{"report_id":"518a1d59-d4ec-4598-83aa-56b690a0033b","version":6,"status":"done","tags":[],"date":"2025-10-06T14:54:23Z","url":{"schema":"http","addr":"www.downxia.com/","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":0,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"final":{"url":{"schema":"https","addr":"www.downxia.com/","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"title":"当下软件园-提供最新绿色软件_热门手机游戏应用APP下载"},"submit":{"url":{"schema":"http","addr":"www.downxia.com/","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":0,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-10T14:54:23Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"pic.downxia.com","ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"domain_registered":"2005-08-29","domain_rank":7168535,"first_seen":"2024-04-25T05:58:55Z","last_seen":"2025-09-02T12:31:00.683323Z","alert_count":250,"request_count":250,"received_data":5415053,"sent_data":115522,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.downxia.com","ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"domain_registered":"2005-08-29","domain_rank":4891003,"first_seen":"2012-06-21T06:58:33Z","last_seen":"2025-09-02T12:31:00.790591Z","alert_count":158,"request_count":158,"received_data":1179373,"sent_data":73655,"comment":"","tags":null,"fingerprints":null},{"fqdn":"hm.baidu.com","ip":{"addr":"111.45.3.198","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2025-10-05T23:38:42.511833Z","alert_count":0,"request_count":2,"received_data":31248,"sent_data":1289,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.downxia.com/dgjs/index.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"a5ef82fc38a2d2583b406b2ff1f65bcf","sha1":"9973e26da28a9981c32d2da9963e8b64050c1d20","sha256":"f026ce06396aff73ace56c04ddfcc786ba9b59784293f866367057dfe35d632e","sha512":"343e4c3e9d26249d9ac06a77c19143ffd02cac8c196b8bee637ad7be573428932255583ac2ac48f17731b2d998daecccdfe5c4736ae6570702640f83952c9725","ssdeep":"","tlshash":"dd313188e9151a79a273733497fa8108f9f368336608d160f92c94d07fb3a61516afec","size":1695,"data":"","first_seen":"2023-03-26T07:56:35Z","last_seen":"2026-03-04T05:46:55.192291Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"eval","is_inline":false,"md5":"959070919e112d9228146e25359d2954","sha1":"4bc0439452f94ca3c7b1eca378f92fe8e46ef40a","sha256":"05c85b879965b268c1c95c18453c4a3c3a509cb7ce36b24ce344cba166d19494","sha512":"f9a20459fa29c9af0ecfa9572c6dfe2c07c6d29c1017b01d6a78d9428e0e237926776674cf45c448d3f302f664ddf07c684878a01cc46e0cbc9095b9176385b1","ssdeep":"","tlshash":"3750000000003000003000f000f000300000000000300000cc03c00300c00c03000000","size":10,"data":"","first_seen":"2023-03-26T07:56:35Z","last_seen":"2026-04-16T01:23:17.061136Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/lib.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"60f67ef5a7e43d9b2b32f6b47f7052bd","sha1":"c0124d98f17cf4aaae7767f6d4be4ea7825426f6","sha256":"1a25a979aff7d1df4887bd2dd4877847e6aa8926d027fd624a05328b95c4e1eb","sha512":"2236d32e8c894d2b4927c4438203609d3f31a914df69ca2df3f07c07fd66965fef9a2b729ade6f08cf6553f9b882fcbbdb1f0c501ce1da10ce6f1ae2b6bfdeb2","ssdeep":"","tlshash":"ca31ac6afb4c5e5a40e331ea013b9404ededa5158d1646a0f4be04f52fe54486f3bced","size":1740,"data":"","first_seen":"2024-05-20T23:08:36Z","last_seen":"2026-04-16T01:23:16.903551Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"c4dece310ad854814fbae39968680352","sha1":"a0e9c73bc3f1401fcccce2b946cc56acf3644bfa","sha256":"c607f6fb83ec4e962bab9252856561cd9a3709b182a1aa5620ed8c29717830a1","sha512":"675e21b318ea928afb25fc91371bcfa24687f35c6757a3fbc444f89ecb0915d8b46ea4380df654ceeb65e534b56885174c3cf7d39be82c6039f4eb928453667a","ssdeep":"","tlshash":"fb80047334c0d70c1701414d4001114454c31c15044c44fdc03407345d304534010101","size":37,"data":"","first_seen":"2024-05-20T23:08:36Z","last_seen":"2026-03-04T05:46:55.640245Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"010708870679ce590c26b46ca7c45178","sha1":"f41857d3fa395de329caab7576aff9188471f71b","sha256":"93f43c4bba0031ad7d39dcb95e4eea20f573ee08dbec8da95a3190af91635270","sha512":"9ac1f4b633e6210b3d091c527673e70c5d99fc6a6fcd38d971f042644148b69b8d3c37277c620f6e68ea39a341f0b1dcff3a04b765086c3eecab2683a66ab522","ssdeep":"","tlshash":"0db092a39457c6ba92f9021879a072882666072824844a7c10826a2276dd01b38491cf","size":115,"data":"","first_seen":"2025-01-03T05:17:31.72515Z","last_seen":"2026-03-04T05:46:55.640701Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"41a4289bd12775d0f1aa606361e35132","sha1":"381f53878a8cf7c0b706daeed45817f0fdc0ce99","sha256":"892ab89c207d3ca107129b0a2e22f69a502936edc572d53f6a8d6953a50f3c6e","sha512":"47b97c891be456655d7b0b8caf05e5597aabf3f192831491ef97a382c7c456f3184c24d9e73db89766feecb54f67639a3b28877eaca09f1f530123d74409f47b","ssdeep":"","tlshash":"d1f05cee5381c44d34f33d79e9126a1c71dc1e356dae58cccc44211928da9d315d15ef","size":480,"data":"","first_seen":"2025-10-06T14:54:37.064537Z","last_seen":"2025-10-06T14:54:37.064537Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/cui.js?1","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"43a560ac53ace0805b7652a20cf07492","sha1":"08f68a3fbfc3edf2e709d43a6c52f72aec1e422b","sha256":"1dc81993059aff51337b54d00ce5cd945bc384338bd6e92dd9e1dcb84bbf2335","sha512":"55ec9ac2946e74d80216f5b4757db95a7719c68fb10d1ec13833801e51b1f529bf25645e2f4824e146399e2abb0390214cfe8690b15149464f90a9f96559e9d1","ssdeep":"192:H/lWcbKvtjuJ7H4zxzxxzxxxzxxxxFxxxxxFxxxxx+4x4xx4xxx4xxxx4xxxxxK3:H/lWRFck0WI","tlshash":"c242341cb22c1eb452bf15ae6b2dd4d4dd1a0427524cb703f4bd096a2ff4448ba369eb","size":11999,"data":"","first_seen":"2025-01-03T05:17:31.731952Z","last_seen":"2026-04-16T01:23:16.763369Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"625df047f0e32e83a4a096785e8715d4","sha1":"2fb20519deae5a0b1bddd54daaa6cbb4e27b5e2c","sha256":"85862996c246a46fb4377f55382b5a0be13b2091a4c98b1108f749f521626dab","sha512":"9d190b8dd210668ffad9400cb187a8177662a236c199ad05dc6c05ffa6852b18aa28eb932c750cceae3c043bee1d71ddb3c8e5f359b923ee16f6d78a3c6927e5","ssdeep":"","tlshash":"a850000033c300000000ccc0030c0c000000c0330000c0030000000c00c3000c000030","size":10,"data":"","first_seen":"2023-03-26T07:56:35Z","last_seen":"2026-04-16T01:23:17.093516Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"6d75824efad5c6192315352f114a3b65","sha1":"d3a2f2716027453012a72983d07bd92e1e6070fd","sha256":"6117c81c3cd6dae96235ddaf117980a2c25bf8e77e98c3e06dc34be9c13a755f","sha512":"295df4460020f7261df5ef1fea2944c1522abd4a45e90bc7f382a9a1b3e8ef8173edcb13bf09991b5231f849ec9ecb46d4b56512d3b88790c312d2832a13b977","ssdeep":"","tlshash":"0c60000033c30c3000c0c00300300c00000cf0330000c003c000000c00c3000ccc0030","size":14,"data":"","first_seen":"2023-03-26T07:56:35Z","last_seen":"2026-04-16T01:23:17.096109Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-05-01T15:37:46.002372Z","times_seen":109205,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/common.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"043a512d415fe741ef7ec356132d3a30","sha1":"53070533e4bc97e7e5518b98e8e767713f2b57f6","sha256":"f7c163cb0ed738bfc92db29cf8ebbae9abe3c0fa89d00abcc99e9f333d661822","sha512":"bcb2440fb588618f6335d90711204dc1ecaeacb7996b8bc37b22e546abaeffa127fc4440e75cf05c02ce0811e852c7335ee6d3b7d4c7392b771b48bfab14fe6b","ssdeep":"96:cme/3tfiXUGqELj1X/DknNxDSDKho7hBZIOhbjp4Lr7LUBzI:O3tfi5qKX/eNxOtNBZ5h6Lr7IBs","tlshash":"d8e1ce09b7bc0f9291f7238a173951c1ee2a481766558342f8f846b93fb590ca623d7b","size":7323,"data":"","first_seen":"2025-01-03T05:17:31.246562Z","last_seen":"2026-04-16T01:23:16.974685Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/tongjig.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"f05eb463dc1f52d11ed5225e684f68f8","sha1":"fe8c53faf81f8fb6c3f4214fae61c9b754341308","sha256":"8275d8c2954d9d57a2eea26eb4070ae6ed83c36a2a45f020dfa4bf15d056c1fa","sha512":"c484187cd18d10615cc42df81756a947d4e266bc3189e3a109d0c57175eeffdf803864f70c7867e2e0c26c1d6bfcc934495da9f3215e503c8969b5a1eb9ff2f5","ssdeep":"","tlshash":"4b21fd6f280468382b9218b942bfe64cf9b7206c552bc007e4ddc88a2c78fc5083a7cc","size":1331,"data":"","first_seen":"2024-05-20T23:08:36Z","last_seen":"2026-04-16T01:23:17.048626Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-05-01T15:37:46.002372Z","times_seen":109205,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?00526ff88a0f942f7aba7a59e0e7b53b","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.3.198","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"904257b9aeaa910483fb5bc6b0d0e236","sha1":"e8d95cf3361f8e3e76463703b5d0c6682b87efdc","sha256":"31aea347edca2418d1df27cf2cf4d19e3a9d573ddca43a592badd213974fdb55","sha512":"1fec948b46fe4ebb3f97c34d8828893c355f2aa5d66bf1eaed3e408d8efee90a54f22b02861e9abe763704add08745446c879bf76da8a2b499a45c819472db1f","ssdeep":"384:zJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:z4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"8fd2d9e9b182713293a324a5157f320af07b6e54bd4968a4f11894c07d78fab027bfdd","size":30266,"data":"","first_seen":"2025-10-06T14:54:36.180941Z","last_seen":"2025-10-06T14:54:36.180941Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/uaredirect.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"a2b8d1f604c569b1e001eb520c8a853f","sha1":"a57b1a042290fa42501368ee46bd112289b2cdd9","sha256":"81cbd7692ae8a9ec6597fe5c8f64dde6ddc700524a159b7cbc52c4e0f2ad4480","sha512":"87400445979f78356d373f87ec555d8449b5ddd058a1f03b58fa66bc5927751531c063966dc77f2bfa067d0a5f00f03ea8d24f2964f54f65faca48e0d0cfbfcc","ssdeep":"","tlshash":"8d11c2c7218156621ee22c25f1bf63929977d8d71d0dd069c154d861302598fed37f48","size":974,"data":"","first_seen":"2024-05-20T23:08:36Z","last_seen":"2026-03-26T10:00:03.832455Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/jquery.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"3576a6e73c9dccdbbc4a2cf8ff544ad7","sha1":"06e872300088b9ba8a08427d28ed0efcdf9c6ff5","sha256":"61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf","sha512":"27d41f6cfb8596a183d8261509aeb39fcffb3c48199c6a4ce6ab45381660c2e8e30e71b9c39163c78e98ceabc887f391b2d723ee5b92b6fbc81e48ac422e522b","ssdeep":"1536:s6IzxETpavYSGaW4snuHEk/yosnSFngC/VEEG0vd0KO4emAp2LSEMBoviR+I1z5T:O+vIklosn/BLXjxzMhsSQ","tlshash":"b393f8ed73c6717243ab30ae40af610ef1365869280d8410f129e8f9bc79a499277f7d","size":93636,"data":"","first_seen":"2023-03-07T01:02:53Z","last_seen":"2026-05-01T15:32:30.746528Z","times_seen":32506,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/jquery.SuperSlide.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"7ea11fbb848cdb739af15e147a37c765","sha1":"69fd9147cb1bf62e87f9d691f465bc7b2b317cd6","sha256":"b83518398431f34d291551fc041d1a628d46a21e9cfdcde946911e03b8332148","sha512":"e8f0c9e5d6c9c66eb058bc2243bc2e0dca62644fe5fd1df8fe9651d3978d177209915501d364ce6f09d6a9f84a3506a5a786908e2cfe65bd2619064a99901c05","ssdeep":"192:YZK3bYHfc2gahQVoViSItpluMCuXGV+1tT1l50FH5oYyskaHwmIuTNSaXHZe2HNE:YcYc2gdWhMZWClnHhlwyT1Xh3","tlshash":"c232d65fb5b675ce4597b3f0107f940d222b5569fc8a8ca0b07082c4aeb9918243bfec","size":11214,"data":"","first_seen":"2023-04-07T05:01:53Z","last_seen":"2026-04-30T10:27:53.623381Z","times_seen":265,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"c573d8a99a011b0ab3b64b75f9620551","sha1":"268fc03941acc3da21ebc0d38e32b34b206c59ff","sha256":"f9019783ddec34d8c687699e7eeb68e3a6de63b78cadfa84b259ba36fb37287a","sha512":"f59b8f034d74063b1431855addc92bcf50ee418748616fec9151ddeba07f8d4726e8d8ebc3ce3869b163b73f271360014a776e3ea92f958f407c305390722ca4","ssdeep":"","tlshash":"90900400d01c1504c00054404dd57f1330d00d07d7043705c51cd13c510f040141d445","size":40,"data":"","first_seen":"2023-03-26T07:56:35Z","last_seen":"2026-04-16T01:23:17.097853Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c69beaef5754f6ae5636984909dcb101","sha1":"7460410433c137c8124a7681126863dcc0172caa","sha256":"411fdb22d8d9298e5d32f2cdcc7e865f8f3bf55c5ad15133b18e1b86bb7a2499","sha512":"a818311919fc148e40131f9dd2808f9dcb609103a1c6c0b643d179451885d66bf8202703a5905c435db4282ee90d5bee73d338a3b46db7895f2bb8f146b8ae0d","ssdeep":"","tlshash":"16400000000300000030c0000000000000c00000c0000000030c000000c00003000000","size":7,"data":"","first_seen":"2023-03-07T12:06:19Z","last_seen":"2026-05-01T08:30:43.1097Z","times_seen":488,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/1113/20211113044513758.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/1113/20211113044513758.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 10618\r\nConnection: keep-alive\r\nLast-Modified: Sat, 13 Nov 2021 08:45:13 GMT\r\nAccept-Ranges: bytes\r\nETag: \"c6bd4cc66ad8d71:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28818\r\nX-Ser: i34694_c4672, i2103119_c28197, i1940277_c22409, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10618,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"d8c27feb1a54cd679a6c458ec8c57069","sha1":"0ce03b4fc2e0cd2ebc8361630555b218767f2f74","sha256":"d35cd2e6c607e91fd93215c632ce9b970c0d9729d92297817cf9913eb37b1139","sha512":"dece8ee3e90558ddd2577540e61c9bf9cdc82b77bb519ad309593f35c25c904dea59faf2f2ac172ff19dde44cec986664a1bbdd5c16f2ef14e10390744efc596","ssdeep":"192:CC9fuZe+AyzVmDX8rB6MDxGI54XAudvLFSEY3y9jB8Zjsofagx+:CCxH+h08rwMQI2763y9V8ZffH0","tlshash":"4a22d1e94f541e7c1d4fe8a8e2a21961670f0925fae1565d1ca1f39e414fc4443b3239","first_seen":"2025-10-06T14:54:36.162564Z","last_seen":"2025-10-06T14:54:36.162564Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5594,"timings":{"blocked":5572,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117042007556.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.958Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117042007556.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 08:20:07 GMT\r\naccept-ranges: bytes\r\netag: \"80152997bbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 3724\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3724,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"b33d2f53888042aa2a9da4ced497808c","sha1":"59ee8d656696cbd2ab498627fe94f371b2898a81","sha256":"3a2cf3ae5154686927388bc21d1db183133bd7b9245fa632f82ff709bdf1c24c","sha512":"d0802b1461ca60e89a97d738acf8b7ac96aadccc34c1119c5e379dec0eb15f93b8c2eabf881667053297ebe2c1760035963f776f3a48144d239940177904d91d","ssdeep":"","tlshash":"b7714a8cf4007a7694aae5250c8528e345930511c3b9e7ea368fc56b60839ba920f2ff","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.413131Z","times_seen":15,"resource_available":false,"data":null}},"time_used":869,"timings":{"blocked":517,"dns":0,"connect":0,"send":0,"wait":352,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/0222/20210222020634464.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/0222/20210222020634464.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 6168\r\nConnection: keep-alive\r\nLast-Modified: Mon, 22 Feb 2021 06:06:34 GMT\r\nAccept-Ranges: bytes\r\nETag: \"a86833dfe08d71:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 77154\r\nX-Ser: i19049_c6956, i2103129_c28197, i1940269_c22409, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6168,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"13661ef6922050ec5a884189c53e1ff2","sha1":"15ddcdb6475a0b56d6e4a88bb6293e1747102540","sha256":"570a79de1d263c7d903bbc8097d1cdac2cd3b5e055249748844275b802e0f219","sha512":"e3ff553764ebf02623f6cc37bc0f2e724719b4a7a6efc684a16f14cd2cd6bfa5850bec49aa386f4839a7c4e6ca94563088a249a363c56848d52d613d72ea5a77","ssdeep":"96:VGfeX2uCjTuChX4ws6aXM9Ts4BDBlOB/xmdHKtty9BWZLi91ra36uQfIHP48Z:XmtjT5fsfXMe6DB0B/xcKtty9AZLLR4Y","tlshash":"05d18ef1a5399ef15ed5cc5ea7e70c6be1af047c5c42e1078aa93721c39141d6170b16","first_seen":"2025-10-06T14:54:36.172119Z","last_seen":"2025-10-06T14:54:36.172119Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4989,"timings":{"blocked":4963,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/1230/20241230014826323.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/1230/20241230014826323.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 9486\r\nConnection: keep-alive\r\nLast-Modified: Mon, 30 Dec 2024 05:48:26 GMT\r\nAccept-Ranges: bytes\r\nETag: \"b3b64727e5adb1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i32015_c12732, i2103129_c25795, i58866_c11118, i1940275_c22701, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9486,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"5940b4afc21c8ba0c1098c539ea32ec8","sha1":"5b5d419d20d2f25e4c846e32b3d451fa508aff71","sha256":"2aacc6e0fc4df1fc9188ab9b9bda7b4fcf1d47cd32d56086f109b6d6b017e8d3","sha512":"e2c50d262980a3fba104e7106b8abd7ccd42d153c0cb9a8f2477d4c9cd35994bd34df5c0b3bef39473f2d9c0d19c80e2b7e003520ab4bc4305466f5c39bfeb62","ssdeep":"192:K3SWu+O/CCdb6UacXYNkB6hKyNN1SHis6HKBXN5Xl6qcXH6A:B3/CkbNacwkBgKyN77s6qBXNFJcKA","tlshash":"e712c0f38c82aa6488adaaa3d3d8d1cdd7dfe37771020a097001f7311b5b58a5c9cd42","first_seen":"2025-01-03T05:17:31.466809Z","last_seen":"2026-04-16T01:23:16.86784Z","times_seen":4,"resource_available":false,"data":null}},"time_used":5756,"timings":{"blocked":5735,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?00526ff88a0f942f7aba7a59e0e7b53b","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.3.198","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?00526ff88a0f942f7aba7a59e0e7b53b HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11660\r\nContent-Type: application/javascript\r\nDate: Mon, 06 Oct 2025 14:53:50 GMT\r\nEtag: 842c9ab84907e71f6dd2c66c412c03c5\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=C3C94CA83C682A71; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":30266,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (990)","md5":"904257b9aeaa910483fb5bc6b0d0e236","sha1":"e8d95cf3361f8e3e76463703b5d0c6682b87efdc","sha256":"31aea347edca2418d1df27cf2cf4d19e3a9d573ddca43a592badd213974fdb55","sha512":"1fec948b46fe4ebb3f97c34d8828893c355f2aa5d66bf1eaed3e408d8efee90a54f22b02861e9abe763704add08745446c879bf76da8a2b499a45c819472db1f","ssdeep":"384:zJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:z4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"8fd2d9e9b182713293a324a5157f320af07b6e54bd4968a4f11894c07d78fab027bfdd","first_seen":"2025-10-06T14:54:36.180941Z","last_seen":"2025-10-06T14:54:36.180941Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1028,"timings":{"blocked":-1,"dns":5,"connect":237,"send":0,"wait":305,"receive":1,"ssl":480},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/1121/20221121051112571.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/1121/20221121051112571.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 9526\r\nConnection: keep-alive\r\nLast-Modified: Mon, 21 Nov 2022 09:11:12 GMT\r\nAccept-Ranges: bytes\r\nETag: \"83fe533389fdd81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 1145\r\nX-Ser: i37222_c28455, i2475937_c28821, i1940251_c22701, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9526,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"ea0e4d5ec05652384db1992a2b53ddca","sha1":"d37f0ed857de08f2aa1cea9526d1e8e5d36a67cd","sha256":"60f93599fd11baf01ace4fc8292ea9724ce181a14c46a673e83c6d2a6a4b7552","sha512":"14e58bf99fd48e5ce95923e6ab7db8504103d703c0bc32dc4609a65ac2d43a7223da4a2ebeb2381ffde1f96d5e511d141abc7860a5292f5435d5666047ff5a44","ssdeep":"192:EW0r5Vi0nv4cSy1lHVOGgG1xflk2vE3H+YcSqVO2/:2iazTgGTfl/MpcOk","tlshash":"2e12b08b5ba9527426e8f0581c73ba35c4b53d1a88f7ac9857812e1d091343c945b7d9","first_seen":"2025-10-06T14:54:36.184163Z","last_seen":"2025-10-06T14:54:36.184163Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5712,"timings":{"blocked":5682,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0806/20250806022653441.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0806/20250806022653441.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nReferer: https://www.downxia.com/\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 42355\r\nConnection: keep-alive\r\nLast-Modified: Wed, 06 Aug 2025 06:26:53 GMT\r\nAccept-Ranges: bytes\r\nETag: \"c1b874199b6dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28820\r\nX-Ser: i90984_c21609, i2475911_c28821, i1940269_c22409, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42355,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"7930dcb0b7183b302acdcbccbefb9992","sha1":"b578416eae3809446383e77b9bda6f7480488945","sha256":"e41975dd19af2a72ad73533e2428de407b5ff2c4f6e365755888159acef6fd83","sha512":"5255e9fd2136d5a05029375b83f33ea68a3e53643f1e18015e6d2e4e0a2bbf88582520d924c2726381de87dbffbe7ded2b7d163f16c8408da2c7db6248773a10","ssdeep":"768:PYe9V/fcE5wwwCqzlbBVzp/wrG1MQBvtfjotlbCxFEevq2PTXpyXWqj9PwwiK:PX3kmwwTqzlbBVzpoK6QB5FwKymqj9br","tlshash":"7c13f1a92d8d355a40ae7031912de0dad32de348c517bb71b70cf53da68e9dfc52a309","first_seen":"2025-10-06T14:54:36.187105Z","last_seen":"2026-04-16T01:23:16.736901Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5745,"timings":{"blocked":5716,"dns":0,"connect":0,"send":0,"wait":23,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012025903743.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012025903743.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:59:03 GMT\r\naccept-ranges: bytes\r\netag: \"80d5eba336bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2641\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2641,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"a2fb1e89742824901ac4dc0e448ae746","sha1":"2a1da98bc55f42a7d31fa63c89f875fb70d84023","sha256":"5ff703b4f14ae7ed3259b61ecb0457321fa3873f21c6f164e0b0310cb31944fb","sha512":"245137d6c1f6b52ffffcbad08a2c9db9e221f50483ba3946f34f9682bf1858c8301f39d88a77188787c612fa7285f555b71e4925ab4d5493e5be2ffe7266b649","ssdeep":"","tlshash":"76513cc7ab25be83615cdc0339eb912ad817081091f8e561acdad40a0c34be45d9b9c7","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.252736Z","times_seen":15,"resource_available":false,"data":null}},"time_used":773,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":773,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117110804938.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117110804938.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 03:08:04 GMT\r\naccept-ranges: bytes\r\netag: \"0262714fbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3182\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3182,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"fe46b7c4e273145e51f466c34e3993ef","sha1":"929dfd8a0572e7921dc6cbdf9cf02074954ad5f4","sha256":"2a06ab47f6567e138fb9df2b4b000d443f86718624e0fac0010e0dffaabb318e","sha512":"5d5e87aed716c3c73004ea027bc6b0a3413257e7e3074c3e9e7e83232566fef2b69b5bda6325928ecc00778f1d62cf278cfdc56ff11246ee4a532e5a11363075","ssdeep":"","tlshash":"b6616c0b9bc2f9038d46d48b2cf57273a7fa8491abc5e63db8c9ca510070178438d5db","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.195223Z","times_seen":15,"resource_available":false,"data":null}},"time_used":817,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":817,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0229/20200229010551122.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0229/20200229010551122.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 31847\r\nConnection: keep-alive\r\nLast-Modified: Sat, 29 Feb 2020 05:05:51 GMT\r\nAccept-Ranges: bytes\r\nETag: \"a22c6eabdeed51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 31801\r\nX-Ser: i33657_c26321, i2103143_c28197, i1935879_c23471, i1940231_c22759\r\nX-Cache: HIT from i1940231_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31847,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"c5dd35c370370b713e8c6ee7c0160d01","sha1":"87a3351ac739484ca5d6d468a6b19c640e374e1a","sha256":"d2a1a6b1bffbd916ea4ffd681de501dcf0cd06a00a4f1198cea280e15a9f17b4","sha512":"4e6ee6bbf6da4db1f4bcc0fc059fa3cfae1a76bd06975be42009ccd0db85535ece8beaef41299960c3df0cfd4e3325c59d4fbc02716df6aefbc9fdacd1d40e19","ssdeep":"768:ueWaq5Upsus+16PANt8XHGXwbbxXyZje7RMi4inc:BVq0sus+YPANtSHG01+jsc","tlshash":"50e2f2934514da95e4c84a1669c6c8a783fdacff1d23a2a4b49d4d72d081ed39fece20","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-02-14T12:01:24.982627Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5502,"timings":{"blocked":5475,"dns":0,"connect":0,"send":0,"wait":23,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2018/1215/20181215033934957.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2018/1215/20181215033934957.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 30876\r\nConnection: keep-alive\r\nLast-Modified: Sat, 15 Dec 2018 07:39:34 GMT\r\nAccept-Ranges: bytes\r\nETag: \"8d9bbb524994d41:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i32569_c4111, i2103125_c28197, i1935859_c23471, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30876,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"7bfe886162ca846eb02ab5e402431954","sha1":"25139b31b2a40eba77dcfb1a8693634d8083c918","sha256":"cc4ab2c433390b6cd44610a9031f4c24e9c212c4e80e0b2b1145c2560887496e","sha512":"a4138e868a5f95052311f18fe99d2298d2dca2ad04d57f5682718e93bc45adabd6466cae84873ab7c05898023dd222c5c5e2f8852d11a1750087e7bbbc39d89d","ssdeep":"768:LNK6aVcyNgPsM3432mCRN7GjDACdoo9Osqo0X:MJM3432mC/Id5IH","tlshash":"56d2f1a67ae6cdec61d21f1264c9b6c0375031ffd39eb84a18eea919d424de0911437b","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-03-04T05:46:55.482009Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5809,"timings":{"blocked":5784,"dns":0,"connect":0,"send":0,"wait":23,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/1209/20191209023256960.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/1209/20191209023256960.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 2262\r\nConnection: keep-alive\r\nLast-Modified: Mon, 09 Dec 2019 06:32:56 GMT\r\nAccept-Ranges: bytes\r\nETag: \"e998497e5aaed51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 38798\r\nX-Ser: i91190_c23533, i2103119_c28197, i1935879_c23471, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2262,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"ea65cd87d44c4e6dfaf2f1a650ad0598","sha1":"dddea23a9f28317f0f524d20afcb18396112ac1d","sha256":"525a1d69568a9752b676a3d81a38f4446c933edbfc43eb0935c6bf740e2173e0","sha512":"d1e2d26387c7c7070dfaa32bdcb8db9e0617214bb4189d8fe430fde186561e85420a0f6bb3b3f8c8d9da391f39ece3018a6ac0e41f63409256e6e674581aa959","ssdeep":"","tlshash":"d04143801d10642b4e78cf6a59a2f4d3adf4d7e67659e000827b10fe0cca9e4cdd9bd5","first_seen":"2025-10-06T14:54:36.201539Z","last_seen":"2025-10-06T14:54:36.201539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5173,"timings":{"blocked":5153,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/1018/20221018040830638.