 Mar 2014 02:44:13 GMT
Expires: Fri, 23 Aug 2024 10:30:30 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache19.l2sg1:81, cache5.us1[0,200-0,H], cache6.us1[0,0]
Age: 3086960
X-Cache: HIT TCP_MEM_HIT dirn:6:808649642
X-Swift-SaveTime: Tue, 26 Aug 2014 10:30:30 GMT
X-Swift-CacheTime: 315360000
.PNG........IHDR................v....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<...KIDATx..]{.\U....w.;...K.-........i.1...D@..%.`..Q".h..?L...>j......h......R0V..BI..-..}.v......s<g.]f.........u.Ng.........;.... ........"x...!..*f..G ....d.R.FH......4..&.......Nj5..p./.,.[U..?.*u..m.E..r.I.t8j$R ...U.3U....&I/.D..7....N..t8j$R "*.j.%..6IwW#v.n...%.\m......@A"j.F...I...0.@.t.).......aj.. ...l....%..^F.B.........rj-.C.......x.2.f2..zSV:.5...QM ..cSe.....ZU.D.. . G.DjE. ...?...jv;...9Z.6..N..Z1...'.Js.VD................)D.. 4..5...Q.^...`x.....dE.b7O........H.H.VDT.VI.1q.e..%g.[..%...T....5.....D.1.Pu.gO..H.k{.......<.I..]S.........<..Q5#S.h...../.....5...H.VDT.VU....\..[r......K2.hT..5.S.H.VDT.Uu.%.J...0a!U^.l.]..N..)..H.VD.'.d.N..Z.....1?..hi.!I>..p.H.V...Q...n.T...[...\i.!`b..c*.. ."j.Z.9V...N!.<.F.b.3.~..8@}(d!?.rc./...^%.........E. "L&.<..W.........`.._o..#.....H...]..........m....?..-.n..e ..F........].r.EAvtv.]~5.......]..LP....d.VrV..~..(7b.*..z9..-.-..G.U y.^...pe...........<.. .....82..d0%H/.N..cB/z....h. W..F..{...yH/.7.%JF...?..V..s@\..i....F.3;\.N........Bn..ZG^.=......s.........m..v...C0|.^.....^.z.An0...[# `...............a....g......x...h.....pj/....'..../...-.O..>y.\q#..M.......iw....G.....9..k^..............e.'..)......m0.....:...x..(.#4....h.s.]B........\T......w?.8..w...b.,..0...\\....a1{.....;.vn.#..Y!.r.......W|F...<O.dv....3.....~.U....._87..k....t.I..N..C.c$IZ....I...s.i...y..1..2...[..P....{{;...cAR.J.f.P..=...~p....w..}.).._..mv.../ofc=...C<.=Xz.
<<< skipped >>>
GET /app.gif?&cna=MmqyDMhU6lECAbhrJiYFiPcH HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: pcookie.cnzz.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 01 Oct 2014 03:59:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
P3P: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
Set-Cookie: cna=MmqyDMhU6lECAbhrJiYFiPcH; expires=Sat, 28-Sep-24 03:59:48 GMT; path=/; domain=.cnzz.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Pragma: no-cache
GIF89a.............!.......,...........L..;..
GET /app.gif?&cna=MmqyDMhU6lECAbhrJiYFiPcH HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Cookie: uc1=cookie14=UoW28XHzO5gErA==; v=0; cookie2=100b7929c8e64ac2ae1435c07276fd09; t=17e002f6e58e45f8d59eecfe815ebe56; _tb_token_=36176305f5e00
Connection: Keep-Alive
Host: pcookie.taobao.com
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 01 Oct 2014 03:59:46 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
P3P: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
Set-Cookie: cna=MmqyDMhU6lECAbhrJiYFiPcH; expires=Sat, 28-Sep-24 03:59:46 GMT; path=/; domain=.taobao.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Pragma: no-cache
GIF89a.............!.......,...........L..;..
GET /tps/i2/T1CCRNXmRFXXXXXXXX.png HTTP/1.1
Accept: */*
Referer: hXXp://store.taobao.com/shop/noshop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img02.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 1053
Connection: keep-alive
Date: Thu, 04 Sep 2014 13:38:46 GMT
Last-Modified: Thu, 14 Oct 2010 03:53:37 GMT
Expires: Sun, 01 Sep 2024 13:38:46 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache4.l2sg1[0,200-0,H], cache32.l2sg1[1,0], cache4.de1[0,200-0,H], cache1.de1[0,0]
Age: 2298048
X-Cache: HIT TCP_MEM_HIT dirn:2:238890905
X-Swift-SaveTime: Sun, 28 Sep 2014 16:48:43 GMT
X-Swift-CacheTime: 313275003
.PNG........IHDR...x...F.....0..=....PLTE.......r..v.....x..}..............p........{..t.....n..l.....g.................p......................nnn................t..}...........r..w...........t.....q........t.................}......T.u..t.VVV.......w.sss.y..n..{..................Q.....?jjj....._.....................fffhhhggg..U.f...........................).........lll..H................y....qqq.........ooo......}}}...yyy....o......O.......................Piii..f(....tRNS.@..f...$IDATx^..5..A.....j.f.3........e(.Q.L'.%S.;.1.y..... ..g.r.....cQ./x..K.?gU...xB.!.......Dk}......Y.$............G#.5.M_.k}..vz. ....Q...4.p2r..A:}.&..a.~....c.)...CO.u.4.....VY8 E,BY).......-..9|.W...Z...\....p..w$WQ.b.E._?.........s.../...$....{D......[1.........6.a.u......^.~i..Ui\..$...c<<.xn.?.o-.[..^.#Y...*...d.......U@.v.`;?. 9;.....1;p......[28N.L....Z.k;%...3....=..i.Z...-.0M..B.;`.....].v..i6=..s`.'>.$..s......FI..!.p.=..!.dR#$...l..H....^.@....m}.d].....I..rb..'.U%.9....Y..._BN...."-.\.@.u./|.V..Z....9....a......&H........X,...b.xK.*&u....m....IEND.B`.....
<<< skipped >>>
GET /tps/i2/T16WJqXaXeXXXXXXXX-32-32.gif HTTP/1.1
Accept: */*
Referer: hXXp://store.taobao.com/shop/noshop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img02.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/gif
Content-Length: 3223
Connection: keep-alive
Date: Thu, 11 Sep 2014 15:20:29 GMT
Last-Modified: Tue, 15 Dec 2009 02:34:17 GMT
Expires: Sun, 08 Sep 2024 15:20:29 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache27.l2sg1[0,200-0,H], cache35.l2sg1[1,0], cache5.de1[0,200-0,H], cache1.de1[1,0]
Age: 1687145
X-Cache: HIT TCP_MEM_HIT dirn:7:5487438
X-Swift-SaveTime: Sun, 28 Sep 2014 16:59:01 GMT
X-Swift-CacheTime: 313885288
GIF89a . .......333............^^^VVV.........JJJ666.........!.......!.2Built with GIF Movie Gear 4.0Made by AjaxLoad.info.!..NETSCAPE2.0.....,.... . ......Iia....bK.$.F...R.A.T.,..2S.*05//.m.p!z...0...;$.0C....I*!.HC(A@.o...!39T5.\.8)....`....d..wxG=Y..g...wHb..v.A=.0.V\.\.;........;...H.........0..t%.Hs..rY<H...........b..Z.b.OEg:...GY]..=.A.OQ.s....\b.h.9.=sg...c..e....*....f.7D..!.......,.... . ......IiY....YF5..F...R...Tb.G.J.....L..d...&.Ymx........ \...@........ ....1..&R....H..4.1Q..|V..%.z.v...#j0....l.Gg{0~..<.<..[.[.h.x..G...y.........[.0....G.....P.z...h.....kz..i....y....h|z.h.G...V.........\h..[.........&. ..W.7.8...!..!.......,.... . ......I)1....1G5d].(..R...T2..jL.{..< .[.5.M....0..)... L...I...m..E..`....p..U....^f.%..^.......u.;..zz.}0.X....S0.ew.y.k<..%..O.......z..{....|......%......F.i.1..0.......Y.....8.x.....z..@....<................8..Y<.......8...\.P.$...!......!.......,.... . ......I.....g.EU... ..R.a.TB.......p>'...e..$.."...\.#E1C.n......~...J.,..,Aa.....Uw^4.I%P....u.Q.33.{0..i1T.G.gw.y}%..%'R............=...........3..G.%..p..0.....JRo.5...0I..myk...x...T._}.(....^..yK..s.....>i_.%...n.=.....q.4e.-M..D..!.......,.... . ......I)*...')E.d]......PR.A..:!..zr....bw..%6."G.(d$["...J...Fh....a..Q.P.`p%.../BFP\cU...?T.t.W/p..G&OtD.a_.s.y.lD'M......q..tc.........b..2..D...M...:........d..%.......4%s)....u...E3.....YU....t......D.$.JiM.<.Y.;......d<. O..tX.<q' .B....!.......,.... . ......IiR...."J% ......EQZ.......Ld...-Y....h..k.Q.|...5.u...4Y.I........
<<< skipped >>>
GET /tps/i2/T1psWqXq4cXXbCFbsb-100-100.jpg HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img02.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 7047
Connection: keep-alive
Date: Wed, 24 Sep 2014 16:39:36 GMT
Last-Modified: Fri, 26 Apr 2013 14:49:02 GMT
Expires: Sat, 21 Sep 2024 16:39:36 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache28.l2sg1[0,200-0,H], cache7.de1[0,200-0,H], cache1.de1[1,0]
Age: 559209
X-Cache: HIT TCP_MEM_HIT dirn:3:156266497
X-Swift-SaveTime: Sun, 28 Sep 2014 16:50:37 GMT
X-Swift-CacheTime: 315013739
......JFIF.....H.H.....C....................................................................C.......................................................................d.d............................................I.............................!"2.#1B..3AQR$Sabqr..CL..........&5Ds....................................@.........................#..."23!1A.BCb4RSa..$Qcqr....%...................?...m.>.]...t.oLn.y.n..b........z.....l........X.M]O.?..G............F.m>.?.....G.......x.H......9"i...4._...'...N?id.._.Q/..M.gJ....>......K...s.D. T/.z....jx..p...Q...L..:7.@..4[.9....y....;.3.l.V...e....g.R.!./x....3..Z-.6..3.).5MAM..)..2......X!.&..<.......;....Mh.....LNu0.03U..O5..)6&..T..-5}L.Ky8s..u9......)b!tS.J.Q.........eXQ..RI*....f.%$...).a..Z...\.{.......4Vu.j..V......W)..e..W....V.`..n....... ...w....}.....}cz UM....~.b..7....A....!.F..8..w..![f.X]O6>T...........I.....8.7ij...|>.#..V.J.....V.T;..`,..SM..F.....|c...J.i!..H.F...h.....S....A1..gx..mgG...Y......X...Xo..........rM......k9.mk26....p........0{J|..s...v.sj...%.......M........"^\M../.@=....K.l@.......I...-.!....q..jp2...a=.e..u(. .u.....$*.....Pn1.L.. F..:1K.oL)..um..il..R.K...RFzJ...].3L.qB..4..|.]...vC-....%g^2....$.....6.L.;D....j.='........~md7..;K..G...?......'x.,.....k.....F.P.<(..T....`l.Q._......?...K..slK.....J.&.......7..............W...q.....{........\..V.I.M.QK.&.....|.......vW..\/....W.......1t.7.:X].Pq.....x...c.7.%-I.!.(M...c...j.:&."zg......=z.&..{fy.r].(.{./.3)...kAGIC.P.......!.k&.#.3UW..f.CR.94......1.j:....T.>.es
<<< skipped >>>
GET /tps/i2/T14xipXrheXXbCFbsb-100-100.jpg HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img02.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 5015
Connection: keep-alive
Date: Wed, 10 Sep 2014 16:56:29 GMT
Last-Modified: Fri, 26 Apr 2013 14:48:56 GMT
Expires: Sat, 07 Sep 2024 16:56:29 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache35.l2sg1[0,200-0,H], cache5.l2sg1[1,0], cache2.de1[0,200-0,H], cache1.de1[0,0]
Age: 1767796
X-Cache: HIT TCP_MEM_HIT dirn:0:323101591
X-Swift-SaveTime: Sun, 28 Sep 2014 16:50:37 GMT
X-Swift-CacheTime: 313805152
......JFIF.....H.H.....C....................................................................C.......................................................................d.d............................................E............................."2.!#B..13Rb$AQqr..CSa..&4Dc..........................................6.......................#...3$..."24ACRb!1BQSaq.5cr..............?.j.)q...\...ve8...-.D!...(.....oH.....%/5p...5.?X."jc.\8O........1.h...{..[-.....h.5.p......A57fR......D..d...P..\..6.j^...-.9..\A......;.].9v....V.n.o.............../....b...,....G.wW.....K...%y'|._..Mf.$3..A..}7..L..E..p.&....?i.(.$p....vl.......u`....8.lIN.......N9...e.>....m.,...=..\..x.)...Op.., ..F..s.bO0...W.9..m...p....v..%.Q!..X'....w|...o..O'.....R.2.m/....e*....{..7.8c.o.o,-.;.q.r.n1.5.=..{..h...`.l|B..............l...OA/oc....../..V...........\...a..].. ...!o}g.].........!...$B....X.>.....>....%.9G\.'.g....hi....u....[..).-.....r..>_..|A.......q..........eyd.2..Bf....57%.*.w@.........g.........<k..Z../..K,....M.U.?f39e/..#.*.K...d{...C..i..si.4@m....N.N....pe...Rr..<..H.$}...G.{..?Df.........@..*.n....O...`.7rC.$...)#..?......l..3....Vvn../.8.U..o.~x.?..v..w.Z...Xp.....c]S.C.!..j.QML..t.Pj...>l...FWR.P.G...G.>.=....H.......Z......).n............G.G.*..hf.f.......uj;..].)7[6.N.S.....wwiQ..Q.....S..f.u......[...%.M.{~r.........E.p.B.6..4-J.3TSs...2.a./...&..z..I.m.> L3.THyH..2.=.....uH.t....GK.-..S....Ju.D...$.>...Q.."......Wb......?........B..6.!......Y.kOe...j..Z}r<`...S@..|..<w.d.......H..|*..