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/1018/20221018040830638.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 11284\r\nConnection: keep-alive\r\nLast-Modified: Tue, 18 Oct 2022 08:08:30 GMT\r\nAccept-Ranges: bytes\r\nETag: \"1b9044cfc8e2d81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 1145\r\nX-Ser: i91096_c23533, i2103129_c28197, i1940233_c22701, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11284,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"14414358c6a18d23f9e826247ccd11cd","sha1":"98544d89849f99ffd67cbbbb675037398b736005","sha256":"d6cb168dc54d33e86a4600e3947c3000bfea8285d5b35ccb8223994a51e4404c","sha512":"a5f203bfdd3abd490aa86bfb0d5e9c11bea0ae22f8c824849347e92ed0f5bdaccc1eea6d51cf0fd2ae3e76a6fe667589320446d76841250a3e8104ae739b1a4d","ssdeep":"192:CAfTJtqqpzxWd/aSXGtwgv4/nqsXj6iaY2PkoUsf43MIOCLxsrR5z1un:pJtqeoXGtlhAOia3xUy43MIOFgn","tlshash":"9932c0de204a99dab81c6c1c2e768abf2d9030e755836c8e0e94f1c9bc0b3b43285717","first_seen":"2025-10-06T14:54:36.20369Z","last_seen":"2025-10-06T14:54:36.20369Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5632,"timings":{"blocked":5611,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117022747270.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117022747270.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 06:27:47 GMT\r\naccept-ranges: bytes\r\netag: \"80b3ce576bbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3013\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3013,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"c0bf840aa8c70c3d9997d3715f512394","sha1":"7e67f9e6d04ba8ffc50df8a21eb5ac92ec5b4337","sha256":"6333968663f7985820999f998d42014aeae08fb6fa1b1b82a10360a383c70357","sha512":"2197712dfe125821580c427b9251dc3a97ab356918c0b75795ed84de9b4292768186bad73fbb18a5b67d6d9b0b027be2d854e591c786e67ae95047db22e2bc38","ssdeep":"","tlshash":"0e515a1fea027cd0128a82941de9e063ad02580e94f073dcf4cec87a8978af4274e2c6","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.231935Z","times_seen":15,"resource_available":false,"data":null}},"time_used":805,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":805,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117042606915.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117042606915.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 08:26:06 GMT\r\naccept-ranges: bytes\r\netag: \"02324df7bbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 3705\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3705,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"1387eb5e6c4894f5e4fb0c3d7745b99e","sha1":"02989a34ce3219fb986a41bae16d33e9c43aec4a","sha256":"f71a231fbb24e78510a8f46f390717971ad2c5a50a77fd11fcc30c6097ea1ab5","sha512":"eb1845f8dc8bd309b6f2bf28a2cbafc055b2ebafec0e201dc6ed8f8c5c1d76b77dccfba234b0a7e792463371c684908b16aa584c3a188998cd843bb5aa845d51","ssdeep":"","tlshash":"8a714c8ed8401143594fd0c958713923ec3b4aa695a4f078b2cddb261e709f2a176ee7","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:55.439643Z","times_seen":15,"resource_available":false,"data":null}},"time_used":870,"timings":{"blocked":516,"dns":0,"connect":0,"send":0,"wait":354,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2016/0831/20160831021604958.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2016/0831/20160831021604958.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 9766\r\nConnection: keep-alive\r\nLast-Modified: Wed, 31 Aug 2016 06:16:04 GMT\r\nAccept-Ranges: bytes\r\nETag: \"706873274f3d21:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 279654\r\nX-Ser: i37646_c26321, i2103121_c28197, i1940255_c22409, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9766,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8dd53cf04ca7dcf0f9fd33eacd934ffb","sha1":"e3eb242d775475535277ea2651b1853134b42834","sha256":"4ff6c2a073d63d0ead960e36a7a5051a818548e0838d8dbeb8a4566b21d2c510","sha512":"502374114a93976e813e654d20ee8fb46add277b5afa270019976138a4d66ff43ddc4cb94eacd51b9fbf2af2226d0aa02ee86b5a9c5cb30019c6f0ddd4a379a0","ssdeep":"192:Yc2J/i9ZT87YaAaup9F5EnTxUOvL+IylCIm:d2YfGYaAaESnTXyXCl","tlshash":"b412ad87dc7614f2dce5ed57d2c465d91423b3724cb682c62fccd424b22a96e289d2b8","first_seen":"2025-10-06T14:54:36.209941Z","last_seen":"2025-10-06T14:54:36.209941Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4958,"timings":{"blocked":4934,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0714/20230714043444453.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0714/20230714043444453.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 41969\r\nConnection: keep-alive\r\nLast-Modified: Mon, 29 Sep 2025 00:35:35 GMT\r\nAccept-Ranges: bytes\r\nETag: \"e19fccf8d830dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i34716_c4672, i2103129_c28197, i1940277_c22409, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":41969,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"20ff9ac548634316c779805a580743d1","sha1":"c166660c787a9a1b1a897ba2503cd71521fec7f9","sha256":"0440ae111c287b67ff8348be7627fce35f72f7fdd3ac9bb106b206c74c7a168b","sha512":"0fa42320eb755febc08ace562f4d7228578f4bd96ce71c4275a315bcdcc81bb7f64998a5d1bfe6ea11eb03b7a83b2c4dc0f7742088a9a2077dc6f6b02839febd","ssdeep":"768:wYKgkdtfsYoaFA47mEWzheEUK/fYwQ62lZRazgip3NEC:wYKgkoY97bDkfYwQ62lZIg4","tlshash":"cc13f1b2ddd88037f866793f44030ff86666d82ba84ce16ce389218e4539b51787b5f9","first_seen":"2025-10-06T14:54:36.212483Z","last_seen":"2025-10-06T14:54:36.212483Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5568,"timings":{"blocked":5537,"dns":0,"connect":0,"send":0,"wait":24,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/0411/20210411080433795.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/0411/20210411080433795.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 23309\r\nConnection: keep-alive\r\nLast-Modified: Sun, 11 Apr 2021 00:04:33 GMT\r\nAccept-Ranges: bytes\r\nETag: \"87605540662ed71:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28851\r\nX-Ser: i33595_c26321, i2103125_c28197, i1940273_c22701, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23309,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"6879178e1479874c75dfe0f489931df7","sha1":"97afda6b7fa1bb16724aaa9fe6e8c743f8fe3ba5","sha256":"46ed0772c2adb957d5c0abfd08c4800cd39f783b2489ae4a3186a39f4ad9dc08","sha512":"11a80b11f45505da6a13cce61d8b35420e450c8ccb6f724bcab78ddf080ece9ca8d338c9d7797e1b6594aaedc7e7e7a4c7adf56bbc78ae440e09066477c30c64","ssdeep":"384:KMRqBzTK4xZ4wAMxc/s/ONAiHkIAKU6f+nVP9XoPznN3ZuR0LRIxl+2x3XE:eZxfbzONhcKXfWEznN3sWRIJFE","tlshash":"b7a2e08fa493c8cecbccd922a1af4b17431267268701ea6f447ffd574c601e41709d55","first_seen":"2025-10-06T14:54:36.215243Z","last_seen":"2026-03-04T05:46:55.060328Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5657,"timings":{"blocked":5632,"dns":0,"connect":0,"send":0,"wait":23,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2016/0731/20160731031104872.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2016/0731/20160731031104872.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 35326\r\nConnection: keep-alive\r\nLast-Modified: Sun, 31 Jul 2016 07:11:04 GMT\r\nAccept-Ranges: bytes\r\nETag: \"61d1b8b3faead11:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: BC141_dx-lt-yd-jiangsu-yancheng-8-cache-16, BC165_lt-obgp-fujian-xiamen-33-cache-1, BC130_IT-Lombardia-Milan-1-cache-1, i1940259_c22701, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35326,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"bd16ff7862011b036df5796b63208e58","sha1":"bf85569145cea8825712b9dd6d1b0440cb497a7f","sha256":"aa942015dadfdc8f768dde1c29c363a722477a68b293595591af1d34e4224d78","sha512":"63578d9813df4fde96df4ee834b0023e9713b590498be5cc12880876396984f7486d1c26afce49a5640257c545246d3c46bb1e32bc238f066de261d9511f94a1","ssdeep":"768:QM48vgNfTuImjd6TVXkaxSTe3BksqHHUpZa:QVsgttud6TVXbYT1PUpZa","tlshash":"85f2f147f717abb26cbaa3d1e46b099497b9a3b0410930f8fddd0590f8bb590381681e","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-03-04T05:46:55.50801Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5733,"timings":{"blocked":5706,"dns":0,"connect":0,"send":0,"wait":23,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0329/20250329092321500.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0329/20250329092321500.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 44393\r\nConnection: keep-alive\r\nLast-Modified: Sat, 29 Mar 2025 01:23:21 GMT\r\nAccept-Ranges: bytes\r\nETag: \"247902849a0db1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nX-Ser: i91718_c21609, i2475927_c28821, i1940255_c22409, i1935869_c22759\r\nX-Cache: HIT from i1940255_c22409(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44393,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"43dad6505d7b03f1ce610d86fd475592","sha1":"0177b879183d296236f705fc67ad36dec4f82e52","sha256":"301f9599d64d848c8122804a0bf0ca4a70b19b1eb260ee724211820909d47e2c","sha512":"17e5908bcabb0403a05f5c32e90c18dfb000478f47be21820e735753f09e00c92f1ca8993f6e39cb3ba01d7ec90a2c14d126e732f0c54d027c12eb3430f00d9b","ssdeep":"768:RzRlUGLD1eHsG32JkbD2g4Gx6odermse92oJWOC6CgOHmOwX+G/3I46wOq:SoDpG32Jkv286e7J92pL6MV+79","tlshash":"8313f1667d6f4a092210aa356cd709d29a370b6a9c8f069dd1735bcf08f542471e1db3","first_seen":"2024-05-20T23:08:39Z","last_seen":"2025-10-06T14:54:36.220754Z","times_seen":14,"resource_available":false,"data":null}},"time_used":5759,"timings":{"blocked":5450,"dns":0,"connect":0,"send":0,"wait":300,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0930/20250930022130707.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0930/20250930022130707.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 17713\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Sep 2025 06:21:30 GMT\r\nAccept-Ranges: bytes\r\nETag: \"6865676d231dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28818\r\nX-Ser: i31243_c6956, i2103119_c28197, i1935953_c23471, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17713,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"3676ba498e73690e47e7085f46cd71af","sha1":"7fa898cb2f7d3910ee955545fc6439e1bca67b5c","sha256":"a8310e1f1fa0932f8c24d9a6249935a6c6138d392465aa662149d1d9bf92be4a","sha512":"ae8a800b660c984019dacacd8aa2f3c1b4f2b996caa97721a70e258e27fd61612c8bbfff093168577336b1c3674099a96d07fdd182a26f2ff9fffa789a12f44d","ssdeep":"384:MLWfi2d/dcOE/GtL+9JpGEJQgp9BEcVCfzm:Mbw/dcOEux4RJQgp9cfa","tlshash":"4882c1cd361499f4e30d24fc7f43813ea4d182526aa5f9601e9a9ca4c01fd2f2e23579","first_seen":"2025-10-06T14:54:36.223106Z","last_seen":"2025-10-06T14:54:36.223106Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5594,"timings":{"blocked":5570,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/1220/20241220093447626.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/1220/20241220093447626.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 30197\r\nConnection: keep-alive\r\nLast-Modified: Fri, 20 Dec 2024 01:34:47 GMT\r\nAccept-Ranges: bytes\r\nETag: \"fd83f55a7f52db1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28818\r\nX-Ser: i24679_c6956, i2475927_c28821, i1940263_c22409, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30197,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"c0c5028809d221b5e14ca99ee3d7a54a","sha1":"af9d09a6aa5d099153d759412bb9d909ff7c14d1","sha256":"7ab2066854e87debbfaaeb18deea8ce4ec43ee562f7d7005a71fd1944840ceb5","sha512":"d443d7a4786b0028e049dc2ebc247af812ace0f8ce621f778b509fbfcb0535861aeb588152030046715eeb0fe511457cab382bea3f10c99334cd3c75ab0a5f60","ssdeep":"384:I1wEw80JGURzb13XVb0WLk8hNm4LSMGuC0pIB1ZYGuZ3XpVMhfdnqBCaeKbgFzZj:I+EbnoZlhLk8C4LSvlYGgVKqIaZkZWxy","tlshash":"1ad2f159184b734ca097c091f9fe214511e72b9482fec9d918bc83d4a98806bf6d47bf","first_seen":"2025-10-06T14:54:36.225413Z","last_seen":"2026-03-04T05:46:55.604812Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5203,"timings":{"blocked":5168,"dns":0,"connect":0,"send":0,"wait":30,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012025448258.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012025448258.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:54:48 GMT\r\naccept-ranges: bytes\r\netag: \"0ecedb36bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2831\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2831,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"c62519e89b8cc4a77acd41f19079d59f","sha1":"dd29fdb6777c71276513575ba7b9a042c2d8f600","sha256":"f91864f0d2586d6cbe4a1f1d550b75b9eb5d5ef177efc4db9315b930ecad5f98","sha512":"cf089ac392e066b03067c683a97fedd3e8ac8e73205414d82bb1581187c339de6b53a7ff5cf324527944a4aa0cd6524abee40de6850a7653cbaf8591e35a8a99","ssdeep":"","tlshash":"78513a14a2d03cb7a1b5cbd3e4f8b0236013cc419ea8d523589bcca24863fa014f89c3","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.478384Z","times_seen":15,"resource_available":false,"data":null}},"time_used":775,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":775,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012035555578.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012035555578.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:55:55 GMT\r\naccept-ranges: bytes\r\netag: \"80b7a1953ebfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3898\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3898,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"74cbfa578e95485816c804acaaa43df7","sha1":"44e9fb98887e6f2d8c0e67c54e132beab709d7d9","sha256":"a2df717a9c3ad4a8e6e9f9592f83e420bcd8893e2e714da66e2af3fa53bd4649","sha512":"b26cf82bc42394c670952b63b666d4863c62353ece3e9e7e447369f13dc903a4f3c3415e4496f58dbc6c90faa9953bc7edbd74f3d10e1d9e9bcf38264024c6ee","ssdeep":"","tlshash":"c4815c85affa58819d7bfdb005da842ba6074400c9f5f0b370cac1686fd59bc8906b7b","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.238285Z","times_seen":15,"resource_available":false,"data":null}},"time_used":834,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":834,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117023642772.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117023642772.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 06:36:42 GMT\r\naccept-ranges: bytes\r\netag: \"039b1966cbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2811\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2811,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"748cfe76ce04c353682af8972db88195","sha1":"5000ec4eb2a87f357fef8b6c803aa28647799cac","sha256":"41c546dfde07adda6dbf32bb2c498fd7c0052185a9e4b0fc291ac92163d0ad1a","sha512":"56edfa62c38bc709d17a2270e181e8bbe89617374395825d491e34d9d979c749810a58ccabf53b3c16bbdf31bf86236e1e5e559aa3f6195d2c0a551d0d43f7ea","ssdeep":"","tlshash":"e1514c5af8505a14e0edf67005c28513c81b8d595fe4d459f2e1e60b5cf03fb42590c7","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:54.920442Z","times_seen":15,"resource_available":false,"data":null}},"time_used":802,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":802,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/bg-li2.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/bg-li2.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/lib.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 21 May 2015 05:27:35 GMT\r\naccept-ranges: bytes\r\netag: \"807dd9d78693d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 372\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":372,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 11x4, components 3","md5":"deea8b7f8e6c2e3d9f9178fb780583a8","sha1":"abe4de4bff35818225d8ee0583696097f9b61a77","sha256":"2f6bd6dc68572e55cd21adab65d268ea6bd691f2709ead041588acae13851d7b","sha512":"b497a4dfdf92370b57a0af45048040b1127e3028de9b7d17a351d21c08cc18640ea578d77f284237abc8a38348e3ae26ea0cbe27b8570b4bd1c2de1d9c489344","ssdeep":"","tlshash":"cee07d7ad7665216cf836530036807709305b1688b60463d344d4501733f6e55820270","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:54.953615Z","times_seen":15,"resource_available":false,"data":null}},"time_used":335,"timings":{"blocked":13,"dns":0,"connect":0,"send":0,"wait":322,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0330/20250330083324843.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0330/20250330083324843.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 44393\r\nConnection: keep-alive\r\nLast-Modified: Sun, 30 Mar 2025 00:33:24 GMT\r\nAccept-Ranges: bytes\r\nETag: \"b3871a59ba1db1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 25692\r\nX-Ser: i19049_c6956, i2103143_c28197, i1940269_c22409, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44393,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"43dad6505d7b03f1ce610d86fd475592","sha1":"0177b879183d296236f705fc67ad36dec4f82e52","sha256":"301f9599d64d848c8122804a0bf0ca4a70b19b1eb260ee724211820909d47e2c","sha512":"17e5908bcabb0403a05f5c32e90c18dfb000478f47be21820e735753f09e00c92f1ca8993f6e39cb3ba01d7ec90a2c14d126e732f0c54d027c12eb3430f00d9b","ssdeep":"768:RzRlUGLD1eHsG32JkbD2g4Gx6odermse92oJWOC6CgOHmOwX+G/3I46wOq:SoDpG32Jkv286e7J92pL6MV+79","tlshash":"8313f1667d6f4a092210aa356cd709d29a370b6a9c8f069dd1735bcf08f542471e1db3","first_seen":"2024-05-20T23:08:39Z","last_seen":"2025-10-06T14:54:36.220754Z","times_seen":14,"resource_available":false,"data":null}},"time_used":5557,"timings":{"blocked":5530,"dns":0,"connect":0,"send":0,"wait":24,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/0923/20190923112104410.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/0923/20190923112104410.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 17210\r\nConnection: keep-alive\r\nLast-Modified: Mon, 23 Sep 2019 03:21:04 GMT\r\nAccept-Ranges: bytes\r\nETag: \"c5526aeebd71d51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28820\r\nX-Ser: i34712_c4672, i2475941_c28821, i1940269_c22409, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17210,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"3cfa55effb0e1cbffd85ccb14960b169","sha1":"61d10523207687fe2fb4bbf723dc9ac717d16dd4","sha256":"4685df33335600d2288b21a458ef445c41908356d37f18b6dd3c6cd87bfcdf96","sha512":"55788a551cfa701dea67df9899a35cd4d50450db31d6a0729895d4c46c2ed88419758cf6104d35a5460352d30803ce47ab2e04e0d5eb4c8f3a99d37feb08f2ab","ssdeep":"384:ltbo/A9sRwdQQ2TY+N8fWBDsAHLOMRl6pJ6tNF:3bo/2QUfeufWe0Rl6D6h","tlshash":"5972d1ec3560aca8018b9dd663d7f77eb578c9b249038245e7b7e020a307e76c5a2684","first_seen":"2025-10-06T14:54:36.235848Z","last_seen":"2026-04-16T01:23:16.862607Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5738,"timings":{"blocked":5715,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117041921530.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117041921530.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 08:19:21 GMT\r\naccept-ranges: bytes\r\netag: \"80abeed7abd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 2978\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2978,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"168f1a5c501be88f6d0a97f3a6f298a0","sha1":"f0946d4b6f6dea2ff2677655ca60a275699a42de","sha256":"72fb6c3648b16c2bac7eb1601c04a4347c8434af4e042fc4412842e8d1694051","sha512":"3f8ef960f50acf157cfdd827394366dd6566445d6bd5346c7111e78e7c955efd7e4ef05e5ce0ca2ab4e9807c9c5e57055c290ec36c3e7479080d1b99c623422f","ssdeep":"","tlshash":"26512998aee28d82fa18fa621ce2246299874b408f50f11f65cfc91d14771f3a025adb","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.426852Z","times_seen":15,"resource_available":false,"data":null}},"time_used":869,"timings":{"blocked":517,"dns":0,"connect":0,"send":0,"wait":352,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/0509/20240509091120537.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/0509/20240509091120537.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 39007\r\nConnection: keep-alive\r\nLast-Modified: Fri, 20 Jun 2025 01:41:44 GMT\r\nAccept-Ranges: bytes\r\nETag: \"44a26e7a84e1db1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28821\r\nX-Ser: i50854_c26321, i1940233_c22701, i1935945_c22759\r\nX-Cache: HIT from i1935945_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39007,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"983195bc1f6b182f2f5f7fb91d9a12fe","sha1":"79c1606ca7135a7740bccb9dca6eb27343d5487c","sha256":"9d028ae47e18c260f594139c69e78b40784c101d795f81f158c103a23b663966","sha512":"115c007124b084e169f3db73f5a17a2571744c5fa2ce66c2559bea18c29adb733a12507752950c8a95e86183144a043734f94474ea62b80aadc48371d9f1c53c","ssdeep":"768:+JxFvm7ia9vQzJuJ14uTvG4mtsmsLNJSEoPFxpitqD7fEgXj91/:HW4J14wvGXtssXxUqncgXRB","tlshash":"c203f189f3b7a5d2d24d0c9c57004afad45d5c17fb1b460a3a83f753aa9315c4a18ece","first_seen":"2025-10-06T14:54:36.239087Z","last_seen":"2025-10-06T14:54:36.239087Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5527,"timings":{"blocked":5501,"dns":0,"connect":0,"send":0,"wait":22,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/0928/20210928031627207.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/0928/20210928031627207.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 26948\r\nConnection: keep-alive\r\nLast-Modified: Sat, 16 Aug 2025 06:35:40 GMT\r\nAccept-Ranges: bytes\r\nETag: \"965e31fc77edc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i24687_c6956, i2475923_c28821, i1935885_c23471, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26948,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"9734a5492afbda2ccabb49e3cad3ac5f","sha1":"f3519bd1a3e7b8df799673db1d240b407d226dfe","sha256":"a9121def072cc4f5cf125ab2165dedfeccc0876c4d3f1aedfeb53f534737d193","sha512":"0a7b4cc2b53735f5624e8b8fb487e3568f347ad340f9d3df26da1aa7da20a48f4cb52f453a14b38b1d6643cd5eccf44f71da805209439406818854cb49ea0803","ssdeep":"768:ptD60yUoEK5sB6eFU0apGkKQRxPxKTmUHCvMGDJqDFPs5C:ptDR4RK0PxPxGmUH8M9FPs4","tlshash":"f7c2e12f39d4deaec7b6bea0f9f6467450f641c4f7da8b43cf94a224406020166b96dc","first_seen":"2025-10-06T14:54:36.241234Z","last_seen":"2025-10-06T14:54:36.241234Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5535,"timings":{"blocked":5511,"dns":0,"connect":0,"send":0,"wait":22,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/1128/20191128015146468.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/1128/20191128015146468.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 21370\r\nConnection: keep-alive\r\nLast-Modified: Thu, 28 Nov 2019 05:51:46 GMT\r\nAccept-Ranges: bytes\r\nETag: \"e85b8eebafa5d51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: BC25_dx-lt-yd-jiangsu-yancheng-8-cache-2, i91084_c23533, i2103141_c28197, i1935879_c23471, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21370,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"d324ea2816dad3145a7bfeb33660673b","sha1":"b87d0806afc1030235903be79e61973e343ae3ad","sha256":"058307bbabc40fbb45abc754c97b8d852e11740899acc7e7df4f18a0b94c05ce","sha512":"ef502aa7cde677c469deb2e2005ab19e9aca45edc7cec557716e33b25880fd79559be6913502ec9e193202aff257397f30c7c158988d46513e5b068d8fab8c6b","ssdeep":"384:0j3C4mZYVRmSYrJxu5em4rkv8KWd+mx1APD+vvkUkmGS24ZPtRV3gJ2AH3BY:f4mZYaPrTj5ldPx1ASGS2m/oi","tlshash":"04a2e1f56d1a8fd8e05c3127cd04283194b39cd0ae1b93f446e6742d63bb16ea8199df","first_seen":"2025-10-06T14:54:36.243554Z","last_seen":"2025-10-06T14:54:36.243554Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5612,"timings":{"blocked":5588,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/0125/20190125042817596.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/0125/20190125042817596.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 7105\r\nConnection: keep-alive\r\nLast-Modified: Fri, 25 Jan 2019 08:28:17 GMT\r\nAccept-Ranges: bytes\r\nETag: \"d780aec87b4d41:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: BC22_dx-lt-yd-zhejiang-wenzhou-11-cache-2, BC195_lt-obgp-fujian-xiamen-33-cache-1, BC130_IT-Lombardia-Milan-1-cache-1, i1940259_c22701, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7105,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"0580297deebc4519d3d785c23339d0c3","sha1":"ca6785e7bc5f30fad4289755c1b1ed7c48ae3e7e","sha256":"8b241abd284f9e3f7bf179e12fab7ab4df1546df57ea8473d2116ee0e5a4b752","sha512":"33ea578bc6228085915e2284d269f6aa1d3a417ae302599562338418cc4063678d4ee1486376524eaa4989f93e2ae77b41037ce1bc31dc2a5a15eaaed4e2d90b","ssdeep":"192:I7Q0m7XpuK/w8yFJMfhmdWaejpKk0vNrV3e:x0AXQK/w8ao5oVu","tlshash":"4ee1bfd1fe9aa0f1ef071bf79ab33204d47d2596243a662993e921357473f868c4e384","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:16.930755Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5765,"timings":{"blocked":5744,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0116/20200116085945398.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0116/20200116085945398.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 8467\r\nConnection: keep-alive\r\nLast-Modified: Thu, 16 Jan 2020 00:59:45 GMT\r\nAccept-Ranges: bytes\r\nETag: \"7c6c8a3e8ccd51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i92716_c22643, i2103121_c28197, i1940277_c22409, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8467,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"bd15a88eb180a7e069aa3a6dae2b659e","sha1":"9e85ce92cc41ce81a51c2933931e7cb7d29bcb05","sha256":"96f4ea9974f87a4399fcd7a91786d6fbc522ae2e474f6aa5fec372fa03f864c7","sha512":"8dd1f69bbbea613d1a14e6cd9cfa991956b7fe2e415a5ed77f57b135aa4efc334f3ecd6887bdb4544499b5391bf2b8d408b23e3e8225459fa08704b994649cd3","ssdeep":"192:4uZAE8GP7IpgylxfPsfJdbyAX3srZqcASkhKRKKwmeeIWY:rH8X6yPfqXbyAsrZ5ALcgmeeq","tlshash":"0302af1b143809ec2ea31afdc4ba253a75177398fd337d1ec820b249571955510bb12e","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-03-04T05:46:55.305271Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5816,"timings":{"blocked":5795,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0927/20230927051706306.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0927/20230927051706306.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 5160\r\nConnection: keep-alive\r\nLast-Modified: Wed, 27 Sep 2023 09:17:06 GMT\r\nAccept-Ranges: bytes\r\nETag: \"894fa76223f1d91:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 31711\r\nX-Ser: i91084_c23533, i2103119_c28197, i1935953_c23471, i1935945_c22759\r\nX-Cache: HIT from i1935945_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5160,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"ae4ce2931a04a58e2e38025cd5b533a6","sha1":"9c2f51afd642fe19089b55d8d224df6b3f71ac93","sha256":"97102250613b8756ecdc995515ce8761cc4fa9b267ffbaa438d76cd42d8f0524","sha512":"e6c9da1bb1fad071a7e5f74da8eac4501d8519dd170d56c9fc5b1e14f405a56c08c68d7f5b1556612c30ae3e09f981955317bc6dbacda4ed7f21b7ce9856a0b7","ssdeep":"96:s9yBKFGbe+nLB04bRgFRrGUaPTFnd+K7N2aRMPydvG86C8If3n:LBCGbeR+aCjPTpd+F8MOvGRFy3n","tlshash":"f5b18c4b57017ee80627c130e5476708e5f5b7a2f0316861d4b93a83755e3d6fe8aa23","first_seen":"2024-05-20T23:08:37Z","last_seen":"2025-12-02T22:33:25.385316Z","times_seen":15,"resource_available":false,"data":null}},"time_used":10175,"timings":{"blocked":5055,"dns":5030,"connect":21,"send":0,"wait":21,"receive":0,"ssl":45},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/0906/20240906091423384.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/0906/20240906091423384.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 17789\r\nConnection: keep-alive\r\nLast-Modified: Fri, 06 Sep 2024 01:14:23 GMT\r\nAccept-Ranges: bytes\r\nETag: \"e422951bfaffda1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 15636\r\nX-Ser: i91154_c23533, i2103119_c28197, i1940259_c22701, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17789,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"fe108fa7b37350c4b14c2dafe43106f6","sha1":"e0948c5574069daa36ed3be840486208aed0fc79","sha256":"4ce9eaa448b4da8b1c57215a86978e6678cb96c450172d743c8c22ea38788087","sha512":"1c73dd205bd43b15939d5c892f2b39c60eb5d799f5ad57ed3bc8eda3ab880257649b0f05641c352c1e43ce72c4e60fa223ca5b5966b549127467b446a43310ac","ssdeep":"192:qOnnPHg8TgRzYut5QCfFt/qLWu5gZugeaLEcCQzsTm6QCgwktSiMJFjgFJDp:lPHZsRzpxEb73qsi6+V2JFjgPt","tlshash":"bf82d0bab9e80f8f587f7abc0d4184c89d147846a14c5b56ae10d2a1cb3adb07438783","first_seen":"2025-10-06T14:54:36.251887Z","last_seen":"2025-10-06T14:54:36.251887Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5552,"timings":{"blocked":5528,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/1230/20241230043245706.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/1230/20241230043245706.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 24568\r\nConnection: keep-alive\r\nLast-Modified: Mon, 30 Dec 2024 08:32:45 GMT\r\nAccept-Ranges: bytes\r\nETag: \"d225cb66955adb1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28818\r\nX-Ser: i8680_c18005, i2103125_c28197, i1935891_c23471, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24568,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"7993d296635492db9ad57257426bad3b","sha1":"f6b7dfb82b5f183a35bdcbdc46677a6aa46832a9","sha256":"6f234d3b74366d56c2d34a4022844daec5246139fcea5343ae3d54de94859354","sha512":"177388fb10630d4574c2e8534ae5003455a5a9ec94e0f4098f89b5b17b57554dbb0fb6de650a494e2d005cdaae024239b58bc36326e278fcfc64deea6963e86f","ssdeep":"384:g4zfGT8woyGMUL05JG5mLQcTEuvhS8IYS2Ikr3uVTe28OgcypBMEPJ6IMfGnoF59:5zc8FKUo5I5uEg7uJF8O5iBHR7iD","tlshash":"27b2d09bb25cd3a7815f2d6eb2b0c6723482a1cb240359bb9c4436539ff7405692b26f","first_seen":"2025-01-03T05:17:31.323587Z","last_seen":"2025-10-06T14:54:36.254225Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5205,"timings":{"blocked":5178,"dns":0,"connect":0,"send":0,"wait":25,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/softicons/360sd.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/softicons/360sd.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 30 Jun 2015 06:37:33 GMT\r\naccept-ranges: bytes\r\netag: \"8074933effb2d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 5522\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5522,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"d1f91f734081b6b559663c99b0e15a8d","sha1":"6cc368cb7b4721bbd382b633ac1ef6106dee386c","sha256":"c153bfae00ab9cbcd499cea1f8234ee9deec6d3ca80fa1852c58521e94b5e988","sha512":"216a6be3e282a67789a15c3b3e4d46f9c152e2bb127fc1dd532e277553b3af0486c195066c157cc4e10b5fd118f6c8cf1006b452a6d260a48e73d513b5331c63","ssdeep":"96:z47YfxJn2tSj2xg39J55YMyN6PV9NRZ7BlsU3bYf/:znJJnkxK55PfPV9NRZtls7H","tlshash":"97b17dfb937e71e1a658573ae17e434b532b2265d8707b135dbc4268c9b23408b81a73","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.024552Z","times_seen":15,"resource_available":false,"data":null}},"time_used":758,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":758,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/1004/20201004025258928.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/1004/20201004025258928.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 5848\r\nConnection: keep-alive\r\nLast-Modified: Sun, 04 Oct 2020 06:52:58 GMT\r\nAccept-Ranges: bytes\r\nETag: \"b1c89afe1a9ad61:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28817\r\nX-Ser: i37654_c26321, i2103121_c28197, i1935851_c23471, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5848,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"e7cf3804d4c3f6ff63ac052bb0925b30","sha1":"5d3b259d838f73bfb2a0d0f1c649af5fcbebbdc8","sha256":"1c3357e5d33ef3bfb4901d2865c7c95021804065d6e721955c9b37af1da338ce","sha512":"fbb0e84aaf866008fc9df41be55d0ceaa352db5c061612e7202876c6f0c6a6780d26c37f33136d7c7737373600c0cf7e653f55ed49b5a19dde2d59b975a819cd","ssdeep":"96:f2RXhZTlGpBFnOvvabByEuArxur1OmdTUM7xLexXs/vJKYa2PwtnGBTd:cLlG7QCoquROmlUQLe5U8YLPwtGBx","tlshash":"98c1aff8b84e9f75b19ce4248d123b504b6b2cf6112b2411df3910e66017715a5ef276","first_seen":"2025-10-06T14:54:36.259301Z","last_seen":"2025-10-06T14:54:36.259301Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5483,"timings":{"blocked":5462,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0414/20230414105500573.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.996Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0414/20230414105500573.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 31418\r\nConnection: keep-alive\r\nLast-Modified: Fri, 14 Apr 2023 02:55:00 GMT\r\nAccept-Ranges: bytes\r\nETag: \"2d9bef807c6ed91:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 31800\r\nX-Ser: i91636_c21609, i2103141_c28197, i1940263_c22409, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31418,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"27104374e3599345d803fd77f20b5858","sha1":"0fd52de756ad695f77ea2cd60d5c383ee495b602","sha256":"6860b10dcd029d89a28375bf4987ab0a78be81e3c81057b18e646f12d32bf87d","sha512":"50ee42af3a4470fdd9ab87e5d18ec4af5ed6e402cfcdd44834418df38a8644eda7a7d5f51904ec8fcc103e4d68f46e0c4870f48e0f1c5288e5befbefc79af77e","ssdeep":"768:0BTbPteC0y9j5J4rplNceSNTFmaY5SVBUDMqxg:0BTbPoC0yOrpMeSNTFJpMvg","tlshash":"d5e2e0b23d3d5d80bb315317c213633c8a0d93e29ac9e05e4e7261c617a5789e3ade6d","first_seen":"2025-10-06T14:54:36.262574Z","last_seen":"2025-10-06T14:54:36.262574Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5565,"timings":{"blocked":5539,"dns":0,"connect":0,"send":0,"wait":23,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2017/0801/20170801015827902.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2017/0801/20170801015827902.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 18551\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Aug 2017 05:58:27 GMT\r\nAccept-Ranges: bytes\r\nETag: \"dbf770318bad31:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: BC147_dx-lt-yd-jiangsu-yancheng-8-cache-16, BC196_lt-obgp-fujian-xiamen-33-cache-1, BC132_IT-Lombardia-Milan-1-cache-1, i1940273_c22701, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18551,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"67350321ca358f7fdd9db6ce51adb9f4","sha1":"e5b3ae14fdb2288f5dffa3348d44d10c0de1d7d6","sha256":"7c4173f40a755be4331066fd40caa9fec4b5cd906cdd108e538bdc3adf727c67","sha512":"4a55490d9f3688791468c9953e61be5e82eb8f9f34d4b3f595598e29400ed0c7cb8cc401696b0ba934140be47b13ddc4ff7c7f3d401b4e5ec2ccef047be3406c","ssdeep":"384:+h0S3qS16AXMpvGZB0bRCrpDaWWFEDsajG+soX5vJ6aG3y12ln58Z1:+qQ6EMpOZBMRCtD3WOXj3XRwC8+","tlshash":"6c82d19f010c79598c783bb4bd5ca67e7e6214b8ce6d58e5cc9a31305cf2da868abd40","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:54.876626Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5074,"timings":{"blocked":5043,"dns":0,"connect":0,"send":0,"wait":30,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012023206617.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012023206617.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:32:06 GMT\r\naccept-ranges: bytes\r\netag: \"0371de032bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3653\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3653,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"e87d8277dcc895518647e47fb86e58d6","sha1":"82fecc0675a946a25e181bb5ce14f6105694b236","sha256":"52e2308415c83cfc684927dca3dd081a8152ad6e5d997641d9e8c62fec2f18dc","sha512":"73c47c9dc46465d1d887b8cc503c6406f497058a449c8ee53bfc0d327e273d264866af3ccf3a8214a1d103706f23b7a142fe39682514ae128a40d156990529ca","ssdeep":"","tlshash":"e7716d42e640fe1ad90cf823286920655c725d4cdbc4b12bc6cf982618e0493f6927db","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.310507Z","times_seen":15,"resource_available":false,"data":null}},"time_used":851,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":851,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117014504626.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117014504626.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 05:45:04 GMT\r\naccept-ranges: bytes\r\netag: \"0f0236065bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2401\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2401,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"8fce33df2033d6321486adcc4ee5ee80","sha1":"3cb86d231c958e0c809c4d89946e4d220b29ecd6","sha256":"ddd16f3fab7621ce5dd0966264d747b6667506e0b4c77ccdc8490916ba2c9c91","sha512":"21f9fe250eb6264435abb3028534d9c04edd75b93af237541146ad52564ada5541325150f5577df59a0b01006e7a41e3b4c72c2af472b6bef0437fe5de4f7d09","ssdeep":"","tlshash":"14411bccfe80dc85505a9b4224fd2633e9165e50c666fa66e4cdc91e3cf1252502cbdd","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:54.872404Z","times_seen":15,"resource_available":false,"data":null}},"time_used":816,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":816,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2016/1206/20161206023651695.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2016/1206/20161206023651695.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 11608\r\nConnection: keep-alive\r\nLast-Modified: Tue, 06 Dec 2016 06:36:51 GMT\r\nAccept-Ranges: bytes\r\nETag: \"d64383208b4fd21:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i91204_c28777, i2475923_c28821, i1935879_c23471, i1940231_c22759\r\nX-Cache: HIT from i1940231_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11608,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"16cf81e41d318731ee47c4a1c92616b0","sha1":"44c65fb4fb38a0f7cf5bc21fdf739cb69984df56","sha256":"988886eae08176969b57cea14da871449a15560c5a71dd427cffc527590d7277","sha512":"9d4490a4ae3dafb276d0b197748f5aceea3e30ea874f4f35be7d46d8e1c4dc946a4efecfb1d683b6b77a7df478b367f6e13578cb9e9f112850e6737ceaad4265","ssdeep":"192:jSLdpOEI65TGEq6OZGprXQKY2hhgTdVs1cw5V0nxhgLQUl7Iw/RW0s:8dpNI6pGEq6/rXQKYBnw5u/gMlq01","tlshash":"c632beb8c089b7145e95681e0a666735ddde203f1a1b074b8d339cb0a25a630be7b17c","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-03-04T05:46:54.86881Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5807,"timings":{"blocked":5785,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2018/0914/20180914033900887.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2018/0914/20180914033900887.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 12674\r\nConnection: keep-alive\r\nLast-Modified: Fri, 14 Sep 2018 07:39:00 GMT\r\nAccept-Ranges: bytes\r\nETag: \"b52acd0fe4bd41:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28819\r\nX-Ser: i34710_c4672, i2103125_c28197, i1940237_c22409, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12674,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"d41c46377e6f9d33a796c8df3c2c3d3d","sha1":"713470df26b1ab0ac4e276b0c92f1f2d400646f1","sha256":"a9f3dc95c8ce39e9bcdddaa3a890060f3598eb03f0786c2e84697809be687972","sha512":"70e8c59e350219bea1f1b9eea079726b3bed0e253080f55b9e5cb3f48c2cc81e8af19c523e252ea515fdc362d465eeac54396f79fafb04baece8b1cfdc8a9243","ssdeep":"192:MvsKqrymqpgV5D/C+LResnWtPiMPnUG2bP619kXvoL5VCEiNth4BsQ1nAkZCmILm:M5mDd/jLU9iMPUl6TnEheAkZC5LkxAuT","tlshash":"3d42d0add9264c02c51dece6f76fc35988ffab913911f301bcf6b0a68726109f509a52","first_seen":"2025-10-06T14:54:36.277447Z","last_seen":"2026-04-16T01:23:17.031953Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5741,"timings":{"blocked":5719,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/css/style2.css","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/css/style2.css HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\nlast-modified: Mon, 16 Dec 2024 03:19:06 GMT\r\naccept-ranges: bytes\r\netag: \"0317d43694fdb1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2992\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10061,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"baffa067f74c37096355488362be8c74","sha1":"0df06b0689c393b2cf75652e024090d0e3d9d64d","sha256":"52dea82ac0432ba6e7fc2d2815ea232f47157b0b5964b393f6ea1acd4fedf0f8","sha512":"1726943eedcd9185a6f44e1f592fae7e2b32d9c68ffae538b2bb4b1ece66da4b433736ac82b1a3cd7e33f78ca005ef5b45271096023ab2ef09581cca4228cef6","ssdeep":"192:2Qsjac0MP0r5lqY4MGqrtF7+AtO5f/a4e:2Qsjac0MP0rfqY4VKnrtO5f/a4e","tlshash":"c32242566153346ea2ae4227f5bfa1bf7e1f902bbb2b81c575353e389acb4d70130184","first_seen":"2025-01-03T05:17:31.239254Z","last_seen":"2026-01-08T09:53:39.28444Z","times_seen":5,"resource_available":false,"data":null}},"time_used":763,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":763,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/0128/20240128043423825.jpg","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/0128/20240128043423825.jpg HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 21915\r\nConnection: keep-alive\r\nLast-Modified: Sun, 28 Jan 2024 08:34:23 GMT\r\nAccept-Ranges: bytes\r\nETag: \"2d90f8cbc451da1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28821\r\nX-Ser: i37222_c28455, i2103121_c28197, i1935953_c23471, i1935945_c22759\r\nX-Cache: HIT from i1935945_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21915,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x210, components 3","md5":"58558406d305a8a610c8aa923020749a","sha1":"91109ee76f4dc5dee463947722fc2bcf5d665ae3","sha256":"f926331b129afdc9bd45a0628d25ff678415c7fffbfc83bad0ca5ea6ac504241","sha512":"860123ab4f7a829f1f59881121984a60f060e3dc2d0cce76dd3f50d5589e2b8ad99d7d67dd425cb4a70f1e9702f93861fcc1512b7f16e6d79fde0739742a312a","ssdeep":"384:FMqA9XWfLnLzD+OZmQ9CbkBWgL1Ef6hQfEhNHsnCfFfbUT:+qA9mDLhZYbkcgL1c6hvSYFO","tlshash":"2fa2e1dbf5a712d5fc02961adbf28d02cd8048e2f9908d2610e95bc7be97297681862d","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.495489Z","times_seen":14,"resource_available":false,"data":null}},"time_used":5485,"timings":{"blocked":5460,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2017/0921/20170921043555699.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2017/0921/20170921043555699.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 30309\r\nConnection: keep-alive\r\nLast-Modified: Thu, 21 Sep 2017 08:35:55 GMT\r\nAccept-Ranges: bytes\r\nETag: \"e4ea10a4b432d31:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 31802\r\nX-Ser: i32023_c12732, i2103143_c28197, i1935955_c23471, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30309,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"99fd3220aa21475eb9e54bb1bce4a992","sha1":"53550f0b3533002a17d0ab1520343f96da79ffb4","sha256":"7c0697f5bb1d43ef126b21140c360ca4e0e4ed85ffba0a0cf94592630373553d","sha512":"8cd79993df3999d27317e20d39329701051372b662aa89d590404bfdf9d6e25b0cf07d93cb2dc14c946cee9f89b517c2c783a155185e14aa962cdf364e77a19d","ssdeep":"768:T373ktr57r796ZNDp6Gt+2701u3ncsBNiZK:D7UriNDp6w+y0wsgig","tlshash":"6cd2f23ad0f929f0b257e58b9013017ab73b4854ac376a7b8abd301b605f54b9d3dd82","first_seen":"2025-10-06T14:54:36.28531Z","last_seen":"2026-04-16T01:23:16.689602Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5730,"timings":{"blocked":5705,"dns":0,"connect":0,"send":0,"wait":22,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012025243648.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012025243648.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:52:43 GMT\r\naccept-ranges: bytes\r\netag: \"806f6cc135bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3456\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3456,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"023d11abb051b1b276a2e62efecd7bd0","sha1":"8e6d38dd801517c937343618fa54c85c101d344e","sha256":"fc99359513fdf135b6b1cb7330914cd1e1a83b21f47c969e5451bfb6cddb7908","sha512":"8979bf70346e12581c45aad2120f8501a95d9b99cc642c39084ebfe6f3d58c8fcfb0ef3242cc5ccb5a4334b20cfac392b1caba714ea69ad00d211ba3ccdb48b0","ssdeep":"","tlshash":"1a616d2ea259f9504305594c896924260c6289d873e1ff24f4d3c84f4c7e1aa5c08eeb","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.051865Z","times_seen":15,"resource_available":false,"data":null}},"time_used":695,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":695,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012032500419.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012032500419.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:25:00 GMT\r\naccept-ranges: bytes\r\netag: \"02ef7433abfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3229\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3229,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"77ccd91e2a3ec890771f4f1b527ab1c6","sha1":"c64c4ae90a83942c84ff3f0974246e428da089d4","sha256":"ed3dbc22e2e0656a909ce55362d4ed3a051e45370fcf9e75151884e3bafb8ebf","sha512":"36019fb966b06ed75f3729b2e038dbd604ed0c7f14e42b053d779b3c47c9cd523970958cde5332bb4b01b89132fc0248c9aa4b3e6c81aadde583a0502ec14faf","ssdeep":"","tlshash":"b9615b88ef13ab16aa4edbc915ec201f06374c500d81b8a725c3c83eac525fb25ae9c1","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.431553Z","times_seen":15,"resource_available":false,"data":null}},"time_used":866,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":866,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/softicons/yyyy.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/softicons/yyyy.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 30 Jun 2015 07:03:55 GMT\r\naccept-ranges: bytes\r\netag: \"807f85ed2b3d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3982\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3982,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"fc063fd423dacfa08feea5bbe853d104","sha1":"d59cbac55ec97de759f76c6e58cdc24b19ff0547","sha256":"1298344d3b00954880fbfbaa5eb119658ed2cd2e777b74cb400674751d836a21","sha512":"ed4e4e0d20119909fba4eecbcad8ab32991f45a3123028d020029533287feb1e47d4e4207a51c6d49934efb4623bc0d1453f32dcbf2ed4b74efc4efcb388e790","ssdeep":"","tlshash":"eb817d43a55f39e3d5270596b9990288a5ff0f17b3ba1a144d8f253d8cf88c2f60051e","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:55.254044Z","times_seen":15,"resource_available":false,"data":null}},"time_used":836,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":836,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117022811240.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117022811240.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 06:28:11 GMT\r\naccept-ranges: bytes\r\netag: \"80cf1c666bbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2485\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2485,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"762834d33ed4c6389cd0343957cfd775","sha1":"e8e3e61a95821eaf4cb537aa97a473f63841b9cf","sha256":"8a39ede682cdf1e6b130c35861ccd7c4a5e86ec0281c6697a1bd0ad8dc5be7a2","sha512":"f557b11dc7a1ada4949dd6a890e38580db231a151196d7be6551096067b23bb131079da6ea5581204e7627874fdf7097125477fb66f27a656a20fabe4d93103c","ssdeep":"","tlshash":"b2514acebf00a480a97dce46a0f7107769116c518ed47ea66d9cca922d74069c17f7c3","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.083257Z","times_seen":15,"resource_available":false,"data":null}},"time_used":804,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":804,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/softicons/isyy.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/softicons/isyy.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 30 Jun 2015 06:52:26 GMT\r\naccept-ranges: bytes\r\netag: \"071d8521b3d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 4356\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4356,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"83c63ecbf72c461ad89b05484a925107","sha1":"78f7d50f74aee9d1ec0ddbb27ae7e3f8568bf903","sha256":"665b185ccbaf140fe05f65f87e30ca268a42f3d95225b7ed2661957f0a08f836","sha512":"59705965af7c9b3af09d340d8c0341cb5ac68b1d97f0cf7a2aca0ed139853fdcd933bafe2ad8395612440b21f70dd0207cfb7e2f94c284283a1a2c53ff3a8b23","ssdeep":"96:i1ZlHpA1cFp6L4Kd+qdnweJMV+Qu0VQZF8arOPc4q3:i1ZFW+EEKd3dnmoQJVQbrOPB4","tlshash":"dd915cac46d188ac3491c48fecd25ac9b6c6d8d97f2124b34642f1b517ee5f4b46225c","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.46442Z","times_seen":15,"resource_available":false,"data":null}},"time_used":836,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":836,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117025915847.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.932Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117025915847.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 06:59:15 GMT\r\naccept-ranges: bytes\r\netag: \"80a324bd6fbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2641\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2641,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"bc9368f12635573db4286e22e78b4a93","sha1":"9896fdc9ee6825c25379e7ef75e8dfeb0f7a129d","sha256":"6be532e6c86269276c54bcc59c3dfc4dd732ac0c2850e6cde8f9cae709f46e24","sha512":"ae174c17c6fefe8bb261a20b41b715c47419e8f46d608b54b88d9574de0808fbab85ccb7eb449a703e6eb21f7eafb8d5d2a857a856c6cc2043b3c081378be176","ssdeep":"","tlshash":"7b51f9cdf8d0ac85d2d994422ce70866ed6640046bc2b45adc4a8a5f18b43f3886b1c6","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:55.004484Z","times_seen":15,"resource_available":false,"data":null}},"time_used":948,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":948,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/0324/20210324012135126.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/0324/20210324012135126.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 11718\r\nConnection: keep-alive\r\nLast-Modified: Wed, 24 Mar 2021 05:21:35 GMT\r\nAccept-Ranges: bytes\r\nETag: \"37922a8f6d20d71:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i91568_c21609, i2475927_c28821, i1940277_c22409, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11718,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"30021da019faa5c80eeb6efeef3ade96","sha1":"1b17f1548e58fa07a421cf76c0333bf2505d8a1f","sha256":"511c8dd1d3fbecdb050c04cb8ee485c0cee3d46bc2117685b08c063af7103d28","sha512":"164c9ceee7eb761c7b32b8c94a82d0e0445ebff7bc98be1896fec942b96d2594e473ee9b3511264e0db4cf2637a9d1a242b93e4d7cceb19b75cbfee4f357c3d3","ssdeep":"192:mPI5NsQYj+vKwIaWuAlLGm0HshGMoGZVFJAbFetG2vyrsDT+/ELRO9KHEfouOYkl:WIYp5HXZlKm05aw66w+/69HC/OYkl","tlshash":"7832b066a4a026d359d8876933e84cd8ba426cf3a43fe71c40f9b9b4e5b5610efd0360","first_seen":"2025-10-06T14:54:36.303066Z","last_seen":"2025-10-06T14:54:36.303066Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4998,"timings":{"blocked":4976,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0714/20230714034740259.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0714/20230714034740259.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 35845\r\nConnection: keep-alive\r\nLast-Modified: Fri, 26 Sep 2025 02:38:10 GMT\r\nAccept-Ranges: bytes\r\nETag: \"e047998e2edc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i90978_c21609, i2103141_c28197, i1940229_c22701, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35845,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"199296f8e2dc1229e18bbe6f3e7d6e42","sha1":"3d4f003fd56f1d1074ab5ee5a773f768cfbf7a90","sha256":"ec50b1074fa312ed7d6006a4336ba1ffb38939c638e0496adb03c6ac19682f58","sha512":"4e134b215a4a3d81a734a6c62f2b3b15515921f1231e08908d225c0117b076d17b245f95bd19c091b4aaef773de285d8305ef52f347f4a254a34592dab26a246","ssdeep":"768:ILNRZbDoMLpaQW+sZbJZkh8kBB+VkFqm/udj8UiDfpS7ravxVsKHm:YZLaQYWhLBpHwjYhpvxOKG","tlshash":"bcf2f127d376fe53f4eec10802d1525ac76238ef37c2c08837a42525858bfb4a583b2a","first_seen":"2025-10-06T14:54:36.305667Z","last_seen":"2025-10-06T14:54:36.305667Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5580,"timings":{"blocked":5554,"dns":0,"connect":0,"send":0,"wait":22,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0427/20230427035208311.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.998Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0427/20230427035208311.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 40811\r\nConnection: keep-alive\r\nLast-Modified: Mon, 15 Sep 2025 02:17:28 GMT\r\nAccept-Ranges: bytes\r\nETag: \"983e7ae2e625dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i91252_c23533, i2475963_c28821, i1935879_c23471, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40811,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"2bf884c8e9caa0705a88e3b164989525","sha1":"a12e2c376a83dc8b092a352446dd8491cb0e836e","sha256":"024b77f4083d3f11e26f22bb6a833059120743ebb00646407c27b02645347304","sha512":"0d62f9cec085fd4e8e607ba5f175cf3ea94fb461ea8c9ca3151ca8ed91941006361023642bddc84b8d2b2da769cfba39810ff143f7ad583703c1772684c051c5","ssdeep":"768:5C3fw6jdHhqC/FGrDIaKVpCAux7FvAZUimsWIDaXmrnKw0RGVRwhAfPGWrtJ7q:cvZjnlNGrDVeuvASimsWIDqgV6kOWrzq","tlshash":"7803f20218ec9469a85583f260e7183c53a2fb2780f7e8d788f7d71e9d4517171beb2a","first_seen":"2025-10-06T14:54:36.308193Z","last_seen":"2025-10-06T14:54:36.308193Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5601,"timings":{"blocked":5566,"dns":0,"connect":0,"send":0,"wait":30,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0117/20220117032006112.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.005Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0117/20220117032006112.