<<< skipped >>>
GET /tps/i2/T1I2eGXudeXXcwqdnp-233-31.png HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img02.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 1210
Connection: keep-alive
Date: Thu, 04 Sep 2014 09:46:42 GMT
Last-Modified: Wed, 15 May 2013 06:29:26 GMT
Expires: Sun, 01 Sep 2024 09:46:42 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache25.l2sg1, cache7.de1[0,200-0,H], cache1.de1[0,0]
Age: 2311984
X-Cache: HIT TCP_MEM_HIT dirn:0:789144579
X-Swift-SaveTime: Wed, 10 Sep 2014 18:14:34 GMT
X-Swift-CacheTime: 314811128
.PNG........IHDR.............5"......tEXtSoftware.Adobe ImageReadyq.e<...3PLTE...............~~~............nnn............vvv...}(&.....IDATx..X...6........"..l...v.E.l........h...<H........A..!U.?.....k3}....g,.w'.~.E?X.Hm.gCt....?.%...T.K^..*.. Hd.......Z.H....Q!/W$.j.X.%a..P..H..K.X. ......y.X...' L76......r.,....s..\..1.?W.i...i...I...X.......t......{l.....?Xn.kB....T....B..I.l..^.Jp....h.gf"........dum.....an.|.6.0.j9#E..gq|%...'.......E..6'.h......i.......5..T...f..mS.&.z&QNK.]-g...}....Q....#..w...%..FU1...p...........R..........m...t..A.#...]-wH.....xo........[.N.T.......T..^...G.96TE..H....6......lt.maT.'...R.1...E.V.l...hm.......UDX..L..).$r........cr.Z..\...i..?t.. .l.`....Q.k.....}.......~.......)..fG.x.Q.n.y..8.8..&...K..;}....j.a..*g...z.......}..j..$.....N..".T.Y.GN...)2.M....D9q..HNC6.`.$G.5.'..)...;...%-..E.}..J?....e.....:.AD....>.i..|.8Q9#...)c.$L...W..i.*7t.XS..b....T%L0..c8.V.yi#.d.X:.[-j....Q*...{...V........Ds..{..W.E....}...{d........Rt...o.a5ndu9#.........J%R.(..",.}B. ..Fz...6.I....>.ec..xg.*....L/......?....q....R}.. .2...S..4.g....[..x.c#.......ww...^}.](....`.0oE.....U..........mZ...?....]..oG.,.,.......7....G.)._...x...x.B..... }.>H....._.......geH.....IEND.B`...
<<< skipped >>>
GET /tps/i1/T1I_56Xl0wXXXXXXXX-104-1.png HTTP/1.1
Accept: */*
Referer: hXXp://store.taobao.com/shop/noshop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img01.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 212
Connection: keep-alive
Date: Sat, 06 Sep 2014 13:42:42 GMT
Last-Modified: Sun, 14 Oct 2012 05:51:49 GMT
Expires: Tue, 03 Sep 2024 13:42:42 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache11.l2sg1[0,200-0,H], cache10.l2sg1[1,0], cache2.de1[0,200-0,H], cache6.de1[0,0]
Age: 2125013
X-Cache: HIT TCP_MEM_HIT dirn:6:699690931
X-Swift-SaveTime: Sun, 28 Sep 2014 16:49:14 GMT
X-Swift-CacheTime: 313448008
.PNG........IHDR...h.................pHYs...H...H.F.k>...aIDAT......@ ..@...$J...2.$..!. .@...!.$i.1&$.(.y^..q^.UU.M...u}?..(...yY.R..m.~.Zkc.y^....8........_=...4....tEXtSoftware.Adobe ImageReadyq.e<....IEND.B`.....
GET /tps/i1/T1.qOqXElbXXbCFbsb-100-100.jpg HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img01.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 5963
Connection: keep-alive
Date: Wed, 24 Sep 2014 16:35:30 GMT
Last-Modified: Fri, 26 Apr 2013 14:48:56 GMT
Expires: Sat, 21 Sep 2024 16:35:30 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache11.l2sg1[0,200-0,H], cache16.l2sg1[1,0], cache6.de1[0,200-0,H], cache6.de1[0,0]
Age: 559455
X-Cache: HIT TCP_MEM_HIT dirn:5:520854864
X-Swift-SaveTime: Sun, 28 Sep 2014 16:57:48 GMT
X-Swift-CacheTime: 315013062
......JFIF.....H.H.....C....................................................................C.......................................................................d.d.............................................E............................."..!#2B.1R.3Aab.$CQr.4q..%5ST..s......................................7.......................#...23C..!"$AB.14c..QRbs...5r.............?..l.n.Z.....j.....,.V....,....#$[..Hg&.uL.U.R..#SH....u...L}...j.^O..7N-.......M4..de_......... ,<..G..]...V..H.....@GJ.z.k...P1.....LOW/^!#/MO.u........./....h.m..._...cu9..`L..8......g$mu...V......S....=D_....u...?mcy..r.[n[....W.......~.Z.&...........Mf.o...?.........:W...8.85g...pA..V....>..P3eo......$..T.R.O...q...nw.K.?..0.`.........&l.i..S..Bw....($.#]E*....".e.........k....){.X.x......{...ce...o(..~. .w).i.Z...b.J.[..n.iLnj..t..|D:...{>..=.G(..AC..E.Sn.W..u........m......t.S.....`.......Up.8.O.<..U..<#r. ......0..U4.(_!.p.C.@R.Dq.qH(...L...P.....X$U..'.._R.Xj..;.k.p.*v...;d.i..uK..RxIFBA..^E@.4.P>.1"...E......s$....=.=.6..YU\.........v.....5.....q....i....E[.... _MX2.b~.].. .....3..s.m....[.G.;/.(..M.....k.7.k.z=Xg.9L.....sJ..>.0.s.A.22_2.;^-tK..bW..V2.AgL..b.RI..S...B.G..a.-*.V...^&...!k...w..h....U....I.!o.8.j...(}iW..V.L...m...J..~l...`...k...}......V..i4........U0.X.I.~.77..<'-.........f.<...Uq`..I........Qb..Z...U..L..Q-.....t_....N_....Q...@2J=..6..eV..<P..^...F.)........@..6..ov9e.{......'.<...q.........>......N1...Xi.>Z.pgq...O.J...y>....T.Y.....z...b..'.'.=...... .d.ldsp.b....;8..y
<<< skipped >>>
GET /tps/i1/T1bKarXqpaXXbCFbsb-100-100.jpg HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img01.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 4404
Connection: keep-alive
Date: Sun, 28 Sep 2014 16:58:31 GMT
Last-Modified: Fri, 26 Apr 2013 14:48:55 GMT
Expires: Wed, 25 Sep 2024 16:58:31 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache32.l2sg1[0,200-0,H], cache30.l2sg1[0,0], cache5.de1[0,200-0,H], cache6.de1[1,0]
Age: 212474
X-Cache: HIT TCP_MEM_HIT dirn:1:997631677
X-Swift-SaveTime: Sun, 28 Sep 2014 16:59:38 GMT
X-Swift-CacheTime: 315359933
......JFIF.....H.H.....C....................................................................C.......................................................................d.d.............................................H.............................."2.!B..#13Ab$CQRSaqr..c......4.5Ds......................................(........................#.123C.."r..$A............?..$..>..xW..{.O.......5.. ...@.s..c...,.\..U..7x..E.UD..1..... 7^.l......)..g/..-....O7^rb.Y..7STS,...@..]..*.Z.x.cl.d.)..o.....3..!I|....4R7..S.....{.3...6.. .'.IG..)..... K.....y.Zs...j....GG..C.2...@S.....I...^....M.)......i.:....#....IL..3...[nv.3...uQ..[[.C7#..=L..sP...=.[.sO...4....av.]...s..W.L?I..N.5.:.'...b..R..a.9..'.6..p..Ho^T.-.a@p]2....8.q..F.?.2.K.74..k`gRU.TANV.>..i..O.R..TKQ.}..o.].M&.<^......n...O*jOp..~..z......q...EjH9.!SV..Z).................Pf*Q..=]jk.X{4...M..R.....;...6...l..dl....T....... ).ox.w..a 5.I......C..C.(...@.7%A....&..#.0....B...7.Vj...eJl....)...'9.C&v...,...X..T....I....E......KII.F^|....:....8..ej..,....]../..E.......r.o..ty...tu=..=....tR,..b.[.6*.:..PY]..U>.....j(......~....p..n.y...O.Sx../. ...F...~ZO..W.....r.SV.Rm...S.."uy.........S..oW............j.jCz...V.[h..E).KM..9.H..r.........Wd...p.g-...Q..q.....1?Qo..a....[.......:...y.y..v.........O......:c...p....<.h._..44.6sDg..bU...4.<......{...[*q.....C|..m).6M.-.'......~...v..dK..5.......7.......*E$.............9~.%..t.OR.k,.L#..s.G/e.>...u..k.\.L....W.F...O.x.Oh......}..I.b...O.n?.\....pFl..../.9x.$.h.Up....QI...b]..Da...S..<.E..].x3\...
<<< skipped >>>
GET /tps/i1/T1pyCFXspgXXcSYPgT-81-164.png HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img01.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 1730
Connection: keep-alive
Date: Sat, 20 Sep 2014 00:35:57 GMT
Last-Modified: Wed, 15 May 2013 06:29:10 GMT
Expires: Tue, 17 Sep 2024 00:35:57 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache34.l2sg1[0,200-0,H], cache4.l2sg1[1,0], cache1.de1[0,200-0,H], cache6.de1[0,0]
Age: 962629
X-Cache: HIT TCP_MEM_HIT dirn:4:727456899
X-Swift-SaveTime: Sun, 28 Sep 2014 16:57:48 GMT
X-Swift-CacheTime: 314609889
.PNG........IHDR...Q...........2.....tEXtSoftware.Adobe ImageReadyq.e<...8PLTE...........@..I......................................b.....Z...........]..............Z........7...........W..w.................u........n..D..{...........j...........B..R..M..e...........h.....B..n...........l..@.....g.....K.................T...........9........a.....{..~..s..G........K.................5.............htRNS...........................................................................................................K....IDATx....v.8.@ev.!..a....!;.d...Iz..}......`....,UY2.3.....{.%U.J...2{....7.8.........).J........w.B..D.......t.!..0.F.w..T..`.n\.P..u..rF..U ..?..?....Hq|,...=.e/.3.,R<. .../..o.N.."u.bd..pM..W.j\..Y.f<.2..5V.RF......q<i.SY......1.3f|K.yk7.........*H..#..q.g/Na....X..[`}........emd.8.z..l....1..8..1.r);0^....K.....c.7(9.=..."ec`..b..?o..I...1.N!....g../-c.d.g.......o...l!i...B...-........_....e.e....R.2r....MX....e...e.o/X,.".e.....$8.}..T%.w.......A<.Hn..Ph4.{.K...q....]...#......} y.E...q...k..|..)Pt@u....6.c..z....=.q.........3..gI.....{]......W8s-< ..O.A/..~..=...`g|. ..uQ......o..W.=.....G...M....{.5[..v.....E......)=..eV.^..a..w.0... .,.).......V*.G..|...8..=..!)#...l.p;F\.s......H....E..H..>.9G.F=. .u.1TdP.!.1.18ZNl|.p....U..........g#.07.J..A.s./.`.2.T..7.{6..sL..]cH.2j.;."..8i.1Yb.F..6...q..3g7.M.Q#6c.. zk..^1..i.....Q...7k.R...4.E..GF.4.~..Fw.....8......d`.....K........J.}_...H...3..y.y.|H....1. ....w..'.1.2.=XI. A. .==4...)<........q./....U..iZF^.<.(!.YF.T....%..e,#?..