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 12885\r\nConnection: keep-alive\r\nLast-Modified: Mon, 17 Jan 2022 07:20:06 GMT\r\nAccept-Ranges: bytes\r\nETag: \"9a1faa672bd81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: BC85_dx-lt-yd-zhejiang-jinhua-12-cache-5, BC199_lt-obgp-fujian-xiamen-33-cache-1, BC130_IT-Lombardia-Milan-1-cache-1, i1940233_c22701, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12885,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"c00a8133501432f799dee434d2a7f60f","sha1":"f83d294665f2e34e2d08d0573d20143de8982d7d","sha256":"64309e41eae72b55672002a6d242830187f3b62a90d1bd4a45ef0c987c7ef840","sha512":"c648340569f422843f1fd379321874b4fd40c47fbf9f35de941c709961733f08d3a204e3ec026b7b302af8831d24c3f0480608847bd98cddd6073ec63da44af2","ssdeep":"384:DOYfRizjxz/2y/EDMhvM6NbSip94F5qPIOS:D/y/EotNbSq94sTS","tlshash":"d642c0c9dfd497d19f88bb7cc81088ca2ca0724437a682b8973601c56db39b086a1e1e","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-04-16T01:23:16.824007Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5017,"timings":{"blocked":4988,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/bg-d1.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/bg-d1.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/index.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 18 May 2015 06:23:31 GMT\r\naccept-ranges: bytes\r\netag: \"8033f1283391d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 1380\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1380,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 5x20, components 3","md5":"fa6b9808ca4f8b665bac74857f92a5ef","sha1":"5d6abebb22c089f4d850bfa930437c0b4c0cf555","sha256":"0cd2a748b368823fac122b967b91b97ce52243ce78cdf125e151c5db587ed518","sha512":"2c7332c8f9e5a6b91a730b9f5c793ac84ce87588fc47759adf64c11bd4800e98aab2520495c5946ee1b2731445d99f840b39fd57f6c23be5b1c651246da19f90","ssdeep":"","tlshash":"7521420ff6126b42d8b8ea3135f2501b5d558480b9c0e69aa4fa8c1b18751f7081a2cb","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.243096Z","times_seen":16,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/bg-ul2.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/bg-ul2.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/index.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 19 May 2015 02:17:40 GMT\r\naccept-ranges: bytes\r\netag: \"0fa12fbd991d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 1269\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1269,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1x1, components 3","md5":"1ad4a29b795e3fd7906501eab62e85bb","sha1":"89489b1388686ff46a217d36ce7cbe14726c1350","sha256":"931e87bb6187737ebc48f58d69b7b66901697d34ad79d97da7fc35c70fd051fb","sha512":"9696e526d91d67232d57e0c6b8f50ff94f005a8dba1ea9c033eb4e6eb3cdee64a7a59050ee5d64974c5d52542a8c312af3a0c9fe66486d977abd6ded34784d66","ssdeep":"","tlshash":"5221630ef612ab02d8a8d97639f3511f4a0554c0f8c0f69ab4fadc1b1c350f6082e1cb","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:54.847538Z","times_seen":16,"resource_available":false,"data":null}},"time_used":340,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":340,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2017/0601/20170601095852129.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2017/0601/20170601095852129.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 2088\r\nConnection: keep-alive\r\nLast-Modified: Thu, 01 Jun 2017 01:58:52 GMT\r\nAccept-Ranges: bytes\r\nETag: \"e6b9a69e7adad21:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28817\r\nX-Ser: i64264_c23533, i2103129_c28197, i1940269_c22409, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2088,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"d60d32c5973e846e019b72ec63828cbe","sha1":"be26dc34c457fff543b5cf0a54c80afb2f81daba","sha256":"cebd16e1e97763ba4210292795a62012e8e23507ad336e904a6a95b69be40be5","sha512":"692797f54e8f86dc670f114008e65e8e144f10f0b1e6c3e5b8ab266ec08cbc3b44f382f7a39101af3b947d2c78bf6095010f8ed941d73924c6f904612a32640d","ssdeep":"","tlshash":"21413ca00f3c7032991ebc618bf0686466ec33f67d89330766613175113a14891c753e","first_seen":"2025-10-06T14:54:36.317248Z","last_seen":"2025-10-06T14:54:36.317248Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5210,"timings":{"blocked":5190,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/1003/20231003023030190.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/1003/20231003023030190.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 11889\r\nConnection: keep-alive\r\nLast-Modified: Tue, 03 Oct 2023 06:30:30 GMT\r\nAccept-Ranges: bytes\r\nETag: \"43b0c01ac3f5d91:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28821\r\nX-Ser: BC147_dx-lt-yd-zhejiang-jinhua-5-cache-18, BC204_lt-obgp-fujian-xiamen-33-cache-2, BC132_IT-Lombardia-Milan-1-cache-1, i1940229_c22701, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11889,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"d09be00580982d9f0931a8fdfdf63d05","sha1":"56e3ec882d76f5ee78e3bec57a77094adcf7e1e0","sha256":"2fa377f106c971b1435eab6114b5254646f707fbb26736f9d70ca9d7efe87cd5","sha512":"87bd897592e366c2486e26e717a53897f03c2a1573b07592e06a43595d2d2cb8ae47b61c2f39d147c8894e27bad00d79b555cc96ad53993cea0567807ee4476c","ssdeep":"192:e7Sh7HECgD+Sz6Rx9ZKgMx/voCtNX35P5CQvxFoSiGUl3NW2t6iKpYwb4:+ShIChZDMVACtt55CG5iHAtGa4","tlshash":"c532d14989625cfd763314b70fd6e8df5122ddf60842e11082780a1991ea9cb7bbccde","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.25198Z","times_seen":15,"resource_available":false,"data":null}},"time_used":10165,"timings":{"blocked":5051,"dns":5031,"connect":20,"send":0,"wait":21,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/0709/20240709083725306.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/0709/20240709083725306.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 25012\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Jul 2024 00:37:25 GMT\r\nAccept-Ranges: bytes\r\nETag: \"1a5e772b98d1da1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 15650\r\nX-Ser: i92434_c21609, i2103125_c28197, i1935885_c23471, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25012,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"ff943d7ef1288c20e1789221c44922fa","sha1":"79e08c6cf541f972954ff1738f989c0f881e8a8d","sha256":"d335b67109bfe9b35d6324648d5c17404c12bb5f5759fa0f92c2f31f8ec1aacc","sha512":"8dd7ad76acc48f1dd8c3bc418f74fc926536763f463a0fa50514285a842ef82c451241690671ea003872983a656ef0526e9f630a4e763fbacb6df71b5ede38e9","ssdeep":"384:5sFQ6hMayfcmzPujj2QWz0rsNEeTBqMGIjpIeg0V2JJZsjmAtCxmMKXukscqS8pL:cQAryfcmz2jAzcAHrntIKCsKhi/uHc01","tlshash":"15b2e08adb3d0a184113199ae70c26270edbc2b95a7beb36f84ed85472d2dd14ae1760","first_seen":"2025-10-06T14:54:36.321601Z","last_seen":"2025-10-06T14:54:36.321601Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5535,"timings":{"blocked":5510,"dns":0,"connect":0,"send":0,"wait":23,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/softicons/sogouwbsrf.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/softicons/sogouwbsrf.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 30 Jun 2015 07:01:20 GMT\r\naccept-ranges: bytes\r\netag: \"06022912b3d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 5784\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5784,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"0f8aea982155f0894375ae10a39fe97d","sha1":"1d5750f0f0c032bf2c0da352b790d3ed6b42927a","sha256":"aa84841692e4e34e0a7c1bd1048747f0c329dbbf91a1a8d939de675d9cc4db85","sha512":"3f105232658dc042cb77af7710f43a28926d9fd5755f3a2454dfe71cbac641662a8329f79d1deca6ac8b43d7e3b3f75fd17c7e934c6a3cfb3f6b22b5aa078e60","ssdeep":"96:/T0cyvnfDY/YPe4lEXYoQsSZheL4KL5ay+mEN2VS/5PLuttN:/TgfDY/YKYoxS2L/5Bq2w/tLgtN","tlshash":"96c19ec66f199f780aa4a695f0b00931f9778b636fd292663f5b136950808bd0d067c2","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.332838Z","times_seen":15,"resource_available":false,"data":null}},"time_used":698,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":698,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/softicons/qqwbsrf.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/softicons/qqwbsrf.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 30 Jun 2015 06:57:23 GMT\r\naccept-ranges: bytes\r\netag: \"80bdf32b3d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 5437\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5437,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"ea3fe0dd3743af6c3b19ad916a35a742","sha1":"4412ffa31bfa8a78de71d9601be243822e53aa36","sha256":"ae17132a2d21707932033f2449a41a18895243407e87ce71bfb31f37b9c31bdc","sha512":"f4d03e05a724006c3a15167daae4008c85e08bff41a47fcb424bb25fcde053a465f231a6f3f1931ae08392974a9da1cf111820b26c43026e08c09fbfae765e18","ssdeep":"96:lB+lc/8KhJz6cHc3vj2OVy7HPG1KKyM06iPjGrTwCQJsmzp7JTxr9Hidu9H:l8w8K+/j2CIHe1Kk0lPjGQPlt9HiM9H","tlshash":"12b18d98b4b79bebf8dc47137d0838180c8dae95663352bcd49d20faa748cd64165bc2","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.351875Z","times_seen":15,"resource_available":false,"data":null}},"time_used":697,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":697,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0617/20220617102642761.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0617/20220617102642761.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Fri, 17 Jun 2022 02:26:42 GMT\r\naccept-ranges: bytes\r\netag: \"01d5faef181d81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 1457\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1457,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"eb65ed5d4b115c87e9475accc6566866","sha1":"783c44d7dea65d9abab97e4112412ceb04da6cff","sha256":"e12c4555ea4dd4b6ad513bfbdad3eee70812ac0ba685d497fdea3cdcdb0a5b06","sha512":"aeaa93edae6e8ee5dd85cf27db7b9af61cf474ee94bf0b18b464c21d06f04e83b6375a66b4753e83736d44539308605f090c921bab080e315f1b1d00965c5b9c","ssdeep":"","tlshash":"1331e6f217899b9820e99af85e3f093c82bfabe556a5001d1e138071592812d2a1d731","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.202826Z","times_seen":15,"resource_available":false,"data":null}},"time_used":836,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":836,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0803/20220803051446789.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0803/20220803051446789.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 35544\r\nConnection: keep-alive\r\nLast-Modified: Wed, 03 Aug 2022 09:14:46 GMT\r\nAccept-Ranges: bytes\r\nETag: \"2e4a747919a7d81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i32539_c4111, i2103125_c28197, i1935955_c23471, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35544,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"47a09c300c3bf3d12f97a8f4de93dec7","sha1":"b7aea2651f951d038aa47d2628a4e509612b41e5","sha256":"baf446d1bd8b25d025b104040c61d6d4da84d84d1cf5d0b99d6369cc098981e1","sha512":"d5aa83867a24734fdd18db35d66bd14f6f00a3530db08f0326803c476b8c18dada4946a16f6c414b88ab12cd61986c29e173988fdc872a1b0070beb11e58f2ff","ssdeep":"768:ZfAa3nU1iLgjdyoVBLpTz54WJefUDTugwrlrQ2EjHaJhKjvG3GTG:1Aa3UULzg9pXdA8D6Trl82AyhK7G3GTG","tlshash":"fbf2f2fa3e5a704b14be7d64c13a3e9d4df422db1b283b587bc1b1663066b7b11a041b","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-03-04T05:46:54.956667Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5590,"timings":{"blocked":5563,"dns":0,"connect":0,"send":0,"wait":23,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/0426/20210426025334912.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/0426/20210426025334912.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 20639\r\nConnection: keep-alive\r\nLast-Modified: Mon, 26 Apr 2021 06:53:34 GMT\r\nAccept-Ranges: bytes\r\nETag: \"8b31fe0683ad71:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i93068_c22643, i2475963_c28821, i1935891_c23471, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20639,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"263ca7f74ba138d13fa614f6ce8bf3c2","sha1":"912d15b67706689a2f0e7a2a1ad44ef2b711e9ea","sha256":"f7a606d48d7337665ba14ae797c6307d0f5749097e88dc1cd356af81538f3f17","sha512":"6f52035a8b25e7051dd19c06182b7e6471a784408e2107687905b7a4a8720af44c4b2125854f98569837dbcdc7ebea29607b330ad802c9033c295b8e55f76d4c","ssdeep":"192:OS4+5kt+nzO1CtzmZoPC0cDO4xjiKqleaQ44Rl:xotTgtzmBDxji14L","tlshash":"a6924a149df2f155865ae83148f6300d5b7106c7e5c29e81faced8682f16fde4c9f182","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-04-16T01:23:16.957563Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5018,"timings":{"blocked":4993,"dns":0,"connect":0,"send":0,"wait":23,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117022727950.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117022727950.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 06:27:27 GMT\r\naccept-ranges: bytes\r\netag: \"80f1e24b6bbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2660\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2660,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"d8fb63801be266a74b2cb3d2fe463790","sha1":"428561648f4bb50793b4531544a5909c621013d8","sha256":"a552e6b2a571cf65f92a226ef94e7f51cffd4655571a7fa429260264d7e62ea9","sha512":"4c50b67a4cc2b2ecd189afb7cbdc7d050ad650fb9402166a5addda4a4a948258fee77e4cb34094e43b5ddc625fc50921f638a29fd45312895168ccd60c9ad804","ssdeep":"","tlshash":"06515b44e2c1faf0984af74418f578b3a7393e00ae60a40d76ddc53b0838236074b893","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.386596Z","times_seen":15,"resource_available":false,"data":null}},"time_used":955,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":955,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117034804143.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117034804143.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 07:48:04 GMT\r\naccept-ranges: bytes\r\netag: \"092f68e76bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 2201\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2201,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"3c5b347e966ae902e0b0acc317cfe545","sha1":"059a3b0db08a3868266cea7e5cedace254c098ee","sha256":"4c015bf761dec673dd6436a5edbe6de0b1a8877e154c22ae38c0872a5e151c5e","sha512":"ec5d3048ba62d65f31621cfa9e9cab6b65257ec3d9b690f57fc53f1466cd4bc65d0c4e8eefd6d83cd1f2ce061c371f150cd39971b8b8bfdc62e4806aadcea147","ssdeep":"","tlshash":"b741d75fb34799012a99aec724f3211b5a2206c08de1f152f58fc14e4768bfc5d2d5c7","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:54.922968Z","times_seen":15,"resource_available":false,"data":null}},"time_used":839,"timings":{"blocked":366,"dns":0,"connect":0,"send":0,"wait":473,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117040801761.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117040801761.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 08:08:01 GMT\r\naccept-ranges: bytes\r\netag: \"80466e5879bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 2877\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2877,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"dd20444290452848e9d7bce2471d9adc","sha1":"6180c3bfc1de7c20e7a807f775ec15a28d625d44","sha256":"18e0d8443064945e7f41813fe3d17a5a38cea4e7f06fc815c5f29fb05738da81","sha512":"6602f00a11f3c59281b45dab70591a36f4a0ca0cdc1eb86afe404cce9c092a3d13a308a3d006d1594e87e94adb5fbd7d67d284f24e1a7474688fc7241c4c7bd0","ssdeep":"","tlshash":"22514bd4e681d100e29eca072ceb3d735ce11984ca7ebc52b9aec4bc4a741f532826c7","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.087611Z","times_seen":15,"resource_available":false,"data":null}},"time_used":860,"timings":{"blocked":366,"dns":0,"connect":0,"send":0,"wait":494,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0903/20230903082246525.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0903/20230903082246525.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 19634\r\nConnection: keep-alive\r\nLast-Modified: Sun, 03 Sep 2023 00:22:46 GMT\r\nAccept-Ranges: bytes\r\nETag: \"3ff585c3fcddd91:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28817\r\nX-Ser: i63546_c22643, i2103129_c28197, i1940235_c22409, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19634,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"24760264db61bb74a559937d09a5181f","sha1":"d19459538a3eaf724c6d90c8d32107cf6dfd78cf","sha256":"e63c8110ffd88c39e31baaf992ae3650fc70d8e887789fb53395cb0d50d262bf","sha512":"dfea754797944312731aee7521347bb0c8de682a451f3644f0fe42006dc68cc6c3e49c9fa7fe3055aad222e5836971b88e08e34e4ceb94f249b8bddb29da3539","ssdeep":"384:1V+U8OQBQjwlbUPomCfi2XcO8YGxUANKI+vAgaE8qPWIvOXN96:D+KlOBxi+SLUamogaEtPWhNU","tlshash":"9892d179e8a3b4e7c19f87f2a2fb48b5853053bfdb3ee4e10a1c15e68012cc55636096","first_seen":"2025-01-03T05:17:31.529923Z","last_seen":"2025-10-06T14:54:36.342224Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5513,"timings":{"blocked":5487,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0403/20230403032416833.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0403/20230403032416833.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 44053\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Apr 2023 07:24:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"536574cfd65d91:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i91224_c28777, i2103125_c28197, i1940255_c22409, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44053,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"922725ccd75c547876008ad98a1f4883","sha1":"26f7a060ce13a25c090795c35c9e0783fedc07c9","sha256":"75d8d9914dc0b865411d24a53924ec927386b04ce9766fb7a4436900606f3d8c","sha512":"ef613abe6918402d9adf6678ff43384e5934aa351bf6b651aacf95dae4827869424697e879cded685552a182879ad4247a4cde34b822b306efdc0c7caff304f2","ssdeep":"768:Vg08Y0Em6sdXFRCxGXuabz5NDOUVF+spCtA/9aGBTQ71vCdenCOHJT3Ss9SYJm1:VmYu6sdXFR+yt8UWKa/QTTdgpbFdy","tlshash":"2713f17b1798b21bff5d086cc8803bdd5965f2df23146d2e087d6296b0277526226f31","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:16.884417Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5670,"timings":{"blocked":5631,"dns":0,"connect":0,"send":0,"wait":34,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2018/1028/20181028101440438.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.011Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2018/1028/20181028101440438.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 15662\r\nConnection: keep-alive\r\nLast-Modified: Sun, 28 Oct 2018 02:14:40 GMT\r\nAccept-Ranges: bytes\r\nETag: \"941b95fb636ed41:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i91196_c28777, i2475941_c28821, i1935859_c23471, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15662,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"3d1f9973fa105be67ae5d936e1a3e0dd","sha1":"13591a6b389c3b84c0402e101a713d2c1264399c","sha256":"f00c6338fbd45ec62eeccc29992ade457e607ef80b3d2eaaf20318d3f647d990","sha512":"a55610c84a25ab19f9d20e05425925310ce7ce4ddb50fc8dbb544f7680e65da2f57394ed97406e7883514bec770c7023387b61435d9d3e078535f88a777f9a49","ssdeep":"384:xY4Il+27Adrh02kCR8hb4tPCiXhDxAcJDg:G+iAdPuhSn3LJDg","tlshash":"e362d0d63997d8b706fcae3c6306d110a8f81a6f154289f38e9c0db6161f7a857512cf","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:16.650438Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5667,"timings":{"blocked":5644,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0125/20220125031316689.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0125/20220125031316689.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 36871\r\nConnection: keep-alive\r\nLast-Modified: Tue, 25 Jan 2022 07:13:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"d139416bb11d81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i37228_c28455, i2103119_c28197, i1935953_c23471, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36871,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"1831ef55432d1a251e198101fa251235","sha1":"f6bb970303ae11a875a9008fb7ef6371cb192c44","sha256":"1d4257bffc97b2c8328ee18b2904a5469470bc23751c14e0346db659f7688797","sha512":"58e6a9e6c167b301b2c1a9650512cd4e109de29148862bf430ac5baeade5accb6e321ab5dc7b22611ae01ba377a1c5acee660d107997e3be4bed88ce845971ca","ssdeep":"768:F5UmL7HcHxaUlE0ZCdzafgkSLEJo0W94Rd3bYA9H2khjC+S+AFYU:HTLLmappzadS59EcUH3wTKU","tlshash":"81f2f2eb3e901a3743d4ad93e1ae561c3b484725cc76196fc47b413d616c7da5a03e32","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-03-04T05:46:55.265462Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5748,"timings":{"blocked":5720,"dns":0,"connect":0,"send":0,"wait":24,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/tongjig.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/tongjig.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 06 Apr 2024 03:57:01 GMT\r\naccept-ranges: bytes\r\netag: \"8024927ad687da1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 787\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1327,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (511), with CRLF line terminators","md5":"e010e2a24e8f6840183a24c4b2861670","sha1":"228453936a5d3d00a6aaac57ee9aa17c5e34a3bd","sha256":"43f11b364b7a96310090ba83e73fb7d97e2c300c45707b760485e708913ebf41","sha512":"0f9d947cbdbe8f5067d60daa635e8b3c1b5eef60be22ffc7cb4226c8037473d6b14f99d9dbaafe139b9b6136f1607aecbf4e4762e3a2c10c61dcfe197a38474d","ssdeep":"","tlshash":"6921fd5f280568382b9118b942bfe64cf5b6107c152bc007e4edc88a2c78fc5082a7cc","first_seen":"2025-10-06T14:54:36.35052Z","last_seen":"2026-04-16T01:23:16.762172Z","times_seen":11,"resource_available":false,"data":null}},"time_used":826,"timings":{"blocked":463,"dns":0,"connect":0,"send":0,"wait":363,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/jquery.SuperSlide.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/jquery.SuperSlide.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Sun, 16 Jun 2013 02:52:36 GMT\r\naccept-ranges: bytes\r\netag: \"0b2668e3c6ace1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3621\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11334,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10922), with CRLF line terminators","md5":"7ea11fbb848cdb739af15e147a37c765","sha1":"69fd9147cb1bf62e87f9d691f465bc7b2b317cd6","sha256":"b83518398431f34d291551fc041d1a628d46a21e9cfdcde946911e03b8332148","sha512":"e8f0c9e5d6c9c66eb058bc2243bc2e0dca62644fe5fd1df8fe9651d3978d177209915501d364ce6f09d6a9f84a3506a5a786908e2cfe65bd2619064a99901c05","ssdeep":"192:YZK3bYHfc2gahQVoViSItpluMCuXGV+1tT1l50FH5oYyskaHwmIuTNSaXHZe2HNE:YcYc2gdWhMZWClnHhlwyT1Xh3","tlshash":"c232d65fb5b675ce4597b3f0107f940d222b5569fc8a8ca0b07082c4aeb9918243bfec","first_seen":"2023-04-07T05:01:53Z","last_seen":"2026-04-30T10:27:53.623381Z","times_seen":265,"resource_available":true,"data":null}},"time_used":951,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":951,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0813/20250813102628888.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0813/20250813102628888.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 33693\r\nConnection: keep-alive\r\nLast-Modified: Wed, 13 Aug 2025 02:26:28 GMT\r\nAccept-Ranges: bytes\r\nETag: \"f8b54acf9bdc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28817\r\nX-Ser: i25517_c12732, i2103141_c28197, i1940259_c22701, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33693,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 251 x 65, 8-bit/color RGB, non-interlaced","md5":"a5cf66d74c26c6de224d8460a832472f","sha1":"82178f9833d7e01f97aac6efaf57bcf8aeec62d7","sha256":"beaf15880f01272fd878726e697e6cd96e830b376ad2b95a1ccb1e6968fcb48f","sha512":"3cc0101f8b62ad33a4796e05f85f54536b741a54ce93103b153eb70bf56fd9cc1ba67ff38c8a701ab9d62b8a2aaf703cf475d67695633ec330b24e282ccf73aa","ssdeep":"768:JMk7vPCN//XdtwA0CvkRUGL3HmagzSPCxO1QmWwWGS1:JtONNy5ikRUGysPCGiOS1","tlshash":"5ae2f14bfac1be36b0c862479adcb5cb416ecd8c015b301f5c478d9698bf56705ea493","first_seen":"2025-10-06T14:54:36.354248Z","last_seen":"2026-03-04T05:46:55.407728Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5236,"timings":{"blocked":5201,"dns":0,"connect":0,"send":0,"wait":30,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012031025416.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012031025416.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:10:25 GMT\r\naccept-ranges: bytes\r\netag: \"80c66c3a38bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2854\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2854,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"7f4efa94253f318c83605a4d90770587","sha1":"58b5ac10347f412f4af04d301823012fb30d7843","sha256":"51e527b08d066bd7c359370c35e1e5ede6dfec73bad5dc862f22053093646c9a","sha512":"7da2ecb43e091b4f73238fea5ec8d4c59529a4a3bd0331fa368b28914de51aba21c9b1a428c0814de9ac5f1bdad5c038d1ad69a6fcfb5ce88a8ff11e4520af4b","ssdeep":"","tlshash":"1d514cabd9619546a1e8dd510cf3810e79310b50c7dcb2d07cdfd8225c283bbae165c7","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.609128Z","times_seen":15,"resource_available":false,"data":null}},"time_used":761,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":761,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/softicons/lds.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.794Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/softicons/lds.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 30 Jun 2015 06:54:50 GMT\r\naccept-ranges: bytes\r\netag: \"019ada81b3d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2916\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2916,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"bda18fde821d8c32bc2f3b406ec5ae43","sha1":"4323fcc94aeb5a90953c13527c213b751ce03401","sha256":"265f23b23f20c9d5d992822a44100a5d80cc6a2c154800324b96650282d577b2","sha512":"eea58b78b0810c02089b1dd62e10fd54ce0e2c37c3b3c5314915d640a36b153a6a4beecdadecd6546f0722f3e3c0783a49cda89a183780cba817981dd40ab003","ssdeep":"","tlshash":"74517dc503f490c0dfa9d394556be9b393db7d973a6a34d0592ac40a0ba5beb2021720","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.247343Z","times_seen":15,"resource_available":false,"data":null}},"time_used":759,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":759,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117025953377.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117025953377.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 06:59:53 GMT\r\naccept-ranges: bytes\r\netag: \"80facad36fbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 1961\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1961,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"bcf5925ef198e13267482766a1ecdc5d","sha1":"e6e9a4a47d6e8922248418bf1ded25e5e7ae200b","sha256":"3c5c8d260c396ae7d982318ad0c235008a234b8b0230f3ae3ee958864b230931","sha512":"446a189a1c637b7c3e9fca5928ec23fb06794d12233c9168d95ae02ef28ed3a1eb08e6f909c9834b7a7aa698921be4bedba40bcaae6f3877ca59ef2dcbdcccc2","ssdeep":"","tlshash":"c9410a5cb9a1cf44915fa9512ce8602393e74690e1d6f2e21acecd0a36b31f81d0a5cf","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:55.607517Z","times_seen":15,"resource_available":false,"data":null}},"time_used":842,"timings":{"blocked":78,"dns":0,"connect":0,"send":0,"wait":764,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117040813438.