<<< skipped >>>
GET /tps/i1/T1peCbFoJfXXc9zjvi-54-54.png HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img01.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 638
Connection: keep-alive
Date: Sat, 20 Sep 2014 00:35:58 GMT
Last-Modified: Thu, 22 Aug 2013 04:59:38 GMT
Expires: Tue, 17 Sep 2024 00:35:58 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache19.l2sg1[0,200-0,H], cache35.l2sg1[0,0], cache8.de1[0,200-0,H], cache6.de1[0,0]
Age: 962631
X-Cache: HIT TCP_MEM_HIT dirn:1:81402681
X-Swift-SaveTime: Sun, 28 Sep 2014 16:59:41 GMT
X-Swift-CacheTime: 314609777
.PNG........IHDR...6...6.......5.... cHRM..z%..............u0...`..:....o._.F....pHYs.................vpAg...6...6.N.......IDATH..V.n.0......6........l....(.R....o.....|.....>...'2l..S...O..c.:..\V.]o.kD.(....f.k...j}.........nL. :En'..5..@.$..8..OI2.]...7r.....F."...=$..%. ..7Z.....H.@...\4".b.GX9.6HA.Y-...vg..e].$t...(.}....].....Ts{.5.........t.`...."\...b._<.WA....uk.......aP_..:..dR.V.>.[o..j.N...&.62.......\D=,~.>o.r..\... ..~.FmzQi../2..[3j3.e.].'mk! `..A.n.s.!nrk.....;.)..R."L.<..s.&]N..|.....el{.}.....7L..HZ.k.......%tEXtdate:create.2013-08-22T11:39:04 08:00..#j...%tEXtdate:modify.2013-08-22T11:39:04 08:00|.......IEND.B`.....
GET /tps/i1/T19EqoXzBeXXaXezbh-48-70.png HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img01.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 847
Connection: keep-alive
Date: Tue, 09 Sep 2014 16:53:30 GMT
Last-Modified: Fri, 26 Apr 2013 13:17:07 GMT
Expires: Fri, 06 Sep 2024 16:53:30 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache18.l2sg1[0,200-0,H], cache19.l2sg1[0,0], cache1.de1[0,200-0,H], cache6.de1[0,0]
Age: 1854383
X-Cache: HIT TCP_MEM_HIT dirn:5:727423579
X-Swift-SaveTime: Sun, 28 Sep 2014 16:58:43 GMT
X-Swift-CacheTime: 313718087
.PNG........IHDR...0...F........i....tEXtSoftware.Adobe ImageReadyq.e<...`PLTE....................................................................................................... tRNS................................\\.....YIDATx....z. ..WA...96.F....*...../.$...,.......k..j.............@m.' k...F-..{.T[[..Y....P.Uh-......N~..>.....F..wK:`.Wi..|$.....A~..#..(..............o.../.["5..........0R....@........h..|. #...@4.\...#....xo..|..3...o....@...q.....q........@.S.My.|u..c.....N..7..*.J..k......L..e.f.\3j..6..6.E."P.UY......
GET /c.php?id=30062430 HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: w.cnzz.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 01 Oct 2014 03:59:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 01 Oct 2014 03:59:46 GMT
Expires: Wed, 01 Oct 2014 05:29:46 GMT
1f7a..(function(){function l(){this.c="30062430";this.O="q";this.K="";this.H="";this.J="";this.o="1412135986";this.M="q4.cnzz.com";this.I="";this.q="CNZZDATA" this.c;this.p="_CNZZDbridge_" this.c;this.C="_cnzz_CV" this.c;this.s="1";this.v={};this.a={};this.ia()}function g(a,c){try{var b=[];b.push("siteid=30062430");.b.push("name=" f(a.name));b.push("msg=" f(a.message));b.push("r=" f(h.referrer));b.push("page=" f(d.location.href));b.push("agent=" f(d.navigator.userAgent));b.push("ex=" f(c));b.push("rnd=" Math.floor(2147483648*Math.random()));(new Image).src="hXXp://jserr.cnzz.com/log.php?" b.join("&")}catch(e){}}var h=document,d=window,f=encodeURIComponent,k=decodeURIComponent,p=unescape,q=escape;l.prototype={ia:function(){try{this.R(),this.G(),this.fa(),this.D(),this.l(),this.da(),this.ca(),this.ga(),this.i(),.this.ba(),this.ea(),this.ha(),this.$(),this.Y(),this.aa(),this.na(),d[this.p]=d[this.p]||{},this.Z("_cnzz_CV")}catch(a){g(a,"i failed")}},la:function(){try{var a=this;d._czc={push:function(){return a.w.apply(a,arguments)}}}catch(c){g(c,"oP failed")}},Y:function(){try{var a=d._czc;if("[object Array]"==={}.toString.call(a))for(var c=0;c<a.length;c ){var b=a[c];switch(b[0]){case "_setAccount":d._cz_account="[object String]"==={}.toString.call(b[1])?b[1]:String(b[1]);break;case "_setAutoPageview":"boolean"===.typeof b[1]&&(d._cz_autoPageview=b[1])}}}catch(e){g(e,"cS failed")}},na:function(){try{if("undefined"===typeof d._cz_account||d._cz_account===this.c){d._cz_account=this.c;if("[object Array]"==={}.toS
<<< skipped >>>
GET /tps/i1/T1XgzaXX0kXXaXezbh-48-70.png HTTP/1.1
Accept: */*
Referer: hXXp://store.taobao.com/shop/noshop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img01.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 2678
Connection: keep-alive
Date: Wed, 24 Sep 2014 16:37:21 GMT
Last-Modified: Sat, 28 Apr 2012 03:04:32 GMT
Expires: Sat, 21 Sep 2024 16:37:21 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache17.l2sg1[0,200-0,H], cache15.l2sg1[1,0], cache4.de1[0,200-0,H], cache5.de1[0,0]
Age: 559334
X-Cache: HIT TCP_MEM_HIT dirn:7:238755622
X-Swift-SaveTime: Sun, 28 Sep 2014 16:49:41 GMT
X-Swift-CacheTime: 315013660
.PNG........IHDR...0...F........i....tEXtSoftware.Adobe ImageReadyq.e<....PLTE....t...&.g...(.R..xL..........V..j.........k................B..I......7.\......g.=..L.....R..Q...V..E..).$..a.....I..{...H.C.....3........x*.......P..:..:..X%..x.R..\............{.e...).M.....I..Z......].o..|..............e...........]..j......X.2..w..V....... ..........g.*..u.....7.....g...i.......v7..x..B....a......O.c..6......=.u..S...w....^...l....2...O..vJ#..`..B...c...kox.z%A......t...*....z...{..=.......,..X.....[.....i;....s..\..W..oI.J..L........k.r.........$..g...E.K.....r&.l.....c.g......g..|8.{...Z.h.....[...M.U..T.....j".$...;.D.....z..r..t......h.h..{..p..G.....|.....g..'.cQU.O..&.....k..U..............;..D........./naZ..!.......c*.A..f_y3*.....\.............V.<36.........................H!.b..7...`.}...v.Q..U........za..w.a..}..N..^..................tRNS................................................................................................................................................................................................................................................................S..%....IDATx...y@.g..pPS....@..%.TP..A...a".y.Y...i...WZBfebj&.....Q.giM-\....Z..V;...B..z.............._.......w..=.8..r....m.}2'..?..0..Sm.`.0..F...Mg..............l..$...f..AW.n._r..........^6.E'..i.$.......[".I ..$6Tk.7..2..`..DM5...g./1j.."....z.`...../.&.Q...........P..f..d2.(# hp9.yAm...G.1.!..pQ..{Z?..$......T...#.-.5A.X2,...-P....$..*. ..-.$.q8"....j..=../.^.....{.l...!!;g.Y@.x.$.....Z%.}...<........
<<< skipped >>>
GET /tps/i1/T1au1rXpNaXXbCFbsb-100-100.jpg HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img01.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 6789
Connection: keep-alive
Date: Sat, 20 Sep 2014 00:35:57 GMT
Last-Modified: Fri, 26 Apr 2013 14:49:02 GMT
Expires: Tue, 17 Sep 2024 00:35:57 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache18.l2sg1[0,200-0,H], cache30.l2sg1[0,0], cache4.de1[0,200-0,H], cache5.de1[0,0]
Age: 962628
X-Cache: HIT TCP_MEM_HIT dirn:5:238931796
X-Swift-SaveTime: Sun, 28 Sep 2014 16:49:53 GMT
X-Swift-CacheTime: 314610364
......JFIF.....H.H.....C....................................................................C.......................................................................d.d.............................................I..............................!".#2B.13ARb.$Qar...CS....q..MTcd......................................>.......................#.....23."1C!ABSb.$QRaqr....45...................?.oR..n..,..r:;..}..gao..x.o........'&{...*...3.....-.S....r...6.<x.vmv...'.j...iX.z...o.zd...c...-.&.>.N...O....Eg..8.8.i4nf..9......p..h...............Z..'.j[.Rh.?l.6h..s'...`.PB*.c.E....v..e......A...GTo..;...,..)..0o..E..Z:.6..i.....da.72O.M.n.-......D]Ln.....EU.U.]&..-. ..}...Z.6CZgy-4.{%....87..G.5c..;...."-.W0pN..........S X....x.&..11[.0.....n7.)...6.iu@\?^R.zZP.u...Y.....l.V..TH.p..[.9'..<X8.zM.....f.....R...e.n.?.z..m^....pLb".............Zj.w._...|......"..9z.8.@-....q....>.B...5.s.nNVi-25......s.y.....B...I.f;.RV.jd...'..q7.......-4....x...v...Rs..UA.@G.p..:.-4.....y..nd.y>..a..$.....NP.@.Qj"..Z........EI..E.. *...UCKw..NX..Lj....T5.E8..kZ=)..VK.cJ...Qp..W......*...#1JB...' .......[%..9....S...jXl.....X.Du1VRgy.D....Yy5y2u6.....RS....)....k.......8Q... &.6$z.......;XD.$tA. c.8..H.J....ly..vqE.......].\.p.....K6m...%P......~z.O...(..L...|.....1.....R..M.T.....j..Y...KU...H..8...{..).........$g...M.Ar.>.....(...m..l......Y..D:c..z..z. 1.,.Z...M.....K2!..(._...!..._/.h.t..[.z.-..S.y.[x...9.G1p\A1.*......i$...&N5.M..iQl.>..@g......8n.[.;xY....U.&..)m1MR...G%K.....uuF. .....S..<%L...&....?.5.....
<<< skipped >>>
GET /tps/i2/T1iHqOXANXXXbjYjco-59-689.png HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img01.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 8976
Connection: keep-alive
Date: Thu, 04 Sep 2014 17:51:52 GMT
Last-Modified: Tue, 21 May 2013 07:36:52 GMT
Expires: Sun, 01 Sep 2024 17:51:52 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache2.l2sg1, cache7.de1[0,200-0,H], cache5.de1[0,0]
Age: 2282874
X-Cache: HIT TCP_MEM_HIT dirn:7:428038577
X-Swift-SaveTime: Wed, 10 Sep 2014 18:14:34 GMT
X-Swift-CacheTime: 314840238
.PNG........IHDR...;..........O$.....tEXtSoftware.Adobe ImageReadyq.e<....PLTE..Y..E...........t.....}..h..\...........k..........................n...................................x..^..Q..k.......................{..H..A.......................M...........V..g..R.....m...........b.....r..`.....F...........v..C..........................N..U.....e.............._..c..W.....T...........=..........................................................................................................................................................................................................................?...........q.................@............................................L..C....................w..O.................{........I.....O..U..........................o....................k..U...........~........?..q..h.....J..@.....e.~>.......8......tRNS................................................................................................................................................................................................................................................................S..%....IDATx....TUG..Y......QA.$..*....DA.`...Q{...}..... ;.."......!..D.%Qc....t....nM...=..[..9...9.W...8.}.U........K....._...e..:A...O....46.".....Dg..8..a..W4.%0=.4.X.Mg/y>r.7.......0!...D...c..i....V0l.K..&..-:4...e..H../Y......X.@.3f...z...Un.bM.J...B.&.K..7......s.H...1....W....b..a....6p}.,..KVp}......H..ns(x.J..)P&$..Z.)X`,f..e.Z....%...Z....y{ZIK..........]k........`........zZ...........Y..........