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117040813438.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 08:08:13 GMT\r\naccept-ranges: bytes\r\netag: \"8054955f79bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 3162\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3162,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"81484300606f9c1e83d1f3fc43da1726","sha1":"56b6ce9721b4e8b7b0c67162a4c83b4114407c5a","sha256":"0769ffe0fc91c9c5cd76612a58890d8d0684261aca6956ddd718522954cddd05","sha512":"7798909878fae982ec294035f3e5a170928e649b53d86bf07825b3930205fc95a415b00c259c7cd41db386b6f37863642b142e2688c36851b95acdfd7342685c","ssdeep":"","tlshash":"84511bebe5f09801a75bb70028edd077987355c496e4e5c0e5dedc8b1c352a570888da","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:55.626278Z","times_seen":15,"resource_available":false,"data":null}},"time_used":858,"timings":{"blocked":517,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0519/20220519051657419.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0519/20220519051657419.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 15910\r\nConnection: keep-alive\r\nLast-Modified: Thu, 19 May 2022 09:16:57 GMT\r\nAccept-Ranges: bytes\r\nETag: \"463d6c30616bd81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 194205\r\nX-Ser: i24687_c6956, i2260981_c27847, i1940251_c22701, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15910,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"22fbe20dd7d3e29eab71dadf5739b0f5","sha1":"5099f467d6dcc3529b6357e78a1d64ff1c099615","sha256":"83c9657e63526e4b5bb0750290c2e3f92359075821884d7c728ce72cc6b07b8b","sha512":"8dab852ec534b6f0ae9767afd1762b6791f48aee98a96f622faf8851fde1cd0dc8af92772db211e344a285717ea889d54c406c2acaf1f3fd10676ffa254a1f98","ssdeep":"384:MeWVQ+PxKeKYP+EH0BV+IgV5GrUx8hGtM7SOVv:fWC+lr+40f+IMUGtL4v","tlshash":"6762d1fbc57016d70bfdb152271b42a0e8d2986aa3d44c12a837e64d87909f4a64f92f","first_seen":"2025-10-06T14:54:36.376122Z","last_seen":"2025-10-14T19:17:50.135592Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5526,"timings":{"blocked":5502,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0923/20220923102531736.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0923/20220923102531736.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 43369\r\nConnection: keep-alive\r\nLast-Modified: Fri, 23 Sep 2022 02:25:31 GMT\r\nAccept-Ranges: bytes\r\nETag: \"9721a5c0f3ced81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: BC138_dx-lt-yd-zhejiang-jinhua-5-cache-18, i91154_c23533, i2103119_c28197, i1935955_c23471, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43369,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"6ed306993f89b676387814bf4c6f427e","sha1":"229a9c3d92e5bb76173a62324a17a831b600282b","sha256":"efce3758913da1ee9a33edc5265543a59c78a1a52797c981bb0c8c4ccae55d65","sha512":"8ffc65dfccf04cb143090035cad065f0cc8a810fbe60638a9037d6c291c0dc875164238b4a405fcdb9c6dfd473826639699d05940520e223a35d82b844b88843","ssdeep":"768:gcOZOB/DUY+JoQkKw6XPCZO/inaf+cH/mFlHHjssASaxS1nLLuaj2Tm:9Bzuot1MPCZOKF6/mDnjsXrSp6Tm","tlshash":"e91302b031349cd7b0ced437d701febbd045a477d862b8686ada21a2d46db9993bc407","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:16.982793Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5723,"timings":{"blocked":5694,"dns":0,"connect":0,"send":0,"wait":23,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/lib.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/lib.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 28 Mar 2024 01:13:36 GMT\r\naccept-ranges: bytes\r\netag: \"0209e28ad80da1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 963\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1743,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"60f67ef5a7e43d9b2b32f6b47f7052bd","sha1":"c0124d98f17cf4aaae7767f6d4be4ea7825426f6","sha256":"1a25a979aff7d1df4887bd2dd4877847e6aa8926d027fd624a05328b95c4e1eb","sha512":"2236d32e8c894d2b4927c4438203609d3f31a914df69ca2df3f07c07fd66965fef9a2b729ade6f08cf6553f9b882fcbbdb1f0c501ce1da10ce6f1ae2b6bfdeb2","ssdeep":"","tlshash":"ca31ac6afb4c5e5a40e331ea013b9404ededa5158d1646a0f4be04f52fe54486f3bced","first_seen":"2024-05-20T23:08:36Z","last_seen":"2026-04-16T01:23:16.903551Z","times_seen":24,"resource_available":true,"data":null}},"time_used":935,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":935,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0204/20200204013829581.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0204/20200204013829581.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 3961\r\nConnection: keep-alive\r\nLast-Modified: Tue, 04 Feb 2020 05:38:29 GMT\r\nAccept-Ranges: bytes\r\nETag: \"1de6a1541ddbd51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nX-Ser: i28797_c12732, i2475911_c28821, i1935885_c23471, i1935893_c22759\r\nX-Cache: HIT from i1935885_c23471(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3961,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"c9303af0349596a12754be95df18174c","sha1":"9f75a1716f0a288c4c278a1fe21420ecdc2a6549","sha256":"4500e5440d9aa8621e1e5090ea4fabb72e773522c9bcd9398b8678bec1cedabb","sha512":"74f9e8b6da3053fa98f40d4eb40ac6941d240ed7b1de3f18968027333b5312944a878f5923915335d84c5b27d3c0b7250d947fa2c45084af542c3d16d9d1c39d","ssdeep":"","tlshash":"4d818ef29829d730b4dc21d713d06878a72412dbeeba60b5a473d286876919d45ac702","first_seen":"2025-10-06T14:54:36.383019Z","last_seen":"2025-10-06T14:54:36.383019Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5660,"timings":{"blocked":5619,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0901/20200901043437405.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0901/20200901043437405.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 6638\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Sep 2020 08:34:37 GMT\r\nAccept-Ranges: bytes\r\nETag: \"f7fc44ba3a80d61:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 173199\r\nX-Ser: i91096_c23533, i2103125_c28197, i1940235_c22409, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6638,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"6ca7f5701b98a87ce36059f3326ad622","sha1":"920feed0a4eb6e59ba76c7873b06cb2b1ef97941","sha256":"a81a71e535807e42dcb5ae426a580ba7627f27929cda7576e56c3fe0fdd1108e","sha512":"869222ab8656593f58d4187a9c62437b5c929fd8dc59a40acd663450859c9b8275a3d22d24c255bbbf5b57c7f332d8b7a836bffd13b0f0d0a1effd75536a81fc","ssdeep":"96:koiiN7CF6aB8XT6oeFUq5TG/DbXS4SFtum3qDOrSmNkgZJW1qCF2tR2cv5D:koiAamGSRfSFz3qDI0ii5F2tQo","tlshash":"a5d19d6211d2a03839cd165c8b53c88ca9f2c7677c3350066a1adb7a2d38a1a9d43e51","first_seen":"2025-10-06T14:54:36.385323Z","last_seen":"2026-04-16T01:23:16.800967Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5747,"timings":{"blocked":5726,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/1217/20241217085034540.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/1217/20241217085034540.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 5834\r\nConnection: keep-alive\r\nLast-Modified: Tue, 17 Dec 2024 00:50:34 GMT\r\nAccept-Ranges: bytes\r\nETag: \"ca686eae1d50db1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28818\r\nX-Ser: i63598_c22643, i2103141_c28197, i1940245_c22409, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5834,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"3b183743e56d9dd403ce5a333556c59e","sha1":"fa51108b70e4c42acac88544a07a13c701572eee","sha256":"49bce5c74f0267b62becb9b58c6259d0a9f8654b27f69a1ba47f26dd26883e6f","sha512":"d79f9c2c32f322bb7202145dc436a164889ff1979e636ddb3823f6872ac4d0d789ebac4d6b0642f567e143eccde3087149ae6ba71e3943cafcbdb5082027797d","ssdeep":"96:59JECts5mCczgG1e/yurQ+RVWVofI0B764FzrvOb152AaW5vssuFCV0P4eKI1Sh0:5DbssMG1eKdlVof3J64pmb1B2sunPiO7","tlshash":"cec18d607ed31d542f0ba985150d8c35df5a288e72f872f85781307ceae6b7a7820473","first_seen":"2025-10-06T14:54:36.387734Z","last_seen":"2026-03-04T05:46:55.25845Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5201,"timings":{"blocked":5180,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012023351275.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012023351275.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:33:51 GMT\r\naccept-ranges: bytes\r\netag: \"80f1b21e33bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2666\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2666,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"18fad43ef068753606952363cf8bea94","sha1":"0e7e30bcb722b86bb87b7776119e7b48b1ee0061","sha256":"ebe68ee3cf456e9c82b70bbcbfd28e36015a78efc407e5583ec2115a57fd9e34","sha512":"9a207ddf4eb6c0c429f94883e1447d06476b25be030045ed6b4a89480e096b642093d7679e326584a821dbcc6cefaedb5e5c4582e98f2062e6b2a689319bb6cf","ssdeep":"","tlshash":"7a510b0afb815d7254c845c37cea9413fa018164ce94e546b8c9c10b38b15bbc23d5df","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.090273Z","times_seen":15,"resource_available":false,"data":null}},"time_used":851,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":851,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0517/20220517035032437.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0517/20220517035032437.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 17 May 2022 07:50:32 GMT\r\naccept-ranges: bytes\r\netag: \"094bfc8c269d81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 1624\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1624,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"1526c3d533f50cad3b7d34eea8df7a21","sha1":"732aacb47ec7c507f20cc7a372659863e90026f3","sha256":"b8fdc666e6ee3bd84fc59e936b71f0ceb760f11a9a58d451b4843e72c9bb77be","sha512":"69496b26100f289ee22f72c9c2f95c2a7604b914b69dd825a05b79f036f8211ed449c2edada95dffd2ae221dbe9f588a4996a9d12d1a499120ca630321ae46f1","ssdeep":"","tlshash":"d1310ae3e362f66ce115620614191160bb12169d7a324aab8190c430e500bef7196788","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:55.509752Z","times_seen":15,"resource_available":false,"data":null}},"time_used":811,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":811,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0517/20220517040139823.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0517/20220517040139823.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 17 May 2022 08:01:39 GMT\r\naccept-ranges: bytes\r\netag: \"80b34f56c469d81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2026\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2026,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"852180b3d8b8ef9073f63add6398eb2c","sha1":"8ee3ddddbbf43bd2476978eb8d187c23f1c4c01c","sha256":"2a0d0c491ca0d2835724d893aefa7500496b4e2f50f58108dc6deb16b29d123a","sha512":"3fbb06acd28bba88f99881351108df72432f31806b308eeb2c56b4f6d8d910d19eda947407efacff430eab00122873dab4a6c3925e7b3abaf19a8f6a7ae3a6df","ssdeep":"","tlshash":"fd412c86a549c6f741eda11d00f7828d637fb43555d040ae9f2f48816de1408bc5f53b","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.352749Z","times_seen":15,"resource_available":false,"data":null}},"time_used":810,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":810,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117025941441.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117025941441.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 06:59:41 GMT\r\naccept-ranges: bytes\r\netag: \"80eca3cc6fbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3465\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3465,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"64691aca33f8fa75ffc6b7fad39a63e7","sha1":"b6f3c9f249fa55c251a4c431958d55511edbd92c","sha256":"72540684fd0e4c1240bd5682a67a433b43a88ac2cd307922511ff48ba2ffbb3f","sha512":"0d6e717f51044b116b02577f0cd29e03f260c09ff5eb1765ad2c129f0045e905ea45ce252100b52ccc7342bbb656c24e2ef871cad3bc3371c45a98951a1a2ee0","ssdeep":"","tlshash":"02615c8ef9805c0240cd81c41dd21c5b96ebc1e0daacdbadbe9f9c05de34bb264158cb","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.447417Z","times_seen":15,"resource_available":false,"data":null}},"time_used":843,"timings":{"blocked":80,"dns":0,"connect":0,"send":0,"wait":763,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012034534220.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012034534220.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:45:34 GMT\r\naccept-ranges: bytes\r\netag: \"0a37c233dbfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3491\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3491,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"f7bc1a49ccda21da4a974c8d7773e7dd","sha1":"e116533dbf68fdbbdedf4ceb634c188f46fc46fc","sha256":"6b96f05948d442488db18fd6871d1106d948dff7a766f91955499675d474ebae","sha512":"c4ce1c66fb5e5b8f5e9358a02b7ab6badc74a2eba3674e8c285f1dfb67276c2c543fcaf7316a9f35e5669bcb81b6af62f23e06b3581a9a4c12317e62be10bbe8","ssdeep":"","tlshash":"53713a4ddac09c50e4c850e60cd2f03acf5b9fd8be4090dd6ca1d58a0d340b92a3a8db","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.086821Z","times_seen":15,"resource_available":false,"data":null}},"time_used":839,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":839,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2018/0820/20180820032829383.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2018/0820/20180820032829383.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 8439\r\nConnection: keep-alive\r\nLast-Modified: Mon, 20 Aug 2018 07:28:29 GMT\r\nAccept-Ranges: bytes\r\nETag: \"d4a727645738d41:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 173198\r\nX-Ser: BC146_dx-lt-yd-jiangsu-yancheng-8-cache-16, BC201_lt-obgp-fujian-xiamen-33-cache-2, BC130_IT-Lombardia-Milan-1-cache-1, i1940273_c22701, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8439,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"013b7550111b4a76aff53797a93e1c71","sha1":"75f9c927a15c4143fc60ae0cd40655e8a4aebc5c","sha256":"f55c34e36ffbb8f563bc13f5a44da02cfe6c2cac6e680728f31d89c1bce2ca16","sha512":"4823ab0be9cc8f80f6d1e041a688714be7bbbaa0adc6f137155cd536ba7195b0632caea905ed5f420d974421925ebc3595f559f58055f09adb48dc4a9eba8a1b","ssdeep":"192:oyOAo3C7Ky8iz267b0xLjp4INeDZTV3F4:Ttok18iiEb0xLjyk2ZtF4","tlshash":"0702a076acdf1424ac05158cab939a09084b9ef2366376943099df6c22373d949baf98","first_seen":"2025-01-03T05:17:31.530876Z","last_seen":"2026-03-04T05:46:55.182725Z","times_seen":4,"resource_available":false,"data":null}},"time_used":4937,"timings":{"blocked":4916,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2015/0807/20150807025224323.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2015/0807/20150807025224323.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 8115\r\nConnection: keep-alive\r\nLast-Modified: Fri, 07 Aug 2015 06:52:24 GMT\r\nAccept-Ranges: bytes\r\nETag: \"b8ef7b9dddd0d01:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28817\r\nX-Ser: i32023_c12732, i2475911_c28821, i1940255_c22409, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8115,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"eb25c994d68d0a89c60f5d1589b7a856","sha1":"192fcfb851473dfe95bf8d51f44b191c63fa08c3","sha256":"5b2c6f29c6ff02127cea9047c7e071782a8884fbb93213c6dac7228d2ceff171","sha512":"302fba623fbd7c6c55ccb441a60ad31b4b0c972853ef9ce64fea5d341858bb0cf67ee294fd1ae97ea2049c97b6afd63af1098b0abd84e83186a3760cb695b328","ssdeep":"96:42RlEGdvu6daekRgesAOP4IlaKlbFcvrr7lHmALUWE7mK4u2y6M+rohRcxVNaUXl:pl5vu6ugesDrzczNX0mnjy6MTGNbXl","tlshash":"87f1bf44ff016d02f02ca6199af5404a7f2ad914bef76ef5de47c40a07d213181e46d3","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.636214Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5477,"timings":{"blocked":5456,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2017/0203/20170203012032643.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.971Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2017/0203/20170203012032643.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 9821\r\nConnection: keep-alive\r\nLast-Modified: Fri, 03 Feb 2017 05:20:32 GMT\r\nAccept-Ranges: bytes\r\nETag: \"5c50fa3ddd7dd21:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 77154\r\nX-Ser: i92786_c22643, i2103123_c28197, i1940275_c22701, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9821,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"77a119b2ef46a94072379c94c255ce84","sha1":"a0cfb5995b6dcce7dfdc35f2104e62f46455ec13","sha256":"71c6f0bc3b97d5ffc17fa10583cb78cd0fa28150d3b5e115759cff59132b4842","sha512":"0b103daef7d6c70285ae104b24ff2bc7eed88fdf18f39730aa2cacdd5e770edec59b95c66eac58ee59348419e851cccb366833ff3fde924ff714de6dce980c42","ssdeep":"192:DbQNtgrLH0tr1xEeIC68vuDwF17PfoGxOcxhZubEN7QoWvjbInlcCx:DbDrLRb8GD6wfmhMy7QZbm7x","tlshash":"ad12bfd4987268319c53e143a8fac86c8bfd200601d33c65a7f3e6be509f2b57e49828","first_seen":"2025-10-06T14:54:36.403026Z","last_seen":"2025-10-06T14:54:36.403026Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4974,"timings":{"blocked":4952,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0519/202505191538110251311.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0519/202505191538110251311.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 13157\r\nConnection: keep-alive\r\nLast-Modified: Mon, 19 May 2025 07:38:11 GMT\r\nAccept-Ranges: bytes\r\nETag: \"1bceacf890c8db1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 119314\r\nX-Ser: i34710_c4672, i2103119_c28197, i1935859_c23471, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13157,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGB, non-interlaced","md5":"b762cfdd890a539e6a6c6006bed8cfc2","sha1":"584bea68e8991ecfc7204fa8a1386b92dd0b1baf","sha256":"ea2acddbb49ef188e1c22f164cafb256ca90c1fe300f9b62740e7e65b9ad7a89","sha512":"92779a8dc04830e0bee19d5c4a24af7cac9b9e0975cfd57324ce92f5a7257b8395c710d933288a22be664f1827c3f874ce604a32de2d8c454ae750cb24f9cd76","ssdeep":"192:oi9GghMrC2i1saXYWzffjklaKdGYbKvnFJt1fOuoNYyhnUiJ0TuOkNhaVTkcpjXp:og2LonjiGYuvnFJzOrhUA5gzLRHWin","tlshash":"b542c021c8aa356486c7fb105ff03ef565e4572da623f0254972bf510ec1cd1cabd88a","first_seen":"2025-10-06T14:54:36.404865Z","last_seen":"2025-10-06T14:54:36.404865Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5639,"timings":{"blocked":5617,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0213/20200213033114881.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0213/20200213033114881.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 8240\r\nConnection: keep-alive\r\nLast-Modified: Thu, 13 Feb 2020 07:31:14 GMT\r\nAccept-Ranges: bytes\r\nETag: \"c1ae4d923fe2d51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i32021_c12732, i2103119_c28197, i1935891_c23471, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8240,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"bcb96f5fc62eef4b68dab0c82ace623f","sha1":"49746d194a1832a975899daa02d069fad4141f59","sha256":"f05e7d1d014a651384da3588a85fd31b37edb70cc5379be921623db218f77705","sha512":"ff175646c6c471cf82495984e756fea8bd317b2a55b417e64286bdc0d5c3f02e7e03351abce394e3e7582e2ea7cd0ad9acd3b53e8137e2b22ae6f25fc0c59928","ssdeep":"192:tNSkRVISz/sMdbQQgfkPBLrDpzLHiAuSB657308+KBs27tg:tIkR+qef09BvPVw57HsZ","tlshash":"3e02ae731f01ed76812b3df5139363cae1d123e8579288dad99bb0b83a4a34b6c062c4","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-04-16T01:23:16.907675Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5016,"timings":{"blocked":4994,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/1214/20231214025555199.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/1214/20231214025555199.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 14125\r\nConnection: keep-alive\r\nLast-Modified: Thu, 14 Dec 2023 06:55:55 GMT\r\nAccept-Ranges: bytes\r\nETag: \"3dda74955a2eda1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i8959_c7628, i2103127_c25795, i58866_c11118, i1940259_c22701, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14125,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"af07c2c2ea3927c0b019e90207872fcd","sha1":"8dae22bb40e7fcf1502b8e10e03f432287d64028","sha256":"4b84b4c736d164664457d0a7d2546594b1d2fee853fdb41474e02d899129ed3c","sha512":"d1e8a8694765f44782211c49e949e2394d36d947a1ccff71b47c09475d621e4e99757493dd4c62daec2897c973d3df044a7e4dd81421fb9e4dc7e32c6ee7cce6","ssdeep":"384:egK/g4K3+r64ATdk5yeAyes2HNE7dJxpx4:egKY73++Dkyy4NGz7x4","tlshash":"6452d0accb64f7d90f4daebcbab129d2c4f41b8629b7b88b056404bb2c9320050d8912","first_seen":"2025-01-03T05:17:31.355707Z","last_seen":"2026-03-04T05:46:54.877723Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5094,"timings":{"blocked":5069,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117032754221.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117032754221.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 07:27:54 GMT\r\naccept-ranges: bytes\r\netag: \"039bfbd73bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 1916\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1916,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"415c18fa7cf839213a283c1c860eee35","sha1":"70be869a3af7ed7c08aedaa8507c66995e51b936","sha256":"d2574ec508eb034495b88ca75b09bdcdad16b620856de84233526683fd7d18b7","sha512":"fbf1a607f5a45e3db47c2f7187e2390f1adaa1eafc6dc93cfa2033d9e7831aab304eb5c55858a1af6f80e3ec249c5fc49a79053c75d1e8bfe183168bef473e73","ssdeep":"","tlshash":"5941f99dba81fc401d5fd4c21dbfa073e5124880d965e1ab2acbce245e232f56a0dded","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:54.973868Z","times_seen":15,"resource_available":false,"data":null}},"time_used":861,"timings":{"blocked":368,"dns":0,"connect":0,"send":0,"wait":493,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/css/lib.css","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/css/lib.css HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 11 Dec 2024 07:52:41 GMT\r\naccept-ranges: bytes\r\netag: \"80aa86a7a14bdb1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 4836\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18393,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"38461355c4bb4bafad6c3222e8e4430f","sha1":"19921c721f287fad3216f29575619a40033c03ae","sha256":"396b42930327678f1286a7e75520ef30ca4b2b092a8a1cee64f319acb00f4bc1","sha512":"ef4334a558bfede5fecdbaddc95c3ec6d9b585f13f7041cce1af2c98a6cf62ce6a51e5e882657b1ba5c8dfe8e3c007f8e661e8baac1aa0fbf7eb88f83ef909cb","ssdeep":"192:58YdR6cQRmnom6q8e8ZWXZtlUYA6pUkPQqRmLU+HowlLZPL/X43wUicVcrsUC:5HdHQRmnV18e8Z6bGY5wo8stiU","tlshash":"8b827478db17204bf237dadabb225b53ef09505396060278ffe43614ea890592572fcd","first_seen":"2025-01-03T05:17:31.235963Z","last_seen":"2026-04-16T01:23:16.747637Z","times_seen":12,"resource_available":false,"data":null}},"time_used":458,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":458,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/1030/20191030013518861.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/1030/20191030013518861.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 7645\r\nConnection: keep-alive\r\nLast-Modified: Wed, 30 Oct 2019 05:35:18 GMT\r\nAccept-Ranges: bytes\r\nETag: \"d0cdcbd0e38ed51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 38787\r\nX-Ser: i37222_c28455, i2435101_c27847, i1940273_c22701, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7645,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"1d3d1a54ec829d1335af54afdcf54d5e","sha1":"fa576218c61af3b1c343b54929bd3b1cebddbeea","sha256":"26b9f6d149a3cf888a517b571fd475552e99a44ac582e38a3305b2e8d5023f51","sha512":"e351aa2c0453b5f06f7431950dcdd8a6369f2aa796fd83367ffcabb2a16b6cc61fcbda5a04c3152e98e3fee6e40a8c01258bc61dbe270803ead9172612604a93","ssdeep":"192:lBntK0IBUooJuMywWZz5HFBxihi0YWOiYD:lBntKl0JuM1MzBAhgTZD","tlshash":"4af1af9cc6c2ede967683573b523fe6521b44bc43e08c2869223f1ccc9468bf59b2493","first_seen":"2025-10-06T14:54:36.417396Z","last_seen":"2025-10-06T14:54:36.417396Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5171,"timings":{"blocked":5150,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2018/0616/20180616093449526.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2018/0616/20180616093449526.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 7343\r\nConnection: keep-alive\r\nLast-Modified: Sat, 16 Jun 2018 01:34:49 GMT\r\nAccept-Ranges: bytes\r\nETag: \"15fc3d37125d41:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28817\r\nX-Ser: i34704_c4672, i2103119_c28197, i1935955_c23471, i1935945_c22759\r\nX-Cache: HIT from i1935945_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7343,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"26f40b4f6e222dc8a589e2999a81cb12","sha1":"89d65bbe5289324e64488332ccfe08dbccb5997e","sha256":"eb2a5c596fd355fd2580467d730de6835487332280956a051aebde437db846e4","sha512":"04bd4f9ed5cdad6f9209df520f028c364a23cead9ad57a8cc2431de167cce43794e374e3376ffe2a9e4aebb66795d630e03bd043f0299ef8e61ac695010750ad","ssdeep":"192:MvAchcpExcUQX7aw89RpTHHw2ZrPZynGZLf5KPef:Mv9SEu7apJZ9iQff","tlshash":"f2e1aee728927887b5dfb2c3927d10bf9e89b05852041778f48d52ada23341dd8c13ba","first_seen":"2025-10-06T14:54:36.419499Z","last_seen":"2026-04-16T01:23:16.715792Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5752,"timings":{"blocked":5731,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/softicons/jdwbsrf.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/softicons/jdwbsrf.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 30 Jun 2015 06:52:17 GMT\r\naccept-ranges: bytes\r\netag: \"80267b4d1b3d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2518\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2518,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGB, non-interlaced","md5":"5c337eccfb544571787711ae0e5312a5","sha1":"a8ef7d6f45a6999c6fcd3de6b9249317bea33e04","sha256":"1bd9fe03522576ded715b36c109394c835990e7bca222bad4feee842c0186859","sha512":"b71189a439c9fda577fb155e62576b8720691f28d57cac7f964e7e2d25c39ea2fe446e76b6a57bb63c81d11bb99cc4ca9fb4c0b025953bab6d379032c3353356","ssdeep":"","tlshash":"19510af6d33d8e74938273d9511bc2acb5e9180e238ed1479c5978ecae54e046d7c868","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:54.854636Z","times_seen":15,"resource_available":false,"data":null}},"time_used":698,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":698,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117042541567.