<<< skipped >>>
GET /tps/i3/T1twurXApXXXai.eUc-54-225.png HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img01.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 1229
Connection: keep-alive
Date: Sun, 21 Sep 2014 14:20:31 GMT
Last-Modified: Fri, 26 Apr 2013 13:17:07 GMT
Expires: Wed, 18 Sep 2024 14:20:31 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache32.l2sg1[0,200-0,H], cache24.l2sg1[0,0], cache1.de1[0,200-0,H], cache5.de1[0,0]
Age: 826758
X-Cache: HIT TCP_MEM_HIT dirn:3:729734569
X-Swift-SaveTime: Sun, 28 Sep 2014 16:57:50 GMT
X-Swift-CacheTime: 314745761
.PNG........IHDR...6............x....tEXtSoftware.Adobe ImageReadyq.e<...)PLTE.........................................................................................................................................................................................................................................................................................................wk.....ctRNS...................................................................................................w5......IDATx...g[.A...E.BSz.,.tP..n...{......F....m..d....3....w....B.zB!..".K..5`...x...d.5NH..[.1-..5.[.....3....,...\.e.v.g.....~[38..V%.x..c{.v.....5 ..4nj^..c.H.....^/...[Apr-.R.......... .H...~)(..(v6~I..PQ..$#.......Q.j.0...Z...2..@V.."........... 6.l...X..C(f.h.@.._g.......3......7.q.1....t..v.J?l....."....!......\.a#.j&6.@.f...%.o3...|?.F.8..b.....{z....g`A....{.o....6.......y.C..5f..........#.3.....!.s..f...uN...Y.....%..*......h@L..<..l.Z.q;.X.qb....:.V.GI....A...4....o..!K...B......Oi...F..^..7...7.\.R.K...sz.......|.mO.#Fl>.. o$.xU.b.W............7.\.....s..pd........$.H#K.K.4..`.y.n;....gz...To7.0..m....F.Ib........o..&.O2...3Sc...\....V.83......BN.(...P.:0...3...2x..c.b.1.0Sr.SYl..M......c3.^......n.Q.H.an....IEND.B`...
<<< skipped >>>
GET /get/flashplayer/update/current/install/version.xml11.6.602.168~installVector=6&lang=en&cpuWordLength=32&playerType=ax&os=win&osVer=7 HTTP/1.1
User-Agent: Shockwave Flash
Host: fpdownload2.macromedia.com
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: Apache
Content-Length: 350
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 01 Oct 2014 03:59:49 GMT
Connection: keep-alive
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>404 Not Found</title>.</head><body>.<h1>Not Found</h1>.<p>The requested URL /get/flashplayer/update/current/install/version.xml11.6.602.168~installVector=6&lang=en&cpuWordLength=32&playerType=ax&os=win&osVer=7 was not found on this server.</p>.</body></html>...
GET /shop/noshop.htm HTTP/1.1
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: store.taobao.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 01 Oct 2014 03:59:26 GMT
Content-Type: text/html;charset=GBK
Content-Length: 4477
Connection: close
S: STATUS_NOT_EXISTED
P3P: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
Content-Language: zh-CN
Content-Encoding: gzip
Accept-Ranges: bytes
X-Varnish: 2192562875 2192211370
Age: 2089
Via: 1.1 varnish
X-CacheHits: 1009
X-Cache: HIT
.................;.o.F.?'@..).m.".I}..e........[/....."%1.8.I.V|.c..t....&u.$N..g...c'n...-....Z wi.......!.!%Y...E.%..y....=R..#....../.v....??....H...........4...k."-..Y.;..X......S.I. p .....[,...Rf..,Q\.].~..ae.......*......f..mjj./..{.m.....j..0..d.x.Z.....L'...kJ(|...s)P(.i.hc.7...?......V`..........{./.k...g..6......2jz...:......2_.g...U.r..g.3...l.o.f ..g6...\.7.'.p.W.{1..M.X0../.3yU...Z...R.4..g.....0..2o.~O.rZ..?3...h.Ex.jU.c..)....\/L....S.."......$.......Q...........@.0.Fe.dl..v].....w.m@U...6Q..7..^..z`:FJ.........*"c9.Q...&:&9...I..P..y...XUB........Z@.1#..eJ;()....c.j{...g.0M....\.....}0P..,G..&...}......p..=..*.<.p......M.M.[....[.aM..t.q.IX...p..3..3...=..$......'.L..WU.....u.hk.D..r.t.)...F0.p@ ..'(..........A.lk$FJO.yu.<.i.S..qbA...S..i.2.v.Pv..S...b.%....k.....q%...i..&.R......_Vu....#.).d=M.<.....j..M ..X.)G#...h.C...vL;..b...V.."M.......#.Kb..qZ........\.c... .@(x.otf4.X.79.........m\.K..(.`..F.4...t.._...A..|.h.=.x..kw}....[..w.gR.c.m.....[...T.E.......6........Z.m./B.u....g&T.P*>..@..{....&..9....../>...s...."g.G.}p.8.Uv.|.N}.Ly..[k7.....E.hU..P|...>1..aC4........[N.|.W........k.U=...f.&J`...@.t.2.8.3..,c..6.2n........[6.P..sg._.I....A?..6._y.ri.......N....!>.r.s)m..X.........o.(.K.4...Y....gn..!2@...[..>...a.......}Zca....Ei....mC......P.4.e...H....K.x.......U6$\...p..xu.n$..`.I4?..w...i..As...........k..@..~.H...}b.Oc.....0K..N.%............u..}lg..g.|.w...(7..]..`..1...........q..c#..=1cV.>.mK]..y....9.......m....5R...q...Q...)d&,.[..fh).'.&.V.u]...8.h.....a
<<< skipped >>>
GET /tps/i3/T1WzepXuXeXXbCFbsb-100-100.jpg HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img03.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 4889
Connection: keep-alive
Date: Mon, 22 Sep 2014 04:53:47 GMT
Last-Modified: Fri, 26 Apr 2013 14:48:55 GMT
Expires: Thu, 19 Sep 2024 04:53:47 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache20.l2sg1[0,200-0,H], cache24.l2sg1[1,0], cache4.de1[0,200-0,H], cache7.de1[1,0]
Age: 774358
X-Cache: HIT TCP_MEM_HIT dirn:4:240275628
X-Swift-SaveTime: Sun, 28 Sep 2014 16:50:37 GMT
X-Swift-CacheTime: 314798590
......JFIF.....H.H.....C....................................................................C.......................................................................d.d............................................C.........................."....2.!#B13AQRb.$Caqr..S......4c...D...................................3.......................#...3.2C..!"1Q$B...4ARbcr.............?........H.K^i.I..F.L.....%......".....,.....&..F.....g...7./~.../..$..8C....z..m....j.Y .AR....$b...Ml.P.[....,:...T.U......h.....sU....)-..I.0.7...H.G.J...f5.aO.Z....N.T...l........H\...'m.^!B..}.1.7........3..W}..!...P{.l..Q.*.SUHY..L..U.....Q..g..1.k.lS.......I.'....E....."....X..[...[.N. ................h."......8o .S.5..'........V......,8p.\c.$[ ...G~...A.W/g.,.....n.,..>.N3KA..)......l....5..H...X.2'...f. YL.......M../P.....zxC......!.@...{.a%l...j.a8p..a..A..|mS0.....g..4"%L....<|..K93?.K..}J.......^.~.}.o|.....T....Mi.j....I6...%"8.....C..........e';{5)..<...r...g.....5..v..-..C7.Q.".)...NO'...5.....8aHx...,.....5C.......0/ ....U.X.a.r...j..a.k.E..z...a-?. |RJ.V...r...n.....E<..OG....B}A .Q.l.M#f...b.u.aR...y...4 a..............udsm..wV..@..H#vZ.k..T.mG-m..B6...f........#...:c.;...7M\./.Wdt...M.0l..4%H...]).7QcL.7w.....o..u..}..i...\.M......."Kg.*.Z[..kX..M.^....c...o....N..H....gl..]?;uYL...............O.Olq.Q.oR....*...).k;R...fi.qA.R.f...,.\...v.0v.....1dX*...|..N.^v....F\.......rn..QH.=.p...xT....*vkD...a...@...o4f.J..q.$..^X...m..o n...m.w.n...Wh..e)..F......gv .0.n..rjv]....$...Z.4.%....8S.4}.R;0......e.&...Z.P95T#.n...
<<< skipped >>>
GET /??kissy/k/1.4.2/seed-min.js,tb/global/3.1.5/global-min.js HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: g.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/x-javascript
Content-Length: 28574
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:07:25 GMT
Last-Modified: Tue, 02 Sep 2014 07:47:58 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Via: cache7.l2cn201[0,304-0,H], cache13.l2cn201[0,0], cache1.de1[0,200-0,H], cache8.de1[1,0]
Content-Encoding: gzip
Age: 3139
X-Cache: HIT TCP_MEM_HIT dirn:7:856676232
X-Swift-SaveTime: Wed, 01 Oct 2014 03:07:25 GMT
X-Swift-CacheTime: 3600
............i{.F.(.]..Brd.l..dy!..xM<'Nrc...C1...n..R.#r~.[U...P.d.>...Ld.........><z.....d.i....X...}....u.~tz.....Oi.-.(<...<lm.E4h.....y..x...=..]{k^....`.fK..n..V.OX&qo.,v.lm..t.J-SU.Yh...p\..[..h.]/[.{.%X.y.~o...-G|K.......K..0.......q68...o....X.^g........WW/?......w.....z........=2.....v....f..{.*[.i2.m......v.g..:.... .....S..X.'.3.....)....[d 7..-gb../.4.6f`.'v....]@..,.....ck8..o>7..........1|..,q]...n<.E1,...1..5...M...=...cW...,.6?eI.........{v...U.j.4l.az..aX.Y..g.].&..?.?E....}.........`.~~....E5../~.y`...Z.../........L.......c.!'8<.4.x.a."X.X.46....qh..B.#..m...#.B'.W.|b.-g.z.,.........2.L..'n..\..I.mA..w;.....u......?.9{..........s.....!...Kv.....7.m.......R_`.o,........b9.<.Z.....q..E..&pcY.........^...W....._.^..X........._..O.K....z_,k.e..=..au...'..0n.k..-.;....1..>k.....r!.5KaEC.P...|....@....7..!...5.......W.~{.......Ah......]>n.....#o.H...n...u..:..W.l..7_..o..E...yd...a.~...&^....WQ..|..&.|]E....1&...?e.V.x...[.d..j.nL.....4......#.B.Cj........7.bU.@Bs.H...&....,..RQh.D.*..qtrr<.6....%.8.f .... q..K,W&.3....v.n.oz..tGc.a.....gyv.R...I...o.(.....F.=..;..7p.N..]._.......9l.~.!..{n...a....Q..`.@j#.f.n.y.oX.Oa...B.....Y.'>...C6k..6...wS@'.......o.$.C....Hl..]X.'..........5K-.GR.n.. ...&j...}..:........7.x..:.$\nr.v.l...n........'...../..G.X...6.6..ibg....$=...Y.......?....F...;.-...A..Eb.......y......C!Q...La.Sx..@.S...X.JnKk...!.b@....EX.bD.......&Zj.......S........ .....s7.....0.W..2.iM,g^..;.V...v.6.(.oa..s/....(,...@>...Wn.-.|.......%.=` ,..9.