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.958Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117042541567.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 08:25:41 GMT\r\naccept-ranges: bytes\r\netag: \"80703dd07bbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 2360\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2360,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"25578b10f4c39053deb3cd2f9fae45f6","sha1":"017e26e6616f454b2e2fb760b68508d39aac9358","sha256":"74407612b01fb22cf455dd93b476f3e8bcb2d22c75c07621875e4b88942b5c9c","sha512":"b3ed324753ff49072f3fa210cb8a2211156b69587969f80b83c3d8f05031e2cb8e61a3d072d888da51352aef6d08170d44074ed0a1877dff09c0a9838f11b615","ssdeep":"","tlshash":"a941f80dba009c4ac50ba3497cfb01a7d9370494aa68b1dc615fc646ae341f3da07297","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.287521Z","times_seen":15,"resource_available":false,"data":null}},"time_used":871,"timings":{"blocked":517,"dns":0,"connect":0,"send":0,"wait":354,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2016/0721/20160721032847383.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2016/0721/20160721032847383.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 37543\r\nConnection: keep-alive\r\nLast-Modified: Thu, 21 Jul 2016 07:28:47 GMT\r\nAccept-Ranges: bytes\r\nETag: \"24ff48521e3d11:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i33677_c26321, i2475919_c28821, i1940277_c22409, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37543,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"9bf7d4e305671f6cc2737c130b53656a","sha1":"a1367b3264715343e551ab120293ab5e55d955b7","sha256":"d9e197c3a9042b45c9abe03b61f107d8e1ac0e853e47030af0f2ec337ddd1143","sha512":"0c1f6478d55fbcecb22b9caa51377ef707c1250e579f5bad6bcfa0963956e964718d1d7041dfda8d7283ffe9661c0839ad84c97b8263372d7ad0c83c37098630","ssdeep":"768:zwqey8GnRUaQGpdZMdHSxC7AkwHbCU4L9IQcC:UJcmGPZM4SwHev+pC","tlshash":"dcf2f1845c7ed900a7d5e60dd5182174673224bcff0bd9690100a7b7af9fa2b9f2dd14","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-03-04T05:46:54.86432Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5738,"timings":{"blocked":5710,"dns":0,"connect":0,"send":0,"wait":23,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/0329/20190329041322571.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/0329/20190329041322571.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 5498\r\nConnection: keep-alive\r\nLast-Modified: Fri, 29 Mar 2019 08:13:22 GMT\r\nAccept-Ranges: bytes\r\nETag: \"f24fdf467e6d41:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i91224_c28777, i2475923_c28821, i1940255_c22409, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5498,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"96cbac8e1e764b18f9d634ebe7cb0b17","sha1":"6ad784a8210b2d0c656f9029bb7fd6697e7ce2df","sha256":"a2e4c0adf7d5183ed5be6212737e11a65e4585a93a7799d2ade459fd2f122385","sha512":"79d30d518f34e810657755e8b1c3842634b995818d8a3736166873322c6e0a4b1bebced9118f719556219734aa333d033b8213af326f5dd607977f075f45a25f","ssdeep":"96:g7goDKRNy9L0cW81SUnWYRDs84dH1yRMk7J9gxA1hujvSdAB0Gr6FMRZr:g7g5IwcW81S7iDKdH1yMvadc/mFMRh","tlshash":"dfb1bea9a74f4c2687a40ba32497546c49ff5c8e2e0f5051dca89d0d1cdce0fab32d32","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:16.752411Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5779,"timings":{"blocked":5753,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2016/0315/20160315085446317.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2016/0315/20160315085446317.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 4521\r\nConnection: keep-alive\r\nLast-Modified: Tue, 15 Mar 2016 00:54:46 GMT\r\nAccept-Ranges: bytes\r\nETag: \"809dec44557ed11:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28821\r\nX-Ser: i91224_c28777, i2475923_c28821, i1940255_c22409, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4521,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"678e67d9fd4b3dedfbe25092ab8b3a98","sha1":"d91b68dcb24b648be777e01b7c32d694088b6b86","sha256":"2966c41476e6652b794285a967a2bd5d56f749b7ac239fb0523922b466e856c1","sha512":"06ea66cb7c7abbdd5aa6bc52536fd04919f48f419c868b1aaa1793b72790eed2c6ed3c6b48f731b20aafa7b19d69015ddc0ee8e0ce5c0d3511596d187fc8a746","ssdeep":"96:WHmS03Xs0/vI85tVFiSkbrPvQgof4v42IXRUSFSvZ:EEs0o87Pwr3QDs42QRUSFw","tlshash":"b8918e899a72a9acdfecc8fd9d0954244c58fc76ac1b241b61388788252a3be0127d73","first_seen":"2024-05-20T23:08:37Z","last_seen":"2025-10-06T14:54:36.430155Z","times_seen":14,"resource_available":false,"data":null}},"time_used":5089,"timings":{"blocked":5068,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/1011/20241011011217617.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/1011/20241011011217617.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 29445\r\nConnection: keep-alive\r\nLast-Modified: Fri, 11 Oct 2024 05:12:17 GMT\r\nAccept-Ranges: bytes\r\nETag: \"b7aa7d249c1bdb1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28818\r\nX-Ser: i92782_c22643, i2103119_c28197, i1940233_c22701, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29445,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"2c457ed4148721b53bd04461e178b232","sha1":"2347a69dfebedacd3f8565efa15a04a7d76347db","sha256":"24adafbda435c1ef0b6fea81bc227501aef5c2bf0b0f52f6e9fa9ef5db84b6c0","sha512":"6fbdb12de547819b6c88669d3bcb5e522ace7617b09d1e55eb296749a0f98ac780013ace59f2b943f0ff41025c9b31c61838a6e2c77e4ed113c0ff69a39e0e52","ssdeep":"768:jlB9QPT0BkzMFE+PeWtYhKb62UcSmFArkjvyDJ:jj9QL0BkRpmYhk62UceSyF","tlshash":"25d2f1b5f1ab008b99437f899beb91b67109578ab1c1720f699482f274de3178c311da","first_seen":"2025-10-06T14:54:36.433051Z","last_seen":"2025-10-06T14:54:36.433051Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5572,"timings":{"blocked":5550,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117030720674.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117030720674.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 07:07:20 GMT\r\naccept-ranges: bytes\r\netag: \"0c439de70bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2581\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2581,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced","md5":"3e898f07c61639d2456f4fabcdec89a4","sha1":"d6eedd1fdd8eede13d6a53d1d70752a0dfb56e8e","sha256":"11c7866b4ca35aecfde3b31b9738713cc526023910616146e1a0f5949b1464f2","sha512":"3cdfe1f33cace00787e93aada8afcc7ae4e12e4f583e038cb7e44ab9316748e1f32c406fa0c77ade887788aaf7176301619b7ff4e6a28fb131a9fa3dfab5267c","ssdeep":"","tlshash":"23511abdef407c11116fa5d32ca31183cca1194145f4bb1aadafc31622b3cbc18086e7","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.47417Z","times_seen":15,"resource_available":false,"data":null}},"time_used":838,"timings":{"blocked":250,"dns":0,"connect":0,"send":0,"wait":588,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0921/20220921110705427.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0921/20220921110705427.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 6965\r\nConnection: keep-alive\r\nLast-Modified: Wed, 21 Sep 2022 03:07:05 GMT\r\nAccept-Ranges: bytes\r\nETag: \"1db47d3a67cdd81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 699898\r\nX-Ser: i91226_c28777, i2475941_c28821, i1935859_c23471, i1940231_c22759\r\nX-Cache: HIT from i1940231_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6965,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"ac40dc64cda64fda8ea2617f50494eec","sha1":"ced6b257ea0a2f2128ea6c4dde3aa56d38f2064f","sha256":"658d2b0b99a854fccd6c680e3c5db989c8021ddd6331177e51aacdc72304b1ee","sha512":"d34565800279870b5b27d32e2195c40f5e9e745285637956b7b19b2b1af3f1528a3f1c5b5b19fc67caa115c2e9a8cb2dbd4c6d5c9af243af2ba932191e203263","ssdeep":"96:U9/iaQnuo/2riFEz0ToWftlxChcVgzFZvkxuRL0fe+P5J3cw1TYWI4VV5qLbom55:F3uo+cftBVgBeIRwf93n1TOYyom5/Zc2","tlshash":"65e1ae8995c45eeb85dad163f48815a025f6cb5376efee48cbd02421d8fbe0894883da","first_seen":"2024-05-20T23:08:37Z","last_seen":"2025-10-06T14:54:36.436464Z","times_seen":14,"resource_available":false,"data":null}},"time_used":5508,"timings":{"blocked":5487,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/0402/20210402030306862.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/0402/20210402030306862.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 19333\r\nConnection: keep-alive\r\nLast-Modified: Fri, 02 Apr 2021 07:03:06 GMT\r\nAccept-Ranges: bytes\r\nETag: \"86eb5a3b8e27d71:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i90866_c28777, i2475927_c28821, i1935859_c23471, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19333,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"5455db091e56c0ae97bd144f81ab405e","sha1":"804515523700a4b45b18b2b78d88361d63af8961","sha256":"9c84e38484729dc5b4a486c4281fbb18f42526cba831ca116aa4825de7f28424","sha512":"eaf20efd7e85df7e6a27e332d109e1ea31b4b029b4535b82961370747b704f2a3e39e8b33366e84c624d0c47873e4ef4cdb7ac41f6562a38373ba5f55f9f4c95","ssdeep":"384:Un/LTXIAjW/D3ESD9GGTCRQqZx6zQ9Qp7xx6J4auRp1YfHmVAbQ:UnwPESDreRQqK7dxta8p1Y/mVYQ","tlshash":"8092d0cdf1b401826bbb1029808f075deb2af5b4de9d9320b27e6dc675ce9fa1165602","first_seen":"2025-10-06T14:54:36.439387Z","last_seen":"2025-10-06T14:54:36.439387Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5602,"timings":{"blocked":5578,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/0102/20240102040619151.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.001Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/0102/20240102040619151.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 42214\r\nConnection: keep-alive\r\nLast-Modified: Tue, 02 Jan 2024 08:06:19 GMT\r\nAccept-Ranges: bytes\r\nETag: \"82e8391523dda1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i91718_c21609, i2475963_c28821, i1935953_c23471, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42214,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"ff2f7c600c79a1aee3307453d68c32e1","sha1":"3fca07ea1e7e8582b99760d54a67fbe4d8fa4b81","sha256":"3d73839003c8bf09a048e0873db42b20c29fdd32f49d4a42218f2bf4674c6e33","sha512":"247780575643291917416317a48adf305d8243d73c78d10b15554f9f2b5ddb4dd0b09eb346cfc71bc0f9ff6cda549ec4c61e4b0931730bfb67cab9f38570e5ba","ssdeep":"768:8MKEnPWZJgsFab08BR8ML4JjAezvljqBe83qOEBxLNZoGjwZN5bHi6a73ka38EOo:8InPsJg1b9R6Js+ljvTO0LDjwZTYIEjL","tlshash":"3b1302dde3d510057faf4785a5a7e62a166358ae009c0618618adeaf3291d00ecdef39","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:55.617529Z","times_seen":14,"resource_available":false,"data":null}},"time_used":5629,"timings":{"blocked":5600,"dns":0,"connect":0,"send":0,"wait":23,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0919/20250919030536409.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0919/20250919030536409.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 43428\r\nConnection: keep-alive\r\nLast-Modified: Fri, 19 Sep 2025 07:05:36 GMT\r\nAccept-Ranges: bytes\r\nETag: \"18cbecc3329dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i91190_c23533, i2103125_c28197, i1940245_c22409, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43428,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"fea07c9a71f377044562b9f2df80c99d","sha1":"8abeb2b818acfba95838d8847f0a02657abfc9e8","sha256":"acd6a79114df9ee44bab5ed0f75141be6584cec6184b54e65f080e086f0ea337","sha512":"4136a0073508c08644fc48c5679a2c1857c82a00251fd04dc8687b5e4d58bb808ebd1c39b4baf9250c15bfbb992d064c79f6fdefdac3d1eca63b367c58965457","ssdeep":"768:NTbYccPz+XqQPhaz/eGjC+kkd3JC+fjnB/L/KlR9+bBVyqzwc2AluUJu8yCV5Trs:R8ccPiZPULeno5tfjnB/L1BVyU12euUk","tlshash":"5c1301101c127ab86ff08dd438291ae563559667251a634bb0377ef8ed5b3f888e13b4","first_seen":"2025-10-06T14:54:36.446783Z","last_seen":"2025-10-06T14:54:36.446783Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5639,"timings":{"blocked":5611,"dns":0,"connect":0,"send":0,"wait":24,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2015-7/2015728104239.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2015-7/2015728104239.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 19701\r\nConnection: keep-alive\r\nLast-Modified: Tue, 28 Jul 2015 02:42:39 GMT\r\nAccept-Ranges: bytes\r\nETag: \"194b111dfc8d01:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28821\r\nX-Ser: i24687_c6956, i2475941_c28821, i1940235_c22409, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19701,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"a5f3f5e831a67b7ee7c1bc746a92a9d2","sha1":"970b8885421c6861852b20b5ba52c6e2c6e2d7ce","sha256":"601fe12eda9d1d0f76df65e178cc41c581b7d430bb52f21fbcbdc59fcb326cfb","sha512":"2482f81c785824e993254f9eeb2c486798b94878cf0c9161c1bffddd24674e4b4674d5c4981c1960508389e1a7037b41a76fcc93367e7b612be6221ea442fdad","ssdeep":"384:LM/muXoQjzb/Nc/YEelgTIHaOYccvx4LB46lgUkoHfeAH:L2Bzb/NQelgUHaSaSLBXgYe2","tlshash":"1c92dfd6dc28bd3254c0bd12344a87d6dc3fe046640ca55a3ddec8919f0bab7a81accd","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.365913Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5099,"timings":{"blocked":5069,"dns":0,"connect":0,"send":0,"wait":28,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0131/20200131100945385.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0131/20200131100945385.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 8827\r\nConnection: keep-alive\r\nLast-Modified: Fri, 31 Jan 2020 02:09:45 GMT\r\nAccept-Ranges: bytes\r\nETag: \"37cbdb81dbd7d51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28817\r\nX-Ser: i33677_c26321, i2475937_c28821, i1940245_c22409, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8827,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"36a5e496762e3177bdbd725ebca73cf5","sha1":"af701b8a5b8f7ca33b39bd9d783cccb79357fbb5","sha256":"9666b43e75fe90ab94dc45c5327a9dfed43a6f112d5e1251386dfe3ce68ca652","sha512":"ebad3cf741f8da3bc9e05dd949cc51ad1a7038977c31621a40bab7491ee0c1d2d7e00c0fc17a03983bae9c5e5f36d0b328acaded45d6ca173bf29fc9e31d4ff3","ssdeep":"192:3DyNdIhIQk0VStpjBnGjSAEe1Kg0ebSRZlGiPj79zQ8fR:WXIhZStpjBGPMg0pb79k0R","tlshash":"00028e1c084a61adbd5de06bfdab0af27823e9dce0064d4504ae9ec71e17f6cc71b525","first_seen":"2025-10-06T14:54:36.452409Z","last_seen":"2025-10-06T14:54:36.452409Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5211,"timings":{"blocked":5190,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0803/20220803022938399.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0803/20220803022938399.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 4379\r\nConnection: keep-alive\r\nLast-Modified: Wed, 03 Aug 2022 06:29:38 GMT\r\nAccept-Ranges: bytes\r\nETag: \"ec69e7672a7d81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nX-Ser: i24687_c6956, i2475963_c28821, i1940255_c22409, i1940231_c22759\r\nX-Cache: HIT from i1940255_c22409(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4379,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"7fb21b0005d42d656f20185d4e81d739","sha1":"6e7784d25f403525c26dbfc5a284fbfe9ae23ca6","sha256":"dbe439476e45136a8fec3bf68c8a7785988fa76dcd0e47132413c6737b89afad","sha512":"b60ef614a901d5ace30fa9a781342677539932636f5dd4e4f31005c29ed879d951da472c4db7a1b942c4071c0351ebd668f4afff1a32fd0ffe724ebc219e476f","ssdeep":"96:vgWztBCdk3HWLk3QhZbl2wUbBvpCufxHRXsuWotLWVTal:ZztBf3WNhX2XBUufxCLowt4","tlshash":"64918d05732d097a80ab09686c7704647f8856f37a68802cac6f905ac94269dded3bb3","first_seen":"2025-10-06T14:54:36.454877Z","last_seen":"2025-10-06T14:54:36.454877Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5659,"timings":{"blocked":5626,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012035944622.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012035944622.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:59:44 GMT\r\naccept-ranges: bytes\r\netag: \"058201e3fbfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 1972\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1972,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"c3df24a5750f55a53c698ead7be93a84","sha1":"0aa46bfe2b04e110e5b989e4e36ba4b9dbe9115c","sha256":"33003555b4b054b7d13bd91e61669b251f520a54205592e7100366224a39b663","sha512":"1178eb992f3568e61a52d1a0c4bd7b5acf18b93f4b1fc5f2ab8953aac3f2f812172771f4e8d8ebf72be05e2c9f7c969d6638b9cd1816f2748f252bc2add86da5","ssdeep":"","tlshash":"d741ea17b2d0d941ca5af5a168f5e093de324b80cec0d55b6a8ec9140c31377794c0fa","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.233214Z","times_seen":15,"resource_available":false,"data":null}},"time_used":827,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":827,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012035725150.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012035725150.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:57:25 GMT\r\naccept-ranges: bytes\r\netag: \"80a046cb3ebfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2210\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2210,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"7b832b8644f9131d4ed495d24f0051df","sha1":"da0cd42021600428868797956b0ce4b74fe3f4bc","sha256":"d2128a5f291edb38194d4b621aff561dfe9107285241f0e88a3ad8e7027589dd","sha512":"ad4a5c23975bc68feb7047fdef4d95cd4def8d12dd5f32b5e1ffe48f398b8647ce06cc8f45d9486fe2f961ae6ee162d306bf6d0ef4df7e6349612f0a38bb5ca5","ssdeep":"","tlshash":"4441e92de9e4a8428c05980128f9906ba8515080d3d8e656f1dedd127475bfcdaccec2","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.499287Z","times_seen":15,"resource_available":false,"data":null}},"time_used":830,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":830,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117014645981.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117014645981.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 05:46:45 GMT\r\naccept-ranges: bytes\r\netag: \"8050579c65bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 1966\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1966,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"c11865b0b6136f85d4d43d0bb8b440bd","sha1":"356a61300f581c7731d6f81f18d04231b49ac6b5","sha256":"c364d0f832427088e7fcefa37ac4bae344516cf0f3fe7dcb8f6167626323fc70","sha512":"bad02809e5677958132d405c11251b51ef0327f2773c6fa721bca20804d3e0e2577907b0061362130170b381e19e2ed1d66d2988735f3e8f984b64f4578d10f4","ssdeep":"","tlshash":"2041a62efed17845d86ca68518d71823c8020dc1cea4f25ab6decc25d6b21b18f4f4eb","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.203919Z","times_seen":15,"resource_available":false,"data":null}},"time_used":814,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":814,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117030748424.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117030748424.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 07:07:48 GMT\r\naccept-ranges: bytes\r\netag: \"03aeaee70bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2737\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2737,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"04d9d49f0122ce16315cad1f040c1788","sha1":"c0811dee0e40cd59ab3145eaa795771e676a3690","sha256":"a7dfe209f0e9887ca52944431d6ee53d814d67b88a38d9c79d63581d4121c48f","sha512":"b32bd9f4635908f3401aadd06f9547469fcb71759648028baaff89d63215b91c6b075158429ce9efd3328b53496b5f5354b0c70f66d098a4e4d1985a1cf5697b","ssdeep":"","tlshash":"ea51e8cd681c28c2934afd052efdd01e485109c0d7e0ba6db8cecc556f691f65a49b66","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:54.873376Z","times_seen":15,"resource_available":false,"data":null}},"time_used":836,"timings":{"blocked":263,"dns":0,"connect":0,"send":0,"wait":573,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2017/1105/20171105021235760.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2017/1105/20171105021235760.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 16795\r\nConnection: keep-alive\r\nLast-Modified: Sun, 05 Nov 2017 06:12:35 GMT\r\nAccept-Ranges: bytes\r\nETag: \"d63f1813fd55d31:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 31710\r\nX-Ser: i34710_c4672, i2103143_c28197, i1935953_c23471, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16795,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"7f47a44db54a893671ce916524201abf","sha1":"4690352c78909ded45f07259db512b54ddc3ff6b","sha256":"5c10a8f55d5a0443a8dfabbaf5efde7597bdf996a22501871d239515c34cf651","sha512":"1a1feb6cfc555e4b69f481d3e2e4215e4f0fc7a1a5a3a41f339006584c3551b8476c3ce062a0910676db0f3bd9c56d496f855431340fba31865cdf1646b8d2ce","ssdeep":"384:BPCdMtJJdXHapn7YZThpsYdC6so/eDc/VYmyiIHcz5lH9ZgWTHTQ:BqIJzmn7YpBd0oQl0dTHM","tlshash":"9472d1067ba84d7d3751baf29ac880817711ecd70f850627d600bb946b4e2e9adcd69c","first_seen":"2025-10-06T14:54:36.466448Z","last_seen":"2025-10-06T14:54:36.466448Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5018,"timings":{"blocked":4988,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0704/20230704042115465.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0704/20230704042115465.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 22243\r\nConnection: keep-alive\r\nLast-Modified: Tue, 04 Jul 2023 08:21:15 GMT\r\nAccept-Ranges: bytes\r\nETag: \"ed518050aed91:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i63598_c22643, i2103119_c28197, i1935953_c23471, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22243,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8951b547de0da60b4e48f8d9cac7169e","sha1":"459575ba701b56f39d4b5201efbf2d033c6fba06","sha256":"2a13e7beacc929ca52bc662e4b195a987db0f2248ca4c5e6a3cc55e9f2c45b2d","sha512":"3747834f594a00734f3da8a3b2af7d5cb43f8cc7e0d9739e28ab7bc96238d04da4016452a30ae58ee9bb17554f2e0a770a2050cbe4719286a6bbc406103fd081","ssdeep":"384:IIgM7z4SH+URPDs5YTfWE71JMZllH6mraZUXOwvS1ccn9OBQ/eEGdK5vSfrR:IIgMHlH+UWaL3QlEsaZ6RvS1cc9OyeTl","tlshash":"aca2f14cf5567605dffe0d13c6d23d957b21b218c6680bdc4f8330b22a956c992d9e8b","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:55.303876Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5062,"timings":{"blocked":5036,"dns":0,"connect":0,"send":0,"wait":24,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2017/0803/20170803080934763.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2017/0803/20170803080934763.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 12013\r\nConnection: keep-alive\r\nLast-Modified: Thu, 03 Aug 2017 00:09:34 GMT\r\nAccept-Ranges: bytes\r\nETag: \"719e5dc9ecbd31:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: BC63_dx-lt-yd-shandong-jinan-24-cache-3, BC194_lt-obgp-fujian-xiamen-33-cache-1, BC132_IT-Lombardia-Milan-1-cache-1, i1940275_c22701, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12013,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"53d2b7864b17fdd1a51b7006735f8c9e","sha1":"701fabb5654143c5e57933e3cd3385f5064caef7","sha256":"838307a64e4234e3ce5c933ec28456a88f77cc4e1419aee68ec1abfff12bc5ad","sha512":"7e12b407e34339262904d2604b832587debdcdfe446c7d743d34ef1b8bbacf0db35ac07ba49899a580c4ae7803d96c3da8bb8200c863e2b093553a6045e5fc76","ssdeep":"192:JHl5FdU83WCxVSNOzN8j8RE/oLh3WYGDjcH9KDip01cRos34TmhcPPS:Rnp3dVSGii+ot3ADIHkD711s346wPS","tlshash":"2d42bf7d594404ef42f087de831f61d85b7a402ae79e83af84cca142e9963cf817766b","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-04-16T01:23:16.976591Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5077,"timings":{"blocked":5054,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/0408/20190408040337164.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/0408/20190408040337164.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 6901\r\nConnection: keep-alive\r\nLast-Modified: Mon, 08 Apr 2019 08:03:37 GMT\r\nAccept-Ranges: bytes\r\nETag: \"9af12392e1edd41:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i32021_c12732, i2103141_c28197, i1940277_c22409, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6901,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"1520b3f700a3e9d6f7fc292681bd7ff5","sha1":"30e3f2651b07433f448529e0632f90d6ad03ee81","sha256":"435c78ad5e1312e98847ab25ffebc83737140ca8e6b1cda730f757c1c213ec2e","sha512":"bca81235a2a901842a5d5b85b86b05fe8af63e20a620d45f397f08494b3ac17d1bbcc500d59fec626122d2af673e431b2e6c9ccfdad9988b624cb23e15fabf8e","ssdeep":"192:xorkFRNK0WNEnuIKt382As+jGVebyAJgNwd+q:2ONKrNd4VbyAJgW+q","tlshash":"3be1bfb3cc1674278fd2e31f7de34404afb084b9f1aa8590b54d69c240960eaa453cb3","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-03-04T05:46:55.205027Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5812,"timings":{"blocked":5791,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117042619341.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117042619341.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 08:26:19 GMT\r\naccept-ranges: bytes\r\netag: \"80c7e3e67bbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 2916\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2916,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"5e16f2c544062b5a40d404be88c15981","sha1":"25cc6ffa5552c58ffa311b52277546fbea0159d6","sha256":"b4fdbceb7c9ada9ee04f85a492c0f0453c9e2a56c51ed9e41b8b9c8c37685c8d","sha512":"16e02ada756e9cf90d28c959c594330794e103179b13ceeb2947f52435d26cd1f6b2556b7209869c9b9ec95e2aa38a22d01dc39b26c7eb673c9740f71f5f88a9","ssdeep":"","tlshash":"c2513aacd6e28c1662be74466ae700623d0391859595eac4bcd7df27dc310ff0a631ca","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:55.59098Z","times_seen":15,"resource_available":false,"data":null}},"time_used":870,"timings":{"blocked":537,"dns":0,"connect":0,"send":0,"wait":333,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0610/20220610024249377.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0610/20220610024249377.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 6425\r\nConnection: keep-alive\r\nLast-Modified: Fri, 10 Jun 2022 06:42:49 GMT\r\nAccept-Ranges: bytes\r\nETag: \"c45ca4d957cd81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 31799\r\nX-Ser: BC19_dx-lt-yd-jiangsu-yancheng-8-cache-2, BC201_lt-obgp-fujian-xiamen-33-cache-2, BC130_IT-Lombardia-Milan-1-cache-1, i1940251_c22701, i1940231_c22759\r\nX-Cache: HIT from i1940231_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6425,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"c216cebf58c2dffccea5e260e62b74d5","sha1":"35b1387d869c5838122612953617b47480d37e19","sha256":"ee1f05d78aa9b4be4442430d2e6c52ee8216b52edd955e8c4c40260b43f60e4f","sha512":"abe6738546644f4b6538a66930198b42a96ed2cc3dc496c5242faac90c512a030c5d8d91f5f891b295197b87b436ebbe8f301204e612066b8bbfe6821660bc64","ssdeep":"96:jK1guZ//EMu7Xbi+tW+WQVHwF+tAD5Wcuwy3Q5kWEpXK1MkDxap0bcTigBikrWi9:buZn4hglWvAgp61rDxa0GBwi4c3","tlshash":"3dd19ef29e324c3e85cf5e71a05a3b57a99b53606f880a985810af57350ea139475b60","first_seen":"2024-05-20T23:08:38Z","last_seen":"2025-10-06T14:54:36.47607Z","times_seen":14,"resource_available":false,"data":null}},"time_used":5029,"timings":{"blocked":5008,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/0804/20210804115646928.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/0804/20210804115646928.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 37478\r\nConnection: keep-alive\r\nLast-Modified: Wed, 04 Aug 2021 03:56:46 GMT\r\nAccept-Ranges: bytes\r\nETag: \"9f0a5bee488d71:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i31227_c6956, i2103129_c28197, i1940269_c22409, i1935945_c22759\r\nX-Cache: HIT from i1935945_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37478,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"dcc4df6433d23add7c6f18cdb7f6cd7d","sha1":"54311a4c913274432bd49cea048093bce07b8bba","sha256":"4faecc28b8ccb51aa6aad40fa93553f72e9f1e50308644046897ea5079cba2ea","sha512":"63aa35542e746fa46ba014df56a74bdf33a43d3584384df91b88085ca92f0366a2ab8e960846a9f503ff0c71a1b0ae15f09b64c60bffd86d8390f50e6c204e0b","ssdeep":"768:0n++z7yPtYmyXyE/j+EL3cQ8hlEP9fMmkyZe/C:2++aQx+ELAzqMmBZwC","tlshash":"19f2f260fe21a0737070cc510ba7f0657af2bbed89ee7676d8425036fd1e25da4b4818","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:16.874122Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5694,"timings":{"blocked":5668,"dns":0,"connect":0,"send":0,"wait":22,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/l1.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/l1.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/lib.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 20 May 2015 05:00:02 GMT\r\naccept-ranges: bytes\r\netag: \"0f52bd4b992d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 700\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":700,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 8x21, components 3","md5":"7ff70c7da8f7fd4f5671be4fded755e9","sha1":"3fadf2b6fb20931fb544b260e90d569af0317efb","sha256":"ec07a740d7f10292164322bd6992bb74043c1198d877c9abb96f775b25e3af55","sha512":"9daef69968ee73dd5d98f65767ec8f3a9e5cb29542113edec8bab7a05f528e67670876d4dbc2a8b30947a8bc84477538869f837eca767d5b7c92cd76c1679415","ssdeep":"","tlshash":"0e01e1450d084ef9cc291b30db641a10e6df5a7e8129924ca7b60201dc2b5d32862381","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-21T21:38:54.255497Z","times_seen":21,"resource_available":false,"data":null}},"time_used":345,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":345,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117032812949.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117032812949.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 07:28:12 GMT\r\naccept-ranges: bytes\r\netag: \"0ce79c873bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 2224\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2224,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"1a5fb640fcf5d039b760bae6be662744","sha1":"1b7612b18f81f4cfe931e126ebc98b85fe341293","sha256":"9909864abe043b9d1f82b2d1b978881746e92f559bdb55cd89450a1ea79cff63","sha512":"a9055b044ed2bb2126699d89197cf5a55e45732ee657e8423c0718027420e9463afdf2fe46c3e6d67c1d9857eb12481e29463d9ea43150946fd873fa99238115","ssdeep":"","tlshash":"79410983e9826488784eea8b28f341779a1384d0c690e4e2f8cfca0d2f311715e4c6d6","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.387493Z","times_seen":15,"resource_available":false,"data":null}},"time_used":860,"timings":{"blocked":367,"dns":0,"connect":0,"send":0,"wait":493,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0903/20250903040757201.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0903/20250903040757201.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 17755\r\nConnection: keep-alive\r\nLast-Modified: Wed, 03 Sep 2025 08:07:57 GMT\r\nAccept-Ranges: bytes\r\nETag: \"3b3ee1dba91cdc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 31802\r\nX-Ser: i64214_c23533, i2103129_c28197, i1940275_c22701, i1940231_c22759\r\nX-Cache: HIT from i1940231_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17755,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"e0686ec3b2f4d7da699fa82802691f87","sha1":"9822d2f0595490efb1445c9858b851dc447a1efa","sha256":"4d526d00097db7f3a417765775d09883839f66de9d069d0747d3236611c357bc","sha512":"7ae3618f14f0fe10c0b9bf0954a9fe897de40a519ced943180c44991529dedfccb07901ae55cc021932c2854fe8f336ed98152fc77b1d4d5a4aba0f04d845885","ssdeep":"384:UKT1F9VlSObsMMMA1UJVP76RzgwVfQ4PLx/xE6fwRJIP+DDHxjT2a4xU2:UKT1xIqZA11zgwVo4t/uA23DDca4Z","tlshash":"c682d1b35a093b546be63d5900890c790f5896f9ca634438ff60f9167300da958ffadc","first_seen":"2025-10-06T14:54:36.482395Z","last_seen":"2025-10-06T14:54:36.482395Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5719,"timings":{"blocked":5696,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012031207484.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012031207484.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:12:07 GMT\r\naccept-ranges: bytes\r\netag: \"80bd387738bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 4032\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4032,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"97350843ea542707de050a1ed3aecfb8","sha1":"7968a848f1e55bf092d85dbe6c30425d6a1933a9","sha256":"12eb85cf157bc4e8b4c1bacec84ee7ba2bc1505ff71e7ca0b242144710f1afbe","sha512":"a98e5e38b42815600c6a9423ac668737100fc720cb749ccd5edfe993353b6fbe579820d66c8768c221f20bf238d8b4e60d34b2cbd650c009049a6cb7f7b257d3","ssdeep":"","tlshash":"f4813d897a41e94142083fd07dfe3435c5225d83e6d4e034becece6a19940f45859be4","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:54.841559Z","times_seen":15,"resource_available":false,"data":null}},"time_used":757,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":757,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0822/20220822110329504.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0822/20220822110329504.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 14644\r\nConnection: keep-alive\r\nLast-Modified: Mon, 22 Aug 2022 03:03:29 GMT\r\nAccept-Ranges: bytes\r\nETag: \"9bfd1fc1d3b5d81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 119314\r\nX-Ser: BC239_dx-lt-yd-hunan-changsha-12-cache-10, i91252_c23533, i2475923_c28821, i1935955_c23471, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14644,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"b008ccb4567a79f588366c02c939e6a5","sha1":"32da68772048bad869d4d365beb88392da28d281","sha256":"3ddf9dbee24dadac1164539d9dbc1a442c6cb3d5ca66e0f1dbe742c364fed9f3","sha512":"f1c4c9df16d60fa5b7903f971048ed9ce5ee10e7050ba80ed7759c1797f2060ce6f259b6ab857ebbf8b832ee5319f799ceb4c904c9a631b8b7a7a01e085a7f13","ssdeep":"384:5ZyCb3NaGKfI08vAoue4V36QF9pTaBHRckLCxKe:5ZyCbwG6I08LRiVxa3Cx5","tlshash":"6262d1e3ef699a3f5ddb08ef24b1691c3eac508a5204521ec6a4e5a70c5d3a3275134a","first_seen":"2025-10-06T14:54:36.486487Z","last_seen":"2025-10-06T14:54:36.486487Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5597,"timings":{"blocked":5575,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/1010/20201010015636917.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.007Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/1010/20201010015636917.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 11260\r\nConnection: keep-alive\r\nLast-Modified: Sat, 10 Oct 2020 05:56:36 GMT\r\nAccept-Ranges: bytes\r\nETag: \"408751dca9ed61:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i91718_c21609, i2475937_c28821, i1935859_c23471, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11260,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"578d020ef65dd39116e895800d121257","sha1":"f31b2e08069524e87e1c9b5acbe9b0514e98d8ba","sha256":"996e359d5b4d05326ed435de85c988291515e63a5b6acbb314db254dab62c897","sha512":"a6af9ef4ae8733f2cc0aa76db2e3390e8668b5c27c59d0ce5f897ceaf2fcac00d262b80b51e106343b786f3ce8c340e1b29944c531b342e74790733feba1479f","ssdeep":"192:bmY9CekUtdO7rHedVgK9BSGc1y0gE+CS0SPl6naEN4kHE71s5ZSc6QFGWfRMHyMq:h1tWHSVrSGceC1daZ7WSc6QvcVw","tlshash":"ba32d0fc8981791820079c512b235778f806745fc7f1c278e958396f76299c9da970fb","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-04-16T01:23:16.995027Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5034,"timings":{"blocked":5010,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0704/20200704033956825.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0704/20200704033956825.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 11969\r\nConnection: keep-alive\r\nLast-Modified: Sat, 04 Jul 2020 07:39:56 GMT\r\nAccept-Ranges: bytes\r\nETag: \"54778050d651d61:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i32009_c12732, i2475919_c28821, i1935851_c23471, i1940231_c22759\r\nX-Cache: HIT from i1940231_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11969,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"931d77db9a4fceecb8d8d29cab94201a","sha1":"fab5a5dc89ed1d50fd21e89a178307552b1c3c56","sha256":"7d20524691802562038af70ab141b0ca05562582b03d08b9ab184aac37efdc78","sha512":"6d961f41589cd1fc1134c9c85385c6ab1da840f872133a616f8e9697d38bb64277cde90c03a96f402ec4d223a0f1db25f802fa7d3a5c9f395cb2b6583a97158c","ssdeep":"192:B4eM/s+UNN4q6n+J/FAUMEQCOhy4Ee/ZLb3cyTgfVKqHNi:BAwb4q6k/FbQphy49/NqfzQ","tlshash":"f332c0f95eef82bcf19a34cf93561799057483729faa54500f2580346e8322cca7f8b6","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.589962Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5069,"timings":{"blocked":5047,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/icon-link.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/icon-link.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/index.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 20 May 2015 05:00:02 GMT\r\naccept-ranges: bytes\r\netag: \"0f52bd4b992d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 1139\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1139,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 7x7, components 3","md5":"0b54209902c07f305246522bfe768a82","sha1":"d44ff489739e11c6b5a97167dd28ad5742ba970e","sha256":"5718d23049f39bb862703b856ae7043eebc78c68280df88226a72cb5f5fce3b9","sha512":"a15ed64b8ee7e6806f9066f51b73bd01b6ced811c703a6b0a5639c2d63605cdda2e21a24fd0c38d9d19a7df6f0d4bd65593b98a644abb62b61ef34deb00079a5","ssdeep":"","tlshash":"4021350af6512b02edc9d97024f7a51f5d1d4880f8e2de96e8f9c80f08750f1586a6c7","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.438996Z","times_seen":16,"resource_available":false,"data":null}},"time_used":340,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":340,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=C3C94CA83C682A71\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1692156770\u0026si=00526ff88a0f942f7aba7a59e0e7b53b\u0026v=1.3.2\u0026lv=1\u0026sn=16611\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fwww.downxia.com%2F\u0026tt=%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD-%E6%8F%90%E4%BE%9B%E6%9C%80%E6%96%B0%E7%BB%BF%E8%89%B2%E8%BD%AF%E4%BB%B6_%E7%83%AD%E9%97%A8%E6%89%8B%E6%9C%BA%E6%B8%B8%E6%88%8F%E5%BA%94%E7%94%A8APP%E4%B8%8B%E8%BD%BD","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.3.198","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:50.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=C3C94CA83C682A71\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1692156770\u0026si=00526ff88a0f942f7aba7a59e0e7b53b\u0026v=1.3.2\u0026lv=1\u0026sn=16611\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fwww.downxia.com%2F\u0026tt=%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD-%E6%8F%90%E4%BE%9B%E6%9C%80%E6%96%B0%E7%BB%BF%E8%89%B2%E8%BD%AF%E4%BB%B6_%E7%83%AD%E9%97%A8%E6%89%8B%E6%9C%BA%E6%B8%B8%E6%88%8F%E5%BA%94%E7%94%A8APP%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Mon, 06 Oct 2025 14:53:51 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=BB8A91F28DE15F26; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-05-01T15:38:35.632641Z","times_seen":344059,"resource_available":true,"data":null}},"time_used":306,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":306,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/jquery.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/jquery.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Mon, 17 Feb 2014 07:48:28 GMT\r\naccept-ranges: bytes\r\netag: \"06e9a5b42bcf1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 33504\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":93636,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65483)","md5":"3576a6e73c9dccdbbc4a2cf8ff544ad7","sha1":"06e872300088b9ba8a08427d28ed0efcdf9c6ff5","sha256":"61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf","sha512":"27d41f6cfb8596a183d8261509aeb39fcffb3c48199c6a4ce6ab45381660c2e8e30e71b9c39163c78e98ceabc887f391b2d723ee5b92b6fbc81e48ac422e522b","ssdeep":"1536:s6IzxETpavYSGaW4snuHEk/yosnSFngC/VEEG0vd0KO4emAp2LSEMBoviR+I1z5T:O+vIklosn/BLXjxzMhsSQ","tlshash":"b393f8ed73c6717243ab30ae40af610ef1365869280d8410f129e8f9bc79a499277f7d","first_seen":"2023-03-07T01:02:53Z","last_seen":"2026-05-01T15:32:30.746528Z","times_seen":32506,"resource_available":true,"data":null}},"time_used":648,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":648,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/0118/20190118041710349.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/0118/20190118041710349.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 22359\r\nConnection: keep-alive\r\nLast-Modified: Fri, 18 Jan 2019 08:17:10 GMT\r\nAccept-Ranges: bytes\r\nETag: \"385197356afd41:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28820\r\nX-Ser: i91594_c21609, i2475911_c28821, i1935851_c23471, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22359,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"ac4094ab23632b072e22cb3ca96267b5","sha1":"8e19aba433c810759d1c28a3999fd4a4e4a9f427","sha256":"61885f13dd1b2867533be8614f2fbe3fdb8dc27c305c651f4e56f93c908b908e","sha512":"d49e115067105cc9ae9916d286f89a2db60637fd5363493dec8e987d16835afb2342b93c600779562798da7998ca9f0d719c7c65776a78b8e109f3b395497127","ssdeep":"384:m1mVcwLwCyCiBTdkHE4hYO/vdb0wwxjGJ9FgEgc5YBa3ni+EvEh:m1mVtwtCeahYO3db0vp8zPgc5B3iQ","tlshash":"93a2e0de7459096feaeb1792b74f9cbe392ecc9be10741405c01f901e24bd8bb8a0642","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.080083Z","times_seen":15,"resource_available":false,"data":null}},"time_used":10210,"timings":{"blocked":5066,"dns":5030,"connect":26,"send":0,"wait":31,"receive":4,"ssl":53},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/1211/20241211013048814.jpg","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/1211/20241211013048814.jpg HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 18191\r\nConnection: keep-alive\r\nLast-Modified: Wed, 11 Dec 2024 05:30:48 GMT\r\nAccept-Ranges: bytes\r\nETag: \"c216e7d58d4bdb1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28821\r\nX-Ser: i31243_c6956, i2103125_c28197, i1940237_c22409, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18191,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 350x211, components 3","md5":"a3d3fa28271db4df18450ca7ab39f016","sha1":"622c932310b211e6b0a04f95a6490a0fd4d962f8","sha256":"7fb8748045a1d70ae64af96b4753befd1a26c172fe64c70568862accf3707f86","sha512":"51217cbd4e222d94231305e8b83f4d2135bddbadf9dcf9f60e7cb0ffa060fcfbee9af534b9935f6fb9942a41578521631d57e2ae813b0dacceed14c59c72375a","ssdeep":"384:bqIHlqjttyiABVASes2ESIY30aYJZvuBppp6sbhd5MoJK+QfZf:G2qty/HAzg+TaZCp6M55FQfB","tlshash":"e582d1220057fddffa333e2152c18f781bc46e1a27a0c6274cfa9aab3699552d04975d","first_seen":"2025-01-03T05:17:31.432873Z","last_seen":"2026-03-04T05:46:55.34527Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5116,"timings":{"blocked":5088,"dns":0,"connect":0,"send":0,"wait":26,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0726/20230726021852801.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0726/20230726021852801.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 43296\r\nConnection: keep-alive\r\nLast-Modified: Wed, 26 Jul 2023 06:18:52 GMT\r\nAccept-Ranges: bytes\r\nETag: \"17c2a6c89bfd91:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 552863\r\nX-Ser: i34706_c4672, i2103123_c28197, i1940237_c22409, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43296,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"fafb83028db685cf63d2b47e82f2f455","sha1":"8870bd2ef4da2dc3074e30fd7ee832cb28c49c96","sha256":"8127178be17a87f0e80f103e1850cdf6eb3f0346a41ebc523799c928d4696c64","sha512":"a753f2c396253b6c0328c589312446ea7e4271403148dde0563709d03922bf2ff18d9bfd64a4ce1a3b3c688557cd50f92d1feb2e78852ff67a4aee685fd32b2c","ssdeep":"768:44p2iP1XNbFoX2xcbpgvT53ILpqMnP8CCW77RxMcv8r83/BGqJlFEqvA4:4O2U826bpoTWf8vq70o/BGqJYz4","tlshash":"f3130267ad91fc339718a044551dba89b8095df309fb95f324a55cd340604e3b12efeb","first_seen":"2025-10-06T14:54:36.501132Z","last_seen":"2025-11-25T05:37:58.724122Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5144,"timings":{"blocked":5114,"dns":0,"connect":0,"send":0,"wait":24,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/0912/20240912102503117.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/0912/20240912102503117.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 25163\r\nConnection: keep-alive\r\nLast-Modified: Thu, 12 Sep 2024 02:25:03 GMT\r\nAccept-Ranges: bytes\r\nETag: \"c47f9af9ba4db1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 1145\r\nX-Ser: i31233_c6956, i2103143_c28197, i1935879_c23471, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25163,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"abf0313a23f8d43e00f723faa7a7af0a","sha1":"4c9fdd819b3520dc05b503513670ae6bce1e74a9","sha256":"28196a549298c1b325d32ba243f07d28f8fff682f3b7ab31da83ab223f0f5907","sha512":"677acbcd8a0b6248d29759da89202e606e81a4e161534a8bb98da8d70fe37ef2ad32ce39cad397f34b5a02659eaffb673c3afe37fe2d693ebfe86747bb8060a0","ssdeep":"768:E0lwXyv54vEa6HNPYw2sDFmLgSn/99MIez:Wyv/a6HNPYTd19+","tlshash":"55b2f19693cc61349a3c5f200683616d519befdabe8c2726e14798cf4c071dd87b53e5","first_seen":"2025-10-06T14:54:36.503006Z","last_seen":"2025-10-06T14:54:36.503006Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5700,"timings":{"blocked":5657,"dns":0,"connect":0,"send":0,"wait":41,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0213/20230213095139852.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0213/20230213095139852.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 9254\r\nConnection: keep-alive\r\nLast-Modified: Mon, 13 Feb 2023 01:51:39 GMT\r\nAccept-Ranges: bytes\r\nETag: \"e7c62b74d3fd91:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 31802\r\nX-Ser: i5295_c17989, i2435101_c27847, i1940251_c22701, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9254,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"2f91b6111bd7d37b2f65799dcaee1b56","sha1":"88cbdd00ba2e06d80d908d52107870c844d9643e","sha256":"bc4aad1d4ad2e396eb0cfc3e17b8c8193e5e6784ef348fadae379e9cd7c25553","sha512":"e6427f0060c1dce6eac1b453fd8206de84f5101792c4cd80fdd7ac4ab805545d31784875e19c76c8a8386815d310a9dedfd3da3270957221449d15feaccace5c","ssdeep":"192:v+7bMZBv5+XL3Eot3zdT1u9rSjkM04dOY/uvH7g2ifxB:ab0Bx+jj3zdT1bjFFOs2Ov","tlshash":"4312d17545c415760f1b4acb530cf405a92dbff16114e59176aca2e40cb3f72225fd29","first_seen":"2025-10-06T14:54:36.50605Z","last_seen":"2026-03-04T05:46:55.563627Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5209,"timings":{"blocked":5187,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117023658902.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117023658902.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 06:36:58 GMT\r\naccept-ranges: bytes\r\netag: \"0a13aa06cbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2344\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2344,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"af905cf90d554877ec3a2eeea693cf41","sha1":"eb4f9110fa325fa77b5a60f80d98ad61ab2f1d57","sha256":"7ee2073674373c19b57b1055cd50561f55f1c05662267c01254d95348ceaf018","sha512":"e7aeee32e3557673336323d310e46576a37285ce5e84bb92041472e45fb1d789183dbb1f736518604adb88d10aaf0e0dec3c937bd505281b5cecde0ac76280fe","ssdeep":"","tlshash":"79410a09b28118d4d258d6c034e5d0dbce6709c465d9a0e736de8b6226759eb984c4fa","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.074383Z","times_seen":15,"resource_available":false,"data":null}},"time_used":951,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":951,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2018/0516/20180516024545910.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2018/0516/20180516024545910.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 44571\r\nConnection: keep-alive\r\nLast-Modified: Wed, 16 May 2018 06:45:45 GMT\r\nAccept-Ranges: bytes\r\nETag: \"24278a84e1ecd31:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 31801\r\nX-Ser: i91504_c21609, i2103121_c28197, i1940235_c22409, i1940231_c22759\r\nX-Cache: HIT from i1940231_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44571,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"9dfee5291c1b923cabb4b2bf457f26fd","sha1":"c1af0ea1f3459eca351e1a19802dd4c2cc6ad600","sha256":"82899cb177b6a6d4635948f93f8ea88f625ad5c8418d018e63d42d2873a288dc","sha512":"36c470271b64a80528afb0b31906afba552cdcbab8c6c4a375d10b62348eaeb71527c42f42f4372087381bf03ae4660db5cf1dec23666ff003f6c60127a7cea5","ssdeep":"768:/5FSX0buBk4bbq5NXE+jCWpaAkSjPBTqVzg+H14U2jG9M7b7Co:/5vuGMuNXESCOUYBTqVfMT","tlshash":"d5130184426dcabb318d6a194ef00c2f11159f26c83b418eb69c676b4e2e3cbdf701b1","first_seen":"2025-01-03T05:17:31.467963Z","last_seen":"2025-10-06T14:54:36.510714Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5524,"timings":{"blocked":5497,"dns":0,"connect":0,"send":0,"wait":21,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012023440226.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012023440226.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:34:40 GMT\r\naccept-ranges: bytes\r\netag: \"0c0e73b33bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2848\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2848,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"b0f7a2250a5a87f0c9a7e0deab81c0c2","sha1":"6ad549eb264f1d46f2e8efdbd40e04c5ba5bdbc4","sha256":"807dfe1cf8c252c1210686ccae796c2bbb514a438cf9cc9753794491ef4fa3b4","sha512":"ce80822fe9b9cfc630322cb349c577db5bcb47b56074d8230bbb9558cf4ce39c63098140b2a56d5019b9a7459a1fcdeb3288b619a33fa5bba286930969e27b18","ssdeep":"","tlshash":"81513bad8782352351343b020ae17a3bdea28cc4aa609054a5d7ec423c781f9c68d8ef","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.45714Z","times_seen":15,"resource_available":false,"data":null}},"time_used":890,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":890,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117023712307.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117023712307.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 06:37:12 GMT\r\naccept-ranges: bytes\r\netag: \"0dc92a86cbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2555\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2555,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"a44172f614ba55308411ece0366291f8","sha1":"a57b308369e8628146e1e56c0e5b53c68be608a5","sha256":"03620152aebb7160423b462ca9b8f0085195bec9c6ea5790154c4bd84513d39f","sha512":"39b49995850c295151f7542d5b4db584c32e5f8590a104f2aacd3963f1eafe99df81d190da1cc473282b2715ffd3ea4a233872d918b66982bb9b57e9dd34e4c8","ssdeep":"","tlshash":"d1510a88e45979c04995978509fad01ab9634180e9e0f1a725ffcf074ee15f82078bfe","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.281523Z","times_seen":15,"resource_available":false,"data":null}},"time_used":947,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":947,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0508/20200508111255752.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.000Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0508/20200508111255752.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 19443\r\nConnection: keep-alive\r\nLast-Modified: Fri, 08 May 2020 03:12:55 GMT\r\nAccept-Ranges: bytes\r\nETag: \"e513591e624d61:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i37198_c28455, i2475963_c28821, i1940229_c22701, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19443,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"4c6857c0679a0ec26e79d5e7e34230f5","sha1":"47d1a4c30650e2e26b91f5e34dd7cf6708b9a0d1","sha256":"260948ae34647014b5058b27475ec7c36246ec6da350c5a1d732e0f3e62aed90","sha512":"c812ffaa1946d1af10a90cc7ff822a7e8b13ef346cde10b04c86a072a452de9abf1f5ac5d8d66fc23e15d153835c03c2cfeb9f8a24c1e6a565e860c754b36b33","ssdeep":"384:R2lfxoXSH8ZZWMwFra6wS6BrwdCjDzsPt/PD6aZ5zluDbSUtuvj:0v1H88dctwIj3sPt/mQM/SUtcj","tlshash":"2d92e01ec21451abb00cd3700185b4a83f047bdd2b885aef6d7bf5b6d9ca1783a092db","first_seen":"2025-10-06T14:54:36.514305Z","last_seen":"2025-10-06T14:54:36.514305Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5613,"timings":{"blocked":5589,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0826/20230826015647886.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.001Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0826/20230826015647886.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 27270\r\nConnection: keep-alive\r\nLast-Modified: Sat, 26 Aug 2023 05:56:47 GMT\r\nAccept-Ranges: bytes\r\nETag: \"fc518b19e2d7d91:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i33673_c26321, i2475911_c28821, i1935885_c23471, i1940231_c22759\r\nX-Cache: HIT from i1940231_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27270,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"bec49e3de8f3a93355e74a65ad263162","sha1":"6cb02644d6920a5e88ef9acc7f63a5fbd7b56628","sha256":"8ee0105aa45f405217e3e98283b57094d58b7d5c261cf5e0eace3af6d3249a56","sha512":"167fffbf79acd5f02849536fc0df280002749c1f7acf1343fa929996593967b3cc728a7a05507159228277c7aa02c285627f698792c25059ad63f7d384f10b33","ssdeep":"768:OCisJ/YiPXx5H6WIWT80lyNfe5RFNrGAIrO:1iYwiPH6WIW8WyNcNrgO","tlshash":"14c2e1028a4fb19c4559e5f29a64fd3a7c77e0d22f2333021c60ca6c15fa592632ae5f","first_seen":"2025-10-06T14:54:36.516466Z","last_seen":"2025-10-06T14:54:36.516466Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5630,"timings":{"blocked":5597,"dns":0,"connect":0,"send":0,"wait":30,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2018/1023/20181023033936288.