<<< skipped >>>
GET /tb/ishopbook/0.0.8/g/page/found/index-min.css?t=20130925.css HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: g.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: text/css
Content-Length: 8254
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:08:24 GMT
Last-Modified: Mon, 05 May 2014 09:27:35 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Via: cache14.l2cn201[0,304-0,H], cache23.l2cn201[0,0], cache1.de1[0,200-0,H], cache8.de1[0,0]
Content-Encoding: gzip
Age: 3081
X-Cache: HIT TCP_MEM_HIT dirn:3:859523133
X-Swift-SaveTime: Wed, 01 Oct 2014 03:16:42 GMT
X-Swift-CacheTime: 3600
...........=...F...u#....y....`.v...1..3....A..D.D*$.....u...^Qj'3X`.....^U.z.n..e.dEs...f}9.....6.Vyq...}S.<..i.6..^eNVUeu..u..eqYe...o...N..X9M...i'Mv.8.&_...2@V.n..l.r{...:.vuP...y.......\...7yqsPj..Y.Z7.AD .S..@...8.....f.N^....7{.X.x<.{Q:....i.......KRViV...-.$K..ow?H.z..........Y...x...E:x......d<.....5....~..4\l..Z.......Al...........wg..%.dMz.H.MY]..A@~....xL~N...t..wh..!&.^....%..Y..|.p.b./......UxqQ.[Z......*_>..y.fE.GEYd..owe..E.4....y.'.&o....Z.......2A.6b...mV5."..t...6....vJRD.8.......!...U...;l.l.......UU........l.o.n\...:~U.....O.{>../...p./......kgF...vrM.l2g.m6.4.s.Z...pW.Vy...f.&qA.9..eY.:p/._.0....wy..I.G....2.UF.JH..]..T.E..V..*!...*c....e.z..^&....2.U&.JD.D]..T.x.).2..LA.).B.....V"..Z.......7....!]....j..K_Tc.......{b.=.Z.X....'..g...<|8._...X5.T.3.=Q.M..S...|1..a.....x........o|.8..........[ `c..3Q....?...>.B.....H`..8...>.}.....'0P}<.X.=.$.....@-..Tb...sC.;Z..b.V0j.C ...#..(.8..L}......>k.^$wV ....d......X.QO.....$......V.........!..V....z.(..KGA..H)..KMa.~..k..TX.....G( ..O\a.~..k..XX...B...ZV...zIGn.....%-..K:...t.W/...Q..`.H..F....E...e...e...e.$.e.*.e.0.;.h.Q...Q.)4.]...u.Es ...."..`...3...s.%7y....S..SR...#.t.,[>.P../...>.. ..e......t..M\5.@.t..K&.%.:..I?.j..,...~........Jy.o.T..........n.D.-..X.8).......|.j.M./.[*...,K...YL...8\.v.~.I*..7...Y..).['I....d...Ud..b..k......oY.T 5u.............1..=......A.#_...B.V.}...u.\z...J....9%2v.2.bN.....!..I.. .(.3T.'L&U..Dz....n..A........y:8[....g......_...w.. (k..."......T.....a~.....j!<Z7......].yC.%..6
<<< skipped >>>
GET /tb/ishopbook/0.0.8/g/pkg/??global/index-min.js?t=20130925.js HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: g.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/x-javascript
Content-Length: 1953
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:21:49 GMT
Last-Modified: Mon, 05 May 2014 09:27:35 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Via: cache18.l2cn201[0,304-0,H], cache18.l2cn201[0,0], cache3.de1[0,200-0,H], cache8.de1[0,0]
Content-Encoding: gzip
Age: 2277
X-Cache: HIT TCP_MEM_HIT dirn:1:42642415
X-Swift-SaveTime: Wed, 01 Oct 2014 03:25:39 GMT
X-Swift-CacheTime: 3600
...........X{o.....~...<iQ(.y5N..m...y...V,.AI..F"uE*n....P.[..t.. .xt.?.../.................f<...5......5g.$k)w6..;;.....l.....*..e....}.N#............ "<".1..........d..Z...m].n>.P"..d.....gO..Uus sc......T.[.%%..Y.E.Ri...........; b.q\@.....LK..q..2..];.T......$.....R9..c.].*,....4.\k...(.......dJ.. $4..\..._.i.tv{.??..<..;.!...........<....H....../........y..O..cIb...xuw}uy.d.E....L.....A.tw3....M.......g.)...]..JW.......r....O.Z..r#2N.fX../ .1{h...V .[.N.......\.....d;...1.T....8I.g.n.Q^P..!.R.F.5vO.\...x.j.:....-.l...4..lX.V.k.......T..Z}(W...8\..K...X _h..K0..YmEW....DRw..NQ..z....>...#.....t.WL~. ...0.7Fx..xSQF!.x..7|w;.......7.F# ..H..t...'..Sd..i}Y...b.-Y@.=........Y....V...LEL..|.B.Z.&D.n..1<~.M...4&>=-..3e..r.QmuX.,...9.@I7...,.2,#.....E.6........I.&PcF.....4"..l..S.E.&......m...\:.......NS.._).#p.x..;...b....&..4f.g..8s...{.....q{.qLkC$..x..c.E.....=..X.P.L..5....2...P ..H5..i.....B..(...k.....F(@.........?.5Xm..7Z..c.?.h)..R..X...? ..~*w....../|9.N..=.p... am...o....".P..5...s.Q...Q.8.B....8.(|....Y,.X.2H.X...rk.]]XE....*Nw..... .5...s.......M.`.X.8...(.U.VO)...<.D...TY......\..#......HV..$....j....[h./...G....,\....8.&.......R?...7p*.L#..0.....z..D......EWs|aG..Y/.F d....OX.....cB...*o....$6.....-d......0.A....n...,.B.>.#.......71@;b..F.Kj.........W.t...2.....P=...'.TD.G...o{7.;m....S.LY>.b){.1.;.>..s6.(.a...M.s.`?[.3...'s...A...:wa h.W.6..l.s.;..IwI.2.a. \f..1..@t.5'"3........v.Hlm..:..@.*..]..A..j..r.....5:.1.h`.x.=a......;....&..HO.UX.:..Oh.i.#cV.....LB..
<<< skipped >>>
GET /tbc/??umpp/1.4.20/index-min.js HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: g.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/x-javascript
Content-Length: 3932
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:50:41 GMT
Last-Modified: Mon, 25 Aug 2014 05:47:59 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Via: cache19.l2cn201[5,304-0,H], cache25.l2cn201[5,0], cache4.de1[0,200-0,H], cache8.de1[0,0]
Content-Encoding: gzip
Age: 545
X-Cache: HIT TCP_MEM_HIT dirn:3:386712895
X-Swift-SaveTime: Wed, 01 Oct 2014 03:50:41 GMT
X-Swift-CacheTime: 3600
...........Z..........Ei...$.)\...:M.......P...\R.Q\.\.Y...wf.......r.c..3.|.......f....L_]L^_..n.|...........&2..8b<u_./&.......%..^....P."..s0...f4p....".....\..xv.\LO...'.A.v...,k^Gv@C.9..V.....-....%....h.G.4......H........7..&.$........_.<....u.X....g.Mm.......Z .....`...i.QL..2....9..|. ...e...?.. ....... ;v..o...[.;(.V...g..s.T.J....J........\.`.].....br..~.W. ..l...\.kD.o.9.....c...OF.F..Wi.........K2bn.nm......7.....d"`..EBf-..`...h..NpT?p."..........o.b.....b:W.....PT.kXp&.M..q.6.-...*...L........M#."t.....O..4..>....u....".a.j...#.D.'...[0......g..~3...w.F|3l.....>Sg..qK........#...:....V....."0.c0..3.*.-....X9.. ..?... ..S#.....pz.=....U.......r.BPS.....x....4....v.x....=.....G....D....WC....4Ns...G.......qx.<...gZ.....[.b....8....`F.....X.....s...m^o.!E(.7d%..$.....x..ddo.HtQ..9@...e..}...j=.....k....f..'.9..>...?f.I.t....kz%..n...PA...!...a.{^.....7.P.[.....W{n......G.......C0../JP.....8....p...........Y......r...z...c....{..FTP..2A.q._8...."K...,.....Y..w.-....!...a.&..g%'.z`r..bY..Eoa..9.....A.0..Pz.E...jr..E..1...b.I....i......E.....{....*O.}....p.5..B.G.R........i;c...N."..-.".J........}..0.h......B.....j!....].s.1..e..w.F.m..a'....n...........>...."&.b D)....@...<........0.C.>.......B.g2w.~.3.$..P.......)Fd/.:..W..%....iM..k...|....[.P..\...X..A.c.^ws'..z...I....... .....N.N}....8....Y.....p..PD../....V..B{..2d[..[.m.......8..O;.YJx....x......?.7bf"Wi..xP..WyS..%.l..@. 2H%...).P_.qu.9..`..0Za...h....|....L L|../..K.9O.w...8iY.....[.[..F....1.10J..)...s.K@5.T....<
<<< skipped >>>
GET /kissy/k/1.4.2/??overlay-min.js,component/container-min.js,component/control-min.js,component/manager-min.js,xtemplate/runtime-min.js,component/extension/shim-min.js,component/extension/align-min.js,component/extension/content-xtpl-min.js,component/extension/content-render-min.js,xtemplate-min.js,xtemplate/compiler-min.js HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: g.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/x-javascript
Content-Length: 20308
Connection: keep-alive
Date: Wed, 01 Oct 2014 02:51:52 GMT
Last-Modified: Fri, 07 Mar 2014 04:43:07 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Via: cache10.l2cn201[0,304-0,H], cache13.l2cn201[1,0], cache2.de1[0,200-0,H], cache8.de1[1,0]
Content-Encoding: gzip
Age: 4074
X-Cache: HIT TCP_MEM_HIT dirn:5:825898501
X-Swift-SaveTime: Wed, 01 Oct 2014 03:25:24 GMT
X-Swift-CacheTime: 3600
...........}iw....w..._"...E.I-Mw.....:v........ .....B..OU..F/.d.3.sb.h,..P...._*....U2.m..f....|....T....v....... .....o.iX.$...>..j..n;.../.......f,.D..ws.]o.Z...N.^.....7..02.V.....T.Y..._..f.._.Uu.F5Q.....j.Yln....M9..s..%..'.........V.tk..kuX;~.&_...[.]..N....f,WQ.\?....~...0....f...r.N.O.....t..z.b.F .:_....$...j.....Y,.j.7......$....S...z............ X......*.o^.$4.q..6.SA.g..zl..o......(.S45.^q...h..f....d.p.}.X......Q.FPu.[E....go..^....<d.=...'....D_q..z...z...&Z..j...w&...BL.q.._.............a..i.....kj..h..4y..;[.S.kF......E......g......Q.........$^y...V..2p.^0....y......^d....oF.8.n....r...K/H67n.T.|....>>.C.....8'.Oa}~5L....J._.7.}.....4.6.?.t.....-.@R._.F.%...../...(..S.z.9.~.^a.......>%......<...X.=8v.x.Fs...o....5.....#....K...B ....E..0..[.<.......?r..(.@.p.....ayo..........4.......)..?#L.K._..^M...........~<.G..t...|5X.....V`'59O....t....M.@).........h....D...D..._{.k.y{.f?...{.lO. 0u.i..(...'."%.V.....6......7....'...}..... .n#.Qko1......7u.$..5vw........f...H.z.P..%.<G....q..|..[............r.............@{..2......&,..O>.b....g..N...J;.....L......4.&..{p..G....56.R.L....^.[..."......7..@..*...S.-...f.*......S..].3....B .\o.S`,...e.....# .~{..>X..d..n...'...j;.....b6....c.-;..r....!.....h....D.^...<.Za......\~.....[..=`4....6..2pLH.....=n,.........7[.1$....F.3..=.8..UG ........U..8_.IX.xL....4>...j...d}"..D..1..t...,..HB...H.._..GMJ..F...jPa...M.P.`..".}.cO...2..nX.|?....i...x.o7....W..>^/....#L).. .pr......3..G 0"!.....b....S..=....;..[.l........v
<<< skipped >>>
GET /tb/tracker/1.0.13/index.js HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: g.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/x-javascript
Content-Length: 1505
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:44:56 GMT
Last-Modified: Fri, 11 Jul 2014 01:29:04 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Via: cache26.l2cn201[0,304-0,H], cache2.l2cn201[1,0], cache6.de1[0,200-0,H], cache8.de1[1,0]
Content-Encoding: gzip
Age: 891
X-Cache: HIT TCP_MEM_HIT dirn:2:721609421
X-Swift-SaveTime: Wed, 01 Oct 2014 03:44:56 GMT
X-Swift-CacheTime: 3600
<<< skipped >>>
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: g.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/x-javascript
Content-Length: 3057
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:04:38 GMT
Last-Modified: Mon, 23 Sep 2013 07:53:34 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Via: cache25.l2cn201[0,304-0,H], cache16.l2cn201[0,0], cache1.de1[0,200-0,H], cache8.de1[0,0]
Age: 3309
X-Cache: HIT TCP_MEM_HIT dirn:6:727636714
X-Swift-SaveTime: Wed, 01 Oct 2014 03:31:12 GMT
<<< skipped >>>
Accept: */*
Accept-Language: en-US
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: g.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/x-shockwave-flash
Content-Length: 4495
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:54:46 GMT
Last-Modified: Mon, 25 Aug 2014 05:47:59 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Via: cache8.l2cn201[0,304-0,H], cache14.l2cn201[1,0], cache1.de1[0,200-0,H], cache8.de1[1,0]
Age: 303
X-Cache: HIT TCP_MEM_HIT dirn:1:856596663
X-Swift-SaveTime: Wed, 01 Oct 2014 03:54:46 GMT
<<< skipped >>>
GET /tps/i1/T1ga4HFCJ3XXaSQP_X-16-16.png HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: gtms01.alicdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 430
Connection: keep-alive
Date: Mon, 28 Jul 2014 02:03:22 GMT
Last-Modified: Tue, 21 Jan 2014 03:08:04 GMT
Expires: Thu, 25 Jul 2024 02:03:22 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: http/1.1 l2cn12 (ATS [cHs f ]), cache8.us1[0,200-0,H], cache8.us1[0,0]
Age: 5622984
X-Cache: HIT TCP_MEM_HIT dirn:3:510191489
X-Swift-SaveTime: Wed, 30 Jul 2014 21:37:32 GMT
X-Swift-CacheTime: 315116750.PNG........IHDR.............:.......pHYs...H...H.F.k>....vpAg.........\.......IDAT..=....0.....T.ns..iD.B.i`B.....g.......=..T.......].;aU....p.BM\....6....M.5.:.%.].G............NeI...k.f.2oZ..?~AD.... ...z.. .l...9c<..*F.......P...i..[.....s...s..`...=:N.. ..m..1SE_.k.u'?.6.&.)*....%tEXtdate:create.2014-01-21T11:08:04 08:00..9:...%tEXtdate:modify.2014-01-21T11:08:04 08:00........tEXtSoftware.Adobe ImageReadyq.e<....IEND.B`.`..
GET /tps/i1/T1IJ8DFGpdXXc6EcHc-150-52.png HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: gtms01.alicdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 5703
Connection: keep-alive
Date: Fri, 05 Sep 2014 02:45:29 GMT
Last-Modified: Mon, 21 Apr 2014 09:19:03 GMT
Expires: Mon, 02 Sep 2024 02:45:29 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache22.l2sg1[0,200-0,H], cache28.l2sg1[1,0], cache6.us1[0,200-0,H], cache8.us1[0,0]
Age: 2250857
X-Cache: HIT TCP_MEM_HIT dirn:5:402239042
X-Swift-SaveTime: Thu, 18 Sep 2014 08:12:08 GMT
<<< skipped >>>
GET /highqualityshop/high_quality_shop.htm HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/x-ms-application, application/x-ms-xbap, application/vnd.ms-xpsdocument, application/xaml xml, */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: dongtai.taobao.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 01 Oct 2014 03:59:44 GMT
Content-Type: text/html;charset=GBK
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
S: STATUS_NOT_EXISTED
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: uc1=cookie14=UoW28XHzO5gErA==; Domain=.taobao.com; Path=/
Set-Cookie: v=0; Domain=.taobao.com; Path=/
Set-Cookie: cookie2=100b7929c8e64ac2ae1435c07276fd09;Domain=.taobao.com;Path=/;HttpOnly
Set-Cookie: t=17e002f6e58e45f8d59eecfe815ebe56; Domain=.taobao.com; Expires=Tue, 30-Dec-2014 03:59:44 GMT; Path=/
Set-Cookie: _tb_token_=36176305f5e00;Domain=.taobao.com;Path=/;HttpOnly
P3P: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
Content-Language: zh-CN
<<< skipped >>>
x-requested-with: XMLHttpRequest
Accept-Language: en-us
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept: text/html, */*; q=0.01
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: dongtai.taobao.com
Connection: Keep-Alive
Cookie: mt=ci=-1_0; uc1=cookie14=UoW28XHzO5gErA==; v=0; cookie2=100b7929c8e64ac2ae1435c07276fd09; t=17e002f6e58e45f8d59eecfe815ebe56; _tb_token_=36176305f5e00; cna=MmqyDMhU6lECAbhrJiYFiPcH; CNZZDATA30062430=cnzz_eid=1516345071-1412135986-&ntime=1412135986
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 01 Oct 2014 03:59:47 GMT
Content-Type: text/html;charset=GBK
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
S: STATUS_NORMAL
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: uc1=cookie14=UoW28XHzO5gErw==; Domain=.taobao.com; Path=/
P3P: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
Content-Language: zh-CN
Content-Encoding: gzipa8............-....0.D......7j.},..... ...@^M..)..."..9.......]..c............%..$....ggB.....ft.I5...Z.....<.`HdH[.$..y.h....V=.......).s.......z.tw......[....,)... ........0..
GET /tps/i4/T1GVuqXutdXXbCFbsb-100-100.jpg HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img04.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 5968
Connection: keep-alive
Date: Sun, 07 Sep 2014 15:56:52 GMT
Last-Modified: Sat, 27 Apr 2013 05:14:07 GMT
Expires: Wed, 04 Sep 2024 15:56:52 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache19.l2sg1, cache6.de1[0,200-0,H], cache3.de1[1,0]
Age: 2030573
X-Cache: HIT TCP_MEM_HIT dirn:3:882171688
X-Swift-SaveTime: Wed, 10 Sep 2014 18:26:44 GMT
<<< skipped >>>
GET /tps/i2/T1mEW0FXVXXXc_GIzs-25-136.png HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: gtms02.alicdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 588
Connection: keep-alive
Date: Tue, 23 Sep 2014 08:04:09 GMT
Last-Modified: Wed, 18 Sep 2013 03:37:02 GMT
Expires: Fri, 20 Sep 2024 08:04:09 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache28.l2sg1[0,200-0,H], cache27.l2sg1[0,0], cache9.us1[0,200-0,H], cache6.us1[1,0]
Age: 676541
X-Cache: HIT TCP_MEM_HIT dirn:7:478990060
X-Swift-SaveTime: Sun, 28 Sep 2014 16:47:20 GMT
X-Swift-CacheTime: 314896609.PNG........IHDR.................... cHRM..z%..............u0...`..:....o._.F....bKGD..........pHYs.................vpAg..........Q.....MIDATX...Q..0.D#.Y=..M?.Q...ql.U...^M.d.SN.&......<..p.....p@.......vU<@...p....#..4.[sJ.d.....8.e.C.G....wk j..!.W.J...g..RB._6........d..../.@.y$..."X....XE.. ....b.q.x..BNin_...}.%O..%y.bI..p.....b...if}.C.[...$.. .....L'.r.u.".W?'......7.Wg..._...}.....%.../..#.*.....9%..l..h.U...(.}.A.w7$.@WC......@...........U0..y....g..w....e...Asq...%tEXtdate:create.2013-09-18T11:37:02 08:00.{G....%tEXtdate:modify.2013-09-18T11:37:02 08:00q&......IEND.B`.`..
GET /p/header/header-min.css?t=20110506.css HTTP/1.1
Accept: */*
Referer: hXXp://store.taobao.com/shop/noshop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: a.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: text/css
Content-Length: 4383
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:05:59 GMT
Last-Modified: Mon, 28 Mar 2011 08:39:04 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Vary: Accept-Encoding
Via: cache16.l2cn241[51,304-0,H], cache15.l2cn241[52,0], cache27.l2cn201[1,304-0,H], cache5.l2cn201[1,0], cache7.de1[0,200-0,H], cache9.de1[0,0]
Content-Encoding: gzip
Age: 3212
X-Cache: HIT TCP_MEM_HIT dirn:0:791551673
X-Swift-SaveTime: Wed, 01 Oct 2014 03:05:59 GMT
<<< skipped >>>
Accept: */*
Referer: hXXp://store.taobao.com/shop/noshop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: a.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/x-javascript
Content-Length: 3928
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:11:33 GMT
Last-Modified: Tue, 01 Nov 2011 12:05:11 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Vary: Accept-Encoding
Via: cache22.l2cn201[0,304-0,H], cache13.l2cn201[0,0], cache8.de1[0,200-0,H], cache9.de1[1,0]
Content-Encoding: gzip
Age: 2880
X-Cache: HIT TCP_MEM_HIT dirn:5:220825096
X-Swift-SaveTime: Wed, 01 Oct 2014 03:13:48 GMT
<<< skipped >>>
Accept: */*
Referer: hXXp://store.taobao.com/shop/noshop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: a.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/x-javascript
Content-Length: 53550
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:15:03 GMT
Last-Modified: Thu, 27 May 2010 07:19:06 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Vary: Accept-Encoding
Via: cache4.l2cn201[0,304-0,H], cache26.l2cn201[0,0], cache2.de1[0,200-0,H], cache9.de1[1,0]
Content-Encoding: gzip
Age: 2670
X-Cache: HIT TCP_MEM_HIT dirn:1:827422743
X-Swift-SaveTime: Wed, 01 Oct 2014 03:16:31 GMT
<<< skipped >>>
Accept: */*
Referer: hXXp://store.taobao.com/shop/noshop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: a.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 2347
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:52:30 GMT
Last-Modified: Thu, 27 May 2010 07:19:59 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Accept-Ranges: bytes
Via: cache8.l2cn201[4,304-0,H], cache26.l2cn201[5,0], cache9.de1[0,200-0,H], cache9.de1[0,0]
Age: 424
X-Cache: HIT TCP_MEM_HIT dirn:1:321645579
X-Swift-SaveTime: Wed, 01 Oct 2014 03:52:30 GMT
<<< skipped >>>
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: a.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/x-javascript
Content-Length: 5178
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:15:19 GMT
Last-Modified: Wed, 10 Sep 2014 06:48:49 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Vary: Accept-Encoding
Via: cache7.l2cn201[0,304-0,H], cache14.l2cn201[0,0], cache8.de1[0,200-0,H], cache9.de1[0,0]
Content-Encoding: gzip
Age: 2666
X-Cache: HIT TCP_MEM_HIT dirn:3:221940764
X-Swift-SaveTime: Wed, 01 Oct 2014 03:15:23 GMT
<<< skipped >>>
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: a.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/x-javascript
Content-Length: 4815
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:32:48 GMT
Last-Modified: Tue, 06 Aug 2013 03:22:17 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Vary: Accept-Encoding
Via: cache30.l2cn201[0,304-0,H], cache6.l2cn201[0,0], cache1.de1[0,200-0,H], cache9.de1[0,0]
Content-Encoding: gzip
Age: 1618
X-Cache: HIT TCP_MEM_HIT dirn:6:858124573
X-Swift-SaveTime: Wed, 01 Oct 2014 03:38:27 GMT
<<< skipped >>>
GET /tps/i4/T1POdHXh8cXXXXXXXX-489-90.png HTTP/1.1
Accept: */*
Referer: hXXp://store.taobao.com/shop/noshop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img04.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/png
Content-Length: 2472
Connection: keep-alive
Date: Wed, 17 Sep 2014 02:47:53 GMT
Last-Modified: Fri, 13 Jul 2012 21:03:24 GMT
Expires: Sat, 14 Sep 2024 02:47:53 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache25.l2sg1[0,200-0,H], cache24.l2sg1[0,0], cache5.de1[0,200-0,H], cache10.de1[0,0]
Age: 1213901
X-Cache: HIT TCP_MEM_HIT dirn:6:2847700
X-Swift-SaveTime: Sun, 28 Sep 2014 16:59:00 GMT
<<< skipped >>>
Accept: */*
Referer: hXXp://store.taobao.com/shop/noshop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img04.taobaocdn.com
Connection: Keep-Alive
<<< skipped >>>
Accept: */*
Referer: hXXp://store.taobao.com/shop/noshop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img04.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 1852
Connection: keep-alive
Date: Sun, 14 Sep 2014 15:50:18 GMT
Last-Modified: Thu, 22 Sep 2011 02:14:59 GMT
Expires: Wed, 11 Sep 2024 15:50:18 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache28.l2sg1[0,200-0,H], cache10.l2sg1[0,0], cache4.de1[0,200-0,H], cache10.de1[0,0]
Age: 1426157
X-Cache: HIT TCP_MEM_HIT dirn:3:241689758
X-Swift-SaveTime: Sun, 28 Sep 2014 16:48:51 GMT
<<< skipped >>>
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img04.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 6637
Connection: keep-alive
Date: Wed, 10 Sep 2014 17:11:30 GMT
Last-Modified: Fri, 26 Apr 2013 14:49:02 GMT
Expires: Sat, 07 Sep 2024 17:11:30 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache5.l2sg1, cache7.de1[0,200-0,H], cache10.de1[1,0]
Age: 1766895
X-Cache: HIT TCP_MEM_HIT dirn:6:387490715
X-Swift-SaveTime: Wed, 10 Sep 2014 18:15:18 GMT
<<< skipped >>>
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img04.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 7261
Connection: keep-alive
Date: Sun, 28 Sep 2014 16:50:59 GMT
Last-Modified: Fri, 26 Apr 2013 14:49:02 GMT
Expires: Wed, 25 Sep 2024 16:50:59 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache22.l2sg1[0,200-0,H], cache23.l2sg1[0,0], cache8.de1[0,200-0,H], cache10.de1[0,0]
Age: 212926
X-Cache: HIT TCP_MEM_HIT dirn:7:85528087
X-Swift-SaveTime: Sun, 28 Sep 2014 16:59:38 GMT
<<< skipped >>>
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img04.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 5833
Connection: keep-alive
Date: Sun, 28 Sep 2014 03:12:44 GMT
Last-Modified: Fri, 26 Apr 2013 14:48:55 GMT
Expires: Wed, 25 Sep 2024 03:12:44 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache30.l2sg1[0,200-0,H], cache8.de1[0,200-0,H], cache10.de1[0,0]
Age: 262021
X-Cache: HIT TCP_MEM_HIT dirn:0:709875137
X-Swift-SaveTime: Sun, 28 Sep 2014 16:59:38 GMT
<<< skipped >>>
GET /tps/i2/T1ToSpXtdcXXbCFbsb-100-100.jpg HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img02.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 4459
Connection: keep-alive
Date: Mon, 22 Sep 2014 04:53:47 GMT
Last-Modified: Fri, 26 Apr 2013 14:48:55 GMT
Expires: Thu, 19 Sep 2024 04:53:47 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache29.l2sg1[0,200-0,H], cache33.l2sg1[0,0], cache3.de1[0,200-0,H], cache10.de1[0,0]
Age: 774358
X-Cache: HIT TCP_MEM_HIT dirn:7:907388988
X-Swift-SaveTime: Sun, 28 Sep 2014 16:56:04 GMT
<<< skipped >>>
GET /9.gif?abc=1&rnd=37872731 HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cnzz.mmstat.com
Connection: Keep-Alive
Cookie: cna=MmqyDMhU6lECAbhrJiYFiPcH; sca=3f0ce6f6; tbsa=b6d4a17159269d7bfccd9513_1412135986_1; atpsida=ba565f533c22ab6913d47ac4_1412135986
HTTP/1.1 302 Found
Server: Tengine
Date: Wed, 01 Oct 2014 03:59:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
P3P: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
Set-Cookie: tbsa=b6d4a17159269d7bfccd9513_1412135988_2; path=/; domain=.cnzz.mmstat.com
Set-Cookie: atpsida=ba565f533c22ab6913d47ac4_1412135988; expires=Sat, 28-Sep-24 03:59:48 GMT; path=/; domain=.cnzz.mmstat.com
Location: hXXp://pcookie.cnzz.com/app.gif?&cna=MmqyDMhU6lECAbhrJiYFiPcH
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Pragma: no-cacheGIF89a.............!.......,...........L..;..
GET /t/font_1404888168_2057645.eot? HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: at.alicdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/octet-stream
Content-Length: 8652
Connection: keep-alive
Date: Mon, 25 Aug 2014 10:08:42 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=31557600
ETag: "1DA30AE7733100C4411A11D851465533"
Last-Modified: Wed, 09 Jul 2014 06:42:48 GMT
x-oss-request-id: 53FB0B2AF47FA107375FA699
Via: cache35.l2sg1, cache7.de1[0,200-0,H], cache7.de1[0,0]
Age: 3174663
X-Cache: HIT TCP_MEM_HIT dirn:7:428043585
X-Swift-SaveTime: Wed, 10 Sep 2014 18:14:02 GMT
<<< skipped >>>
GET /core.php?web_id=30062430&t=q HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c.cnzz.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 01 Oct 2014 03:59:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 01 Oct 2014 03:59:47 GMT
<<< skipped >>>
GET /home/css/error.css HTTP/1.1
Accept: */*
Referer: hXXp://store.taobao.com/shop/noshop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: VVV.taobao.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 01 Oct 2014 03:59:34 GMT
Content-Type: text/css
Last-Modified: Mon, 26 Jul 2010 02:20:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 01 Oct 2015 03:59:34 GMT
Cache-Control: max-age=31536000
<<< skipped >>>
GET /counter6?keys=TCART_234_17e002f6e58e45f8d59eecfe815ebe56_q&t=1412117811346&callback=jsonp0&t=1412117811346 HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: count.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 01 Oct 2014 03:59:45 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
Content-Encoding: gzip50.............*.. 0..V.qv...726.74O500J3K5.H51M.H1.LMMNK.04MMJ55./T..5.....7.K.<.....0..
GET /tb/global/3.1.5/global-min.css HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: g.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: text/css
Content-Length: 4196
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:55:01 GMT
Last-Modified: Tue, 02 Sep 2014 07:47:58 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Via: cache4.l2cn201[0,304-0,H], cache11.l2cn201[1,0], cache6.de1[0,200-0,H], cache5.de1[0,0]
Content-Encoding: gzip
Age: 283
X-Cache: HIT TCP_MEM_HIT dirn:0:680906672
X-Swift-SaveTime: Wed, 01 Oct 2014 03:55:01 GMT
<<< skipped >>>
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: g.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: text/css
Content-Length: 1061
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:18:19 GMT
Last-Modified: Thu, 06 Mar 2014 10:09:31 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Via: cache2.l2cn201[0,304-0,H], cache16.l2cn201[0,0], cache4.de1[0,200-0,H], cache5.de1[0,0]
Content-Encoding: gzip
Age: 2486
X-Cache: HIT TCP_MEM_HIT dirn:7:382533886
X-Swift-SaveTime: Wed, 01 Oct 2014 03:20:46 GMT
<<< skipped >>>
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: g.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: text/css
Content-Length: 964
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:40:00 GMT
Last-Modified: Wed, 23 Apr 2014 06:05:46 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Via: cache21.l2cn201[0,304-0,H], cache9.l2cn201[1,0], cache7.de1[0,200-0,H], cache5.de1[1,0]
Content-Encoding: gzip
Age: 1185
X-Cache: HIT TCP_MEM_HIT dirn:5:283681276
X-Swift-SaveTime: Wed, 01 Oct 2014 03:40:00 GMT
<<< skipped >>>
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: g.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/x-javascript
Content-Length: 9652
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:40:21 GMT
Last-Modified: Mon, 05 May 2014 09:27:35 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Via: cache6.l2cn201[0,304-0,H], cache29.l2cn201[0,0], cache2.de1[0,200-0,H], cache5.de1[0,0]
Content-Encoding: gzip
Age: 1165
X-Cache: HIT TCP_MEM_HIT dirn:1:828347386
X-Swift-SaveTime: Wed, 01 Oct 2014 03:42:26 GMT
<<< skipped >>>
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: g.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/x-javascript
Content-Length: 48937
Connection: keep-alive
Date: Wed, 01 Oct 2014 02:20:08 GMT
Last-Modified: Fri, 07 Mar 2014 04:43:07 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Via: cache23.l2cn201[0,304-0,H], cache16.l2cn201[0,0], cache8.de1[0,200-0,H], cache5.de1[0,0]
Expires: Sun, 28 Sep 2014 17:08:30 GMT
Content-Encoding: gzip
Age: 5978
X-Cache: HIT TCP_MEM_HIT dirn:0:848354231
X-Swift-SaveTime: Wed, 01 Oct 2014 03:04:49 GMT
<<< skipped >>>
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: g.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: text/css
Content-Length: 875
Connection: keep-alive
Date: Wed, 01 Oct 2014 02:48:17 GMT
Last-Modified: Mon, 23 Sep 2013 07:53:34 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Via: cache26.l2cn201[0,304-0,H], cache7.l2cn201[0,0], cache2.de1[0,200-0,H], cache5.de1[1,0]
Content-Encoding: gzip
Age: 4290
X-Cache: HIT TCP_MEM_HIT dirn:6:699121216
X-Swift-SaveTime: Wed, 01 Oct 2014 03:39:03 GMT
X-Swift-CacheTime: 3600...........VMs.0.. n3..m...4..^.....i.1.-..d=.$..'.......$.....-...v. ......'.4.0.!b).).I~A|.i.s"..o.A.&A.R.q..4|.j?@.R.p..0."...8Y`...ci.R..w.*.L...1k......yDiX4....y.u.{.X..v... ......T...['..m..............r...L..K..4.d..<..QDR...}...."m-HB..K.R....PHQ.".. .@..fs...!..}.e..f ..y.F...8.Q.q..K........LSo.*Cf......y&.R.uA....!...t..7....t..-d.k!.g...eq..k...c=....I=.....%..:F....K.W...!...:..c.9....9C3..0d".%....F........(.4.kd.....B....T.i...E...2..4:-.*.....P..5O.z.j...|...f].....H....:>.7.J..fw.[[...L.v.!.h....e.g.u........"...-...h^.W......*D.i...."bv.%.d..X..K*...I.....lb.h..PM...4..f.rO-=...2K...x..SS..T.P.4x........C`.{.......Bbg...h.liq..k.w./...h.W.....V.3 N.M........G.....yo."..... ...u..U.o....C.r...C..B........)....YJ.......p...).G'.?..b.6._%._..*..x.Y.p|s..}Y...k...i.F`....a]..c..]W-........#.]o....zM...k...j.N.:...Z.....]...._...exdw..._.e..@...........GET /sd/data_sufei/1.1.8/aplus/index.js HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: g.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/x-javascript
Content-Length: 9172
Connection: keep-alive
Date: Wed, 01 Oct 2014 03:41:24 GMT
Last-Modified: Thu, 04 Sep 2014 06:13:37 GMT
Cache-Control: max-age=315360000,s-maxage=3600
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Via: cache1.l2cn201[4,304-0,H], cache27.l2cn201[5,0], cache1.de1[0,200-0,H], cache5.de1[0,0]
Content-Encoding: gzip
Age: 1103
X-Cache: HIT TCP_MEM_HIT dirn:5:857793302
X-Swift-SaveTime: Wed, 01 Oct 2014 03:41:24 GMT
<<< skipped >>>
GET /stat.htm?id=30062430&r=&lg=en-us&ntime=none&cnzz_eid=1516345071-1412135986-&showp=1024x768&t=undefinedundefinedundefinedundefinedundefinedundefinedundefinedundefinedundefined&h=1&rnd=1199409612 HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: q4.cnzz.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine/1.4.1
Date: Wed, 01 Oct 2014 03:59:47 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Tue, 28 May 2013 02:57:17 GMT
Connection: close
Accept-Ranges: bytesGIF89a.............!.......,...........D..;..
GET / HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/x-ms-application, application/x-ms-xbap, application/vnd.ms-xpsdocument, application/xaml xml, */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: jie.taobao.com
Connection: Keep-Alive
HTTP/1.1 302 Found
Server: Tengine
Date: Wed, 01 Oct 2014 03:59:43 GMT
Content-Type: text/html
Content-Length: 260
Connection: keep-alive
Location: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">..<html>..<head><title>302 Found</title></head>..<body bgcolor="white">..<h1>302 Found</h1>..<p>The requested resource resides temporarily under a different URI.</p>..<hr/>Powered by Tengine..</body>..</html>..HTTP/1.1 302 Found..Server: Tengine..Date: Wed, 01 Oct 2014 03:59:43 GMT..Content-Type: text/html..Content-Length: 260..Connection: keep-alive..Location: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm..<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">..<html>..<head><title>302 Found</title></head>..<body bgcolor="white">..<h1>302 Found</h1>..<p>The requested resource resides temporarily under a different URI.</p>..<hr/>Powered by Tengine..</body>..</html>....
GET /tps/i3/T1aPSpXCNdXXbCFbsb-100-100.jpg HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img03.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 5342
Connection: keep-alive
Date: Thu, 04 Sep 2014 15:22:17 GMT
Last-Modified: Fri, 26 Apr 2013 14:48:55 GMT
Expires: Sun, 01 Sep 2024 15:22:17 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache16.l2sg1[0,200-0,H], cache23.l2sg1[0,0], cache4.de1[0,200-0,H], cache6.de1[0,0]
Age: 2291848
X-Cache: HIT TCP_MEM_HIT dirn:6:241307972
X-Swift-SaveTime: Sun, 28 Sep 2014 16:50:36 GMT
<<< skipped >>>
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: img03.taobaocdn.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/gif
Content-Length: 1393
Connection: keep-alive
Date: Thu, 04 Sep 2014 10:14:59 GMT
Last-Modified: Fri, 23 Mar 2012 06:18:51 GMT
Expires: Sun, 01 Sep 2024 10:14:59 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Via: cache26.l2sg1, cache6.de1[0,200-0,H], cache6.de1[0,0]
Age: 2310287
X-Cache: HIT TCP_MEM_HIT dirn:7:828896513
X-Swift-SaveTime: Wed, 10 Sep 2014 18:21:18 GMT
<<< skipped >>>
GET /1.gif?logtype=1&title=%u5E97%u94FA%u52A8%u6001-%u53D1%u73B0%u597D%u5E97&pre=&cache=12a20d5&scr=1024x768&isbeta=4&spm-cnt=a310h.2220293.0.0.l7tB25&category=&uidaplus=&aplus HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: log.mmstat.com
Connection: Keep-Alive
HTTP/1.1 302 Found
Server: Tengine
Date: Wed, 01 Oct 2014 03:59:46 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
P3P: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
Set-Cookie: cna=MmqyDMhU6lECAbhrJiYFiPcH; expires=Sat, 28-Sep-24 03:59:46 GMT; path=/; domain=.mmstat.com
Set-Cookie: sca=3f0ce6f6; path=/; domain=.mmstat.com
Set-Cookie: tbsa=b6d4a17159269d7bfccd9513_1412135986_1; path=/; domain=.mmstat.com
Set-Cookie: atpsida=ba565f533c22ab6913d47ac4_1412135986; expires=Sat, 28-Sep-24 03:59:46 GMT; path=/; domain=.mmstat.com
Location: hXXp://pcookie.taobao.com/app.gif?&cna=MmqyDMhU6lECAbhrJiYFiPcH
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Pragma: no-cacheGIF89a.............!.......,...........L..;..
GET /apps/ishopbook/src/pkg/wgt/nav-v2/iconfont.eot? HTTP/1.1
Accept: */*
Referer: hXXp://dongtai.taobao.com/highqualityshop/high_quality_shop.htm
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: t.tbcdn.cn
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/octet-stream
Content-Length: 17756
Connection: keep-alive
Date: Fri, 26 Sep 2014 18:00:38 GMT
Cache-Control: s-maxage=204063, max-age=3600
Expires: Fri, 26 Sep 2014 19:00:38 GMT
Last-Modified: Tue, 23 Jul 2013 08:26:33 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Via: cache32.l2sg1[0,304-0,H], cache28.l2sg1[0,0], cache6.de1[0,200-0,H], cache6.de1[0,0]
Age: 381547
X-Cache: HIT TCP_MEM_HIT dirn:1:673028952
X-Swift-SaveTime: Mon, 29 Sep 2014 02:36:10 GMT
<<< skipped >>>
GET / HTTP/1.1
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: shop63216378.taobao.com
Connection: Keep-Alive
HTTP/1.1 302 Moved Temporarily
Server: Tengine
Date: Wed, 01 Oct 2014 03:59:25 GMT
Content-Length: 0
Connection: close
S: STATUS_NOT_EXISTED
P3P: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
Location: hXXp://store.taobao.com/shop/noshop.htm
Content-Language: zh-CN
Accept-Ranges: bytes
X-Varnish: 412457660
Age: 0
Via: 1.1 varnish
X-CacheHits: 0
X-Cache: MISSHTTP/1.1 302 Moved Temporarily..Server: Tengine..Date: Wed, 01 Oct 2014 03:59:25 GMT..Content-Length: 0..Connection: close..S: STATUS_NOT_EXISTED..P3P: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'..Location: hXXp://store.taobao.com/shop/noshop.htm..Content-Language: zh-CN..Accept-Ranges: bytes..X-Varnish: 412457660..Age: 0..Via: 1.1 varnish..X-CacheHits: 0..X-Cache: MISS..
Map
The Trojan connects to the servers at the folowing location(s):
Strings from Dumps
%original file name%.exe_580:
.text
.text
`.rdata
`.rdata
@.data
@.data
.rsrc
.rsrc
t$(SSh
t$(SSh
~%UVW
~%UVW
u$SShe
u$SShe
hXXp://517.7q7q.info/dy.asp|ppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
hXXp://517.7q7q.info/dy.asp|ppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
&qqpassword=
&qqpassword=
aaa@xx.com|rrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
aaa@xx.com|rrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
15399997@qq.com|bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
15399997@qq.com|bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
hXXp://VVV.3322.org/dyndns/getip
hXXp://VVV.3322.org/dyndns/getip
15399997
15399997
111111111
111111111
11111111
11111111
110119112
110119112
12345678
12345678
55555555
55555555
hXXp://shop63216378.taobao.com
hXXp://shop63216378.taobao.com
smtp.xx.com|sssssssssssssssssssssssaassssaassssssssssssssssssssssssssssssssssssssssssssssssssssssss
smtp.xx.com|sssssssssssssssssssssssaassssaassssssssssssssssssssssssssssssssssssssssssssssssssssssss
password|wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww
password|wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww
CJ$$Yf..vx tv#$be
CJ$$Yf..vx tv#$be
165448879
165448879
TC0001.DAT
TC0001.DAT
Tenparty.DAT
Tenparty.DAT
F%*.*f
F%*.*f
CNotSupportedException
CNotSupportedException
commctrl_DragListMsg
commctrl_DragListMsg
Afx:%x:%x:%x:%x:%x
Afx:%x:%x:%x:%x:%x
Afx:%x:%x
Afx:%x:%x
COMCTL32.DLL
COMCTL32.DLL
CCmdTarget
CCmdTarget
__MSVCRT_HEAP_SELECT
__MSVCRT_HEAP_SELECT
user32.dll
user32.dll
RASAPI32.dll
RASAPI32.dll
iphlpapi.dll
iphlpapi.dll
SHLWAPI.dll
SHLWAPI.dll
MPR.dll
MPR.dll
WINMM.dll
WINMM.dll
WS2_32.dll
WS2_32.dll
VERSION.dll
VERSION.dll
GetProcessHeap
GetProcessHeap
WinExec
WinExec
KERNEL32.dll
KERNEL32.dll
GetKeyState
GetKeyState
USER32.dll
USER32.dll
GetViewportOrgEx
GetViewportOrgEx
GDI32.dll
GDI32.dll
WINSPOOL.DRV
WINSPOOL.DRV
RegCloseKey
RegCloseKey
RegOpenKeyExA
RegOpenKeyExA
RegCreateKeyExA
RegCreateKeyExA
ADVAPI32.dll
ADVAPI32.dll
ShellExecuteA
ShellExecuteA
SHELL32.dll
SHELL32.dll
ole32.dll
ole32.dll
OLEAUT32.dll
OLEAUT32.dll
COMCTL32.dll
COMCTL32.dll
WSOCK32.dll
WSOCK32.dll
HttpQueryInfoA
HttpQueryInfoA
HttpSendRequestA
HttpSendRequestA
HttpOpenRequestA
HttpOpenRequestA
InternetCrackUrlA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetCanonicalizeUrlA
WININET.dll
WININET.dll
GetCPInfo
GetCPInfo
CreateDialogIndirectParamA
CreateDialogIndirectParamA
UnhookWindowsHookEx
UnhookWindowsHookEx
SetWindowsHookExA
SetWindowsHookExA
SetViewportOrgEx
SetViewportOrgEx
OffsetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
SetViewportExtEx
ScaleViewportExtEx
ScaleViewportExtEx
GetViewportExtEx
GetViewportExtEx
comdlg32.dll
comdlg32.dll
.PAVCException@@
.PAVCException@@
.PAVCNotSupportedException@@
.PAVCNotSupportedException@@
.PAVCFileException@@
.PAVCFileException@@
(*.prn)|*.prn|
(*.prn)|*.prn|
(*.*)|*.*||
(*.*)|*.*||
Shell32.dll
Shell32.dll
Mpr.dll
Mpr.dll
Advapi32.dll
Advapi32.dll
User32.dll
User32.dll
Gdi32.dll
Gdi32.dll
Kernel32.dll
Kernel32.dll
(&07-034/)7 '
(&07-034/)7 '
?? / %d]
?? / %d]
%d / %d]
%d / %d]
: %d]
: %d]
(*.WAV;*.MID)|*.WAV;*.MID|WAV
(*.WAV;*.MID)|*.WAV;*.MID|WAV
(*.WAV)|*.WAV|MIDI
(*.WAV)|*.WAV|MIDI
(*.MID)|*.MID|
(*.MID)|*.MID|
(*.txt)|*.txt|
(*.txt)|*.txt|
(*.JPG;*.BMP;*.GIF;*.ICO;*.CUR)|*.JPG;*.BMP;*.GIF;*.ICO;*.CUR|JPG
(*.JPG;*.BMP;*.GIF;*.ICO;*.CUR)|*.JPG;*.BMP;*.GIF;*.ICO;*.CUR|JPG
(*.JPG)|*.JPG|BMP
(*.JPG)|*.JPG|BMP
(*.BMP)|*.BMP|GIF
(*.BMP)|*.BMP|GIF
(*.GIF)|*.GIF|
(*.GIF)|*.GIF|
(*.ICO)|*.ICO|
(*.ICO)|*.ICO|
(*.CUR)|*.CUR|
(*.CUR)|*.CUR|
%s:%d
%s:%d
windows
windows
out.prn
out.prn
%d.%d
%d.%d
%d / %d
%d / %d
%d/%d
%d/%d
Bogus message code %d
Bogus message code %d
(%d-%d):
(%d-%d):
%ld%c
%ld%c
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
HTTP/1.0
HTTP/1.0
%s
%s
Reply-To: %s
Reply-To: %s
From: %s
From: %s
To: %s
To: %s
Subject: %s
Subject: %s
Date: %s
Date: %s
Cc: %s
Cc: %s
%a, %d %b %Y %H:%M:%S
%a, %d %b %Y %H:%M:%S
HELO %s
HELO %s
SMTP
SMTP
AUTH LOGIN
AUTH LOGIN
LOGIN
LOGIN
AUTH=LOGIN
AUTH=LOGIN
EHLO %s
EHLO %s
Content-Type: application/octet-stream; name=%s
Content-Type: application/octet-stream; name=%s
Content-Disposition: attachment; filename=%s
Content-Disposition: attachment; filename=%s
MAIL FROM:
MAIL FROM:
RCPT TO:
RCPT TO:
VVV.dywt.com.cn
VVV.dywt.com.cn
.PAVCObject@@
.PAVCObject@@
.PAVCSimpleException@@
.PAVCSimpleException@@
.PAVCMemoryException@@
.PAVCMemoryException@@
.?AVCNotSupportedException@@
.?AVCNotSupportedException@@
.PAVCResourceException@@
.PAVCResourceException@@
.PAVCUserException@@
.PAVCUserException@@
.?AVCCmdTarget@@
.?AVCCmdTarget@@
.?AVCCmdUI@@
.?AVCCmdUI@@
.?AVCTestCmdUI@@
.?AVCTestCmdUI@@
.PAVCArchiveException@@
.PAVCArchiveException@@
zcÃ
zcÃ
c:\%original file name%.exe
c:\%original file name%.exe
#include "l.chs\afxres.rc" // Standard components
#include "l.chs\afxres.rc" // Standard components
(*.*)
(*.*)
VVV.tongtong.com.cn
VVV.tongtong.com.cn
1.0.0.0
1.0.0.0
iexplore.exe_316:
%?9-*09,*19}*09
%?9-*09,*19}*09
.text
.text
`.data
`.data
.rsrc
.rsrc
msvcrt.dll
msvcrt.dll
KERNEL32.dll
KERNEL32.dll
NTDLL.DLL
NTDLL.DLL
USER32.dll
USER32.dll
SHLWAPI.dll
SHLWAPI.dll
SHDOCVW.dll
SHDOCVW.dll
Software\Microsoft\Windows\CurrentVersion\Explorer\BrowseNewProcess
Software\Microsoft\Windows\CurrentVersion\Explorer\BrowseNewProcess
IE-X-X
IE-X-X
rsabase.dll
rsabase.dll
System\CurrentControlSet\Control\Windows
System\CurrentControlSet\Control\Windows
dw15 -x -s %u
dw15 -x -s %u
watson.microsoft.com
watson.microsoft.com
IEWatsonURL
IEWatsonURL
%s -h %u
%s -h %u
iedw.exe
iedw.exe
Iexplore.XPExceptionFilter
Iexplore.XPExceptionFilter
jscript.DLL
jscript.DLL
mshtml.dll
mshtml.dll
mlang.dll
mlang.dll
urlmon.dll
urlmon.dll
wininet.dll
wininet.dll
shdocvw.DLL
shdocvw.DLL
browseui.DLL
browseui.DLL
comctl32.DLL
comctl32.DLL
IEXPLORE.EXE
IEXPLORE.EXE
iexplore.pdb
iexplore.pdb
ADVAPI32.dll
ADVAPI32.dll
MsgWaitForMultipleObjects
MsgWaitForMultipleObjects
IExplorer.EXE
IExplorer.EXE
IIIIIB(II<.fg>
IIIIIB(II<.fg>
7?_____ZZSSH%
7?_____ZZSSH%
)z.UUUUUUUU
)z.UUUUUUUU
,....Qym
,....Qym
````2```
````2```
{.QLQIIIKGKGKGKGKGKG
{.QLQIIIKGKGKGKGKGKG
;33;33;0
;33;33;0
8888880
8888880
8887080
8887080
browseui.dll
browseui.dll
shdocvw.dll
shdocvw.dll
6.00.2900.5512 (xpsp.080413-2105)
6.00.2900.5512 (xpsp.080413-2105)
Windows
Windows
Operating System
Operating System
6.00.2900.5512
6.00.2900.5512