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2018/1023/20181023033936288.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 17735\r\nConnection: keep-alive\r\nLast-Modified: Tue, 23 Oct 2018 07:39:36 GMT\r\nAccept-Ranges: bytes\r\nETag: \"b2367a8ca36ad41:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i32011_c12732, i2103121_c28197, i1940245_c22409, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17735,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"e5428b278b7b6e206314d0c59d370a4f","sha1":"84fe699b9018e2c78abb9ddada7141b6bb47b963","sha256":"082adf2186c1afee4d353787f7e5cd1b529bf52c419193919e9f8b6175a72d1a","sha512":"8f24461a91d7653bedb30bc8afd72a3bf35c5bb8cb3955737a2dc012f698ddb1c05ecbd3c571bc01be9b5a0af6dbf911a2d9fd1ebc2b89bfc1830810b60caf1f","ssdeep":"384:K6WLZjzwJeuVT/IeJtye3+6r5s2EnKeikwpgF1jYnSSIC9jtUg/YKS76L:tWLZ+/Vye/r5wKeikwpgrsSSRj//5S7C","tlshash":"7282e1121344e2b4e31647ec5cb2e2fb91b01506949d3c4b2df19bbeeb69ddc5206a36","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:54.97216Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5062,"timings":{"blocked":5038,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2018/0403/20180403011109693.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2018/0403/20180403011109693.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 9479\r\nConnection: keep-alive\r\nLast-Modified: Tue, 03 Apr 2018 05:11:09 GMT\r\nAccept-Ranges: bytes\r\nETag: \"7c22252dacbd31:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i91636_c21609, i2475911_c28821, i1940255_c22409, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9479,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"c6ef357f1afc49fe032164304a75a037","sha1":"e343e3b72bccf064feb4168f178c0f8186780228","sha256":"c6ec4fff2b311c4fc13b01e2a51951316ddfb012569097a85649edb0de170079","sha512":"661e5c8b318bfc96cfb5261e4b7a605afc7bf3c6317f8fbb334a927c275fa7446ba7ce1b6deefb6fe5cb4518fb0abe20d5822fefa52cdfa982ff84f24a840f66","ssdeep":"192:rrNDdUoGf07WjEzunpTZ0IL6JrZv3ksc7PCvVNhufJy7SvWCWRN:VDdUJf0yAu9+JrWsczsIJgSO/","tlshash":"f512bf4ab92087898d088c36524f141257cf69eed3547467f539bb7b18840ff0b962bd","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:55.296552Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5071,"timings":{"blocked":5050,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2018/0406/20180406014732978.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2018/0406/20180406014732978.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 18744\r\nConnection: keep-alive\r\nLast-Modified: Fri, 06 Apr 2018 05:47:32 GMT\r\nAccept-Ranges: bytes\r\nETag: \"2bd894c16acdd31:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i33599_c26321, i2475941_c28821, i1940237_c22409, i1935945_c22759\r\nX-Cache: HIT from i1935945_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18744,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGB, non-interlaced","md5":"8287159e837825994cabe9229da007cf","sha1":"a845d3aa628579fb80fb1be488ba3994d42ac743","sha256":"a5a3a48081e9d9c97ad75acd0354e1dc3689e8f438d3a95171531f6e8323b8ba","sha512":"68de862fc38e3e17723c8eb23bfa965470974a2be7107e002240be5645fca8bd41fff106b8aa53cf4b62e5e2e920a88fb189f885c1ff9acc3a27668b6352d48e","ssdeep":"384:oX0dcpHseolWMBszdlfzQHEtQh6yyJxNvJ57mhjwEF:oEuqebCHEt9yy3WwW","tlshash":"3082e1215e365832fe59e49e94d2e939c513ef84e5c0bb6e809fe4258d101f472dfa32","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:16.914303Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5785,"timings":{"blocked":5762,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2018/0831/20180831111059752.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2018/0831/20180831111059752.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 23708\r\nConnection: keep-alive\r\nLast-Modified: Fri, 31 Aug 2018 03:10:59 GMT\r\nAccept-Ranges: bytes\r\nETag: \"246f23ed840d41:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i33637_c26321, i2475941_c28821, i1940255_c22409, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23708,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 246 x 246, 8-bit/color RGBA, non-interlaced","md5":"7ee89d88a9a38f261dff0485c231d1c0","sha1":"36a61a2deab347e4303e54d3b8306571cb18e4c7","sha256":"09b24e6b041d277db3454dc99d332d8e9b315389c731d34dd589c417eac866c6","sha512":"149d70d010b2c20b985305ce3b99530d7a6d136eca783f03d93e8c50e01e1e867bd13c18dafeda053b5bc650d954febdc54157fc59f4240b5728ef2dda686d1e","ssdeep":"384:WJGH4cqEqGlZBaekkJ3nZROf5OKFz8Zm+aIBTurNv0c4A07FCZnC3EFEBVqOMkuC:4NEZBaGJ3ZiCaIcZv0nUsoych3SR","tlshash":"a6b2d08e6f63902665fe07935c3c7588e2cf72b5c52ede20b9832688a4430d5d72e4b6","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-03-04T05:46:55.599151Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5815,"timings":{"blocked":5784,"dns":0,"connect":0,"send":0,"wait":29,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/1023/20191023020000768.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/1023/20191023020000768.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 12712\r\nConnection: keep-alive\r\nLast-Modified: Wed, 23 Oct 2019 06:00:00 GMT\r\nAccept-Ranges: bytes\r\nETag: \"df45221b6789d51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28818\r\nX-Ser: BC147_dx-lt-yd-hunan-loudi-17-cache-9, BC198_lt-obgp-fujian-xiamen-33-cache-1, BC130_IT-Lombardia-Milan-1-cache-1, i1940233_c22701, i1940231_c22759\r\nX-Cache: HIT from i1940231_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12712,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"31447b24abaa84ffb250bc57160af959","sha1":"e2ff5bda825fc6bd59c22841b211a3a57158e1c2","sha256":"a5b06b103dae0497a757e100aa8cab6576bd90739cf6e036c0daf37c7173c91c","sha512":"22c7d38109e6e53a23a73422643cc5870d92678146d953c7603ac432128c489f222df4bf607f4bdd2becd0ab92028d9c5c91aa128bad4805554932bfa8e0a5c1","ssdeep":"384:8R6x/DsfxYZV0Fn9ewmJxwyVSk72uehBa/2NGQ:HDmtFnQwmsdkaxhBa/2NGQ","tlshash":"fc42c0d28a6022c4b35b1ad35ad2cabc38653fbdc4e7838c47165df378d2a1374c1456","first_seen":"2024-05-20T23:08:39Z","last_seen":"2025-10-06T14:54:36.529867Z","times_seen":14,"resource_available":false,"data":null}},"time_used":5154,"timings":{"blocked":5130,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0926/20250926081515291.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0926/20250926081515291.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 9512\r\nConnection: keep-alive\r\nLast-Modified: Fri, 26 Sep 2025 00:15:15 GMT\r\nAccept-Ranges: bytes\r\nETag: \"2f58e0a17a2edc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28817\r\nX-Ser: i37228_c28455, i2475911_c28821, i1935885_c23471, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9512,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"6177ae39269dd7bcb69d96097de65405","sha1":"fbb544c20d3ab160f6fe3b7166f0899351b8b067","sha256":"d4b39c1242bc534130552426d15376bb391dfe7bf01b83517f311eb5e4b4b50e","sha512":"7139f773a0e318c51e7d3057867dd1ec15761da198668fc02a2441e8883658a8ee0eeba4ea81c39abc6bc26320f8e71bd3e3257bd157a4d43800509ef60683ac","ssdeep":"192:KoTIoqv08UjTqE675GEjukXPFXtKOZgMWC1SMR/0fxc:KoTIo1tTq9GMuuKOBWCYMWfS","tlshash":"3412afba2a069b2d1f44366ee36134d1312c1c3d406bd962a8532279289a7fb5ad5cf2","first_seen":"2025-10-06T14:54:36.531893Z","last_seen":"2025-10-06T14:54:36.531893Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5237,"timings":{"blocked":5193,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0909/20250909033506373.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0909/20250909033506373.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 15007\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Sep 2025 07:35:06 GMT\r\nAccept-Ranges: bytes\r\nETag: \"ead080435c21dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28820\r\nX-Ser: i34696_c4672, i2475963_c28821, i1935879_c23471, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15007,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"afe3412ed256be1bc793c5ab647e66f1","sha1":"841ed00888ee50b00f0f0b82149c1175aaadcd82","sha256":"8256c5f865dbe7db92ff037febe3f9e55929bf36abca8ef71ef0fdc125b0cd6b","sha512":"bf806a81a38bd9f31b5bdd88e97b82ddf3694e12f8737361bb1707988a7ffc89ec13b105049221526a508f0a5a80f7b6f16459e29cd05a9b101245c2fe748259","ssdeep":"192:JDaLc2b89N46zzgB1Re5cxXSG7eCzVfJoH+PKPDja9J/D2PxK2gqk0+fmZt9euIW:xYb8YugAixXTNVfGHHm7L2JKSt8durx","tlshash":"2c62d0882a04e49480855d543fe601b7837985b61bbcfb686cff1f3e0a8e174353e5aa","first_seen":"2025-10-06T14:54:36.534436Z","last_seen":"2026-04-16T01:23:16.675852Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5708,"timings":{"blocked":5685,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012030847152.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012030847152.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:08:47 GMT\r\naccept-ranges: bytes\r\netag: \"80293038bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2539\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2539,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"4b842c617facc4be7462e813e73138c8","sha1":"bab94207266eef8e409815ece9b2b6fe0978266f","sha256":"b4d5c0a18a7ffdd3d38784f7b864abb73fd3b5fba2b9f50c170f1edcfcabda51","sha512":"5dd097cfe8e1cbf6e448b60ba00790826e139c22916eb042ee5612b27bde4c6a1a88c874a4996c12c7207f816b508991a3e08867e5faed103a4bbac52ea347ee","ssdeep":"","tlshash":"4251192af7526290b1adc58038ff2c726c078e919f5371a13ccad4533ab42f16e56ac7","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.109729Z","times_seen":15,"resource_available":false,"data":null}},"time_used":763,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":763,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012035507868.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012035507868.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:55:07 GMT\r\naccept-ranges: bytes\r\netag: \"807f5793ebfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2731\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2731,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"d0446a76b2a6c383c42d14af6a222ed7","sha1":"6ef654c3ac2a2f84acde41305be11d725e42dde2","sha256":"174c7e887203b4d002392f969a26e51e31dc1b41df82355c3396df53bab44901","sha512":"003fd82275ab4aa2b8b4f35dbcc43c6b6857bbb44e98113f1cd60bf070f7d3a116cc6fbe0f6732c3bcd7528f76d74fdb691d071fcf8f7dae8a2ccc66c3d9221e","ssdeep":"","tlshash":"6c511b6dae614450a44dda1238db15765a704c41faf0f159a4c8ec22ec7d0f567192bf","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.227148Z","times_seen":15,"resource_available":false,"data":null}},"time_used":986,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":986,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/1024/20191024092811610.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/1024/20191024092811610.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 8612\r\nConnection: keep-alive\r\nLast-Modified: Thu, 24 Oct 2019 01:28:11 GMT\r\nAccept-Ranges: bytes\r\nETag: \"239b434ca8ad51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 31717\r\nX-Ser: i31243_c6956, i2103121_c28197, i1935953_c23471, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8612,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"2951b83a27dca7c310669b7a533807f9","sha1":"8775232255263cd651eca82049b3772c9f6540e1","sha256":"3642af3632d7b13480a12bf55ab29cdcafc2c1461e1ea2b1f7e1a0e9d4ce08ba","sha512":"c913d1e57404955bf324efeb7ab3a872d5bf778c2751a3234b05661804bf984824d36e8bb264ef98f47e61c612964f4e16e5223168701d4ff803b3054bc52430","ssdeep":"192:NF5jdxG42dXPRkiJDLlnjiEY2Ye35YtfyRqQY:Nfjdw4gmivnjKfeJYdfX","tlshash":"1a02b071bb401cf21a30a9cb6642b21104ef3560f732af529301553e7aeda9f64e5a8e","first_seen":"2025-10-06T14:54:36.53943Z","last_seen":"2025-10-06T14:54:36.53943Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5471,"timings":{"blocked":5450,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0721/20230721034852372.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0721/20230721034852372.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 42659\r\nConnection: keep-alive\r\nLast-Modified: Mon, 29 Sep 2025 09:25:09 GMT\r\nAccept-Ranges: bytes\r\nETag: \"b5b943f32231dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 43636\r\nX-Ser: i92778_c22643, i2475919_c28821, i1940233_c22701, i1935945_c22759\r\nX-Cache: HIT from i1935945_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42659,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"b476426cc1e47543bd4d2cc55ab67a03","sha1":"7c0a420bf811658323901ac0ece496c0c45574ab","sha256":"dac4d66dc274cf6e5655289bbfcc19696e0996a71b0f903528925bd967d2a970","sha512":"7838127bcfb42054aef7c1077fabd490718c616d01fc659494dc963be33ce377cf22b79b074e26365e31c286110e8b12ee4e5e0c8684fa44be45180364ede54e","ssdeep":"768:ciVb87keCM1rXpDYCaQtsC5ZjSX8L4OljGGk8lJ8nXMeBY7mK3UHklhX:HVbHM1r1LtjxSX8pljj8nX47mK3kA","tlshash":"6613f12ed074a0106ec7fa9e751fa33c468fc9960b9607b948ba356cbc35591cb2a11e","first_seen":"2025-10-06T14:54:36.54156Z","last_seen":"2025-10-06T14:54:36.54156Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5557,"timings":{"blocked":5531,"dns":0,"connect":0,"send":0,"wait":21,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2017/0524/20170524033002984.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2017/0524/20170524033002984.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 37273\r\nConnection: keep-alive\r\nLast-Modified: Sat, 20 Sep 2025 05:52:43 GMT\r\nAccept-Ranges: bytes\r\nETag: \"90a894c8f229dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i34718_c4672, i2103129_c28197, i1940237_c22409, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37273,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"292672b5df5347935248670330f989f1","sha1":"0043345c25dcd4594c0ed654ca4b4413496eaff9","sha256":"29f4410bc20d5990a6cd2f6383a12a5b4459c43dab10d9e1794bf2a5fb6598a1","sha512":"045c67442abef4e451d3b8966adf4567e875d1f9c1b458deef455dcdd66dda5321a37a1c211e0964ba19f5ff9652792b9468af03ed6f876dd5a458deb532a077","ssdeep":"768:HTdSKzAv+Jg3GVfO3tychKZ8XbyPw17NbghwQCLk8fqwJjiC7ovpIe/iV7qTywef:Jzm2AdVhTbyY17NEKQCiwJ2wYik+wK","tlshash":"8cf2f2b4d0f580d282b20cfcfe680ce7e953fe45b1b638d6940089155e62b63ebf9965","first_seen":"2025-10-06T14:54:36.54383Z","last_seen":"2025-10-06T14:54:36.54383Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5732,"timings":{"blocked":5708,"dns":0,"connect":0,"send":0,"wait":21,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/1211/20241211013009951.jpg","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/1211/20241211013009951.jpg HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 19627\r\nConnection: keep-alive\r\nLast-Modified: Wed, 11 Dec 2024 05:30:09 GMT\r\nAccept-Ranges: bytes\r\nETag: \"347d7fbe8d4bdb1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28822\r\nX-Ser: i33637_c26321, i2475941_c28821, i1940263_c22409, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19627,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 350x211, components 3","md5":"09d3f02f5fd44bbbec694b7e976201e9","sha1":"9d3cb19b7d6d8a421d780e0054d1d18f4384e562","sha256":"d63e15e3ce3c4bc8e1c87ad4af0b323d42d755154d38112f0bbef740b0946fa2","sha512":"4117bd77d267c85da14cfa2b3524446015bef9eebfc83fe6d99154ee192577a9fa2d259e38fb4d62c4b2c95b7e452e550d9c4b3b18031f503954c63e500f7a15","ssdeep":"384:9BMBeT+LKjqXxz/+JyWQbOA/hcM1P+jpn2TaWl6CK8W8z4gtwV:9BhTSKU1/+JyWmKp21oCXWV","tlshash":"d692c007ac74e7d07352bbf704e6dfc49978370885a9a1106ce8ef235ad81d9505a1fb","first_seen":"2025-01-03T05:17:31.436629Z","last_seen":"2026-03-04T05:46:55.06863Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5481,"timings":{"blocked":5450,"dns":0,"connect":0,"send":0,"wait":30,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117031616673.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117031616673.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 07:16:16 GMT\r\naccept-ranges: bytes\r\netag: \"0e0b41d72bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 2350\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2350,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"937e830914d2f5a765b0cb3724921dfc","sha1":"723dc55aba2876599bb4ffb4848be3d5271fd9b4","sha256":"f862c9d031ec38ac6ed26b4202a5e0a89882d0b0e46e22d70786e92729b4e0d1","sha512":"40ae1f2812706cf882fb200d288edb80ab54cd51ee1750863e10fb988a044abe25641522713b37b34425d2eca044422656aa8d5a9bb5e8a1e616150ad4a52928","ssdeep":"","tlshash":"a241e6eeeda01c82f7e7c58138f59053e4269c458ae1f2e82dd2d4162ef41bca10a887","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.365097Z","times_seen":15,"resource_available":false,"data":null}},"time_used":869,"timings":{"blocked":373,"dns":0,"connect":0,"send":0,"wait":496,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/1104/20211104025307822.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.996Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/1104/20211104025307822.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 34885\r\nConnection: keep-alive\r\nLast-Modified: Fri, 26 Sep 2025 06:32:48 GMT\r\nAccept-Ranges: bytes\r\nETag: \"f8cd1460af2edc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28821\r\nX-Ser: i91542_c21609, i2103121_c28197, i1940233_c22701, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34885,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"44be2c53e59b52a0f4a438509a543877","sha1":"f190328b77b636c535976ac392f97a309a3c8f8e","sha256":"ad92a12c93c51a6789c33f19397fed6cb58dc6ef427117f2497a8a6694cd9178","sha512":"5143d4344660fdad62f6bccafb42c060ace6f46e9835ebc704ddfda4969ac46c5103b5f76f2236f5975f19395e86769ae622419c66c8f35d8215387b138714fe","ssdeep":"768:XGrOYtsS69vWEJumZ618MmrbEEuull2/nYKbZQ48H81N+b:WrOsbk818H3Ebs2/nJZi81N+b","tlshash":"fff2f2dea724476dc15899024ec6c8df99b13a53b6ab10c498bf503c6b8904772decad","first_seen":"2025-10-01T17:02:33.028488Z","last_seen":"2025-10-19T20:17:46.228283Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5568,"timings":{"blocked":5543,"dns":0,"connect":0,"send":0,"wait":22,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/0426/20240426033659317.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.005Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/0426/20240426033659317.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 22858\r\nConnection: keep-alive\r\nLast-Modified: Fri, 26 Apr 2024 07:36:59 GMT\r\nAccept-Ranges: bytes\r\nETag: \"a7b4c885ac97da1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i31243_c6956, i2475941_c28821, i1940235_c22409, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22858,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"021ccd1ade934968ab42bc878db71c7b","sha1":"92e8a10434b89ca55d71e01af7daf0a66f4fefbb","sha256":"983dd4b57939233870a94a9d9f2c02e78c9e455391a953ae8dac39dce5828e6c","sha512":"8b2d488e88f9610a6bd69fbded618d8514438e2bb3719fc9c2c68b203d30c40b304228d397b9d7b58502a0667411d5b95d3fe83db12f3f298f620ccdaa32e555","ssdeep":"384:zZPCh07963SnPtvBPWSMIjlm2ZpL7VbhVlx0iyT0IiplaPy+xxbH/xvnKz+9BBVe:dCe7960PtN/Mom2ZtZh3yTvip0/xbpKp","tlshash":"fda2e0fe5b365d87d914eac3a4b5f88fa2c4852393a0d75988fd580bf1033886b0ca95","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-04-16T01:23:16.988147Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5010,"timings":{"blocked":4984,"dns":0,"connect":0,"send":0,"wait":24,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/icon-more.gif","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/icon-more.gif HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/lib.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\nlast-modified: Thu, 21 May 2015 06:06:09 GMT\r\naccept-ranges: bytes\r\netag: \"80de193b8c93d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 70\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":70,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 10 x 10","md5":"bd4fb793022d1beda472ad454fd8c6b0","sha1":"9f948a3804e75f15301bfd774907e90dae2d3eca","sha256":"e9c849e29b072e10111a7ed40e2a92a03f68d3a3d12b98e0118fc324b42510ab","sha512":"bc3c517afee2788b29cc2da62163e2a7bef0bd15bc946b1efa072b3f9aaed31799ab86787f9062bc7231f118d71b2041232b2e1913d894d923b9651a0ef8ab57","ssdeep":"","tlshash":"cea0022afdd03508ce01c8b41ce84351fb7214d55e59119501c72054f4de960154fc01","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.028579Z","times_seen":16,"resource_available":false,"data":null}},"time_used":349,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":349,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/bg-ul.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/bg-ul.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/index.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 19 May 2015 02:13:27 GMT\r\naccept-ranges: bytes\r\netag: \"803d4664d991d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 1267\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1267,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1x1, components 3","md5":"b79f375dc58cdfe7e07b6732a2f5c896","sha1":"12f204cf4104bc412211b1d90c8f168a8a095f6d","sha256":"678b77ac0fa88fd883db7d2d96222a733d6c5bd25026c4c2aa3f2ce7bf0f72b6","sha512":"94e2a3df43a98a34bd1e313e5d4bcf941947f717c79afee442fe7f573bbc32d8ac513b0675e804146c65e34f38014808d9d7df7c56d9c90f4096b29188441f20","ssdeep":"","tlshash":"a921140df6526b03dc98997638f6511f4d1544c0f9c0e996a8fa8c1b5c750f94c1a1cb","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-17T07:48:49.153281Z","times_seen":20,"resource_available":false,"data":null}},"time_used":343,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":343,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/a-bg20.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.611Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/a-bg20.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/lib.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Wed, 20 May 2015 03:12:07 GMT\r\naccept-ranges: bytes\r\netag: \"805dc5c0aa92d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 1010\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1010,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 9 x 10, 8-bit/color RGBA, non-interlaced","md5":"e63fbbdf4d67f9bb6eeebc7941d49fab","sha1":"edd85e3725a24dc7e0d8d25b0d36ffb663a48779","sha256":"dede6589daa51465fc2d053fd9beecf808e6cbb75e44d460de81a0f68aebf98b","sha512":"78efc00596aaf63ec4c6f0ad9d6e46c7c414a23470d9b36a513f2108787d4228694730a16df0e9b5956f0ffd3e57f2ba5e2e926c4dd996f0d76843cf21b35cb7","ssdeep":"","tlshash":"3c113e4afa507801c3588cd220f690378a2308808ae0b1e6b9dfccab09644f7859d6c7","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-04-16T01:23:16.804481Z","times_seen":21,"resource_available":false,"data":null}},"time_used":339,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":339,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/favicon.ico","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:54.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: Hm_lvt_00526ff88a0f942f7aba7a59e0e7b53b=1759762431; Hm_lpvt_00526ff88a0f942f7aba7a59e0e7b53b=1759762431; HMACCOUNT=C3C94CA83C682A71\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/x-icon\r\nlast-modified: Thu, 28 May 2015 08:35:17 GMT\r\naccept-ranges: bytes\r\netag: \"80906a392199d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:54 GMT\r\ncontent-length: 4286\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"564f0e8421867388f429e97f724b849d","sha1":"348d72379b174ebb006e1d41933677ca33400437","sha256":"90872c151e71ec8d1752b4439e8597b27c2bc5e7df08336ac230708346392f25","sha512":"feee000e2952549d0c9428ac0563d57adef5e210d0aaaa2da8a2783e235cf24494d7cd0d2f3173ab6cd6a921aec7f6edf38c6b62edca8c7c15c1a4d3d50370e1","ssdeep":"24:suSKtd/K6K4MZ6B6HWkzr8gelQ2XaqcG83DL/C5UjBInR:MKtd/TKr6B62kzrf9WaqX+7C5UiR","tlshash":"d191b801e2e9cda8cbbdfe30c5cfcb0b470d86355a4cd343c1ea88252a498a0a93d0f1","first_seen":"2024-05-20T23:08:36Z","last_seen":"2026-04-16T01:23:16.805578Z","times_seen":24,"resource_available":false,"data":null}},"time_used":312,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":312,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/1226/20221226031639512.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/1226/20221226031639512.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 17919\r\nConnection: keep-alive\r\nLast-Modified: Mon, 26 Dec 2022 07:16:39 GMT\r\nAccept-Ranges: bytes\r\nETag: \"84d681fff918d91:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 169087\r\nX-Ser: i25535_c12732, i2475923_c28821, i1935885_c23471, i1935945_c22759\r\nX-Cache: HIT from i1935945_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17919,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"76493bd5a0a277cf652e400c295c43a2","sha1":"6c239ac5ebad44d4bd336bf4fb7c2bb249c9be3d","sha256":"e2bfea888606af79b2d2f2c4b8e8fb035f5fb5c1212989f7e606bca9a0c7a56a","sha512":"3cda86131ea388a71425efd91727d227d0311fc05664492aa97f10d2f64371c7604da72bc261a0f4c76f4cf90984c96b29c905876adc16e1ce3004015f91af8e","ssdeep":"384:E1CXZXNz6K5MlikGyhfSxbMN6DEfCpbMxoyFa8C7Yo1B6KeCI:kCXZX96K5WVhAEKbMxoyaH4Kef","tlshash":"8182d085ccbe5d6770bfd5764de538203fc0e469e2b08354dc99da681c988a3ea8258f","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:55.088258Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5114,"timings":{"blocked":5091,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0806/20230806050437245.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0806/20230806050437245.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 41731\r\nConnection: keep-alive\r\nLast-Modified: Sat, 28 Jun 2025 05:52:56 GMT\r\nAccept-Ranges: bytes\r\nETag: \"432d9ce5f0e7db1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 31043\r\nX-Ser: i31183_c27733, i2103123_c28197, i1940237_c22409, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":41731,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"45ed84ab2fcd121e9b93c2f68b0e6781","sha1":"1ebb7ceed68f84e1f3ec0aa604d506ed957ae389","sha256":"626e8d80af7592f9b82fc399ba0b3ff3de7203b12ef6c80d20424596f0fac020","sha512":"80352cbb684f7189733481286a1afcf6a221828fd452541f287b82f194dc00e11d4429364dccbac22a66733cf67f82dd59b7db4b0f7bb66e2b1879c0a067f1e5","ssdeep":"768:LCJr0C6Zr9wH5zieDic1ZK4zj/g6Y1OB0bsjRsrxB7l95oShezW/yKuqHo:cr0CS25z17KOjooBQ6q1B7/5oSUaypqI","tlshash":"e8130186dd003f0da2157a65e147b5cb3ea53fcc01664609bf04363fcc0abcae694da9","first_seen":"2025-10-06T14:54:36.563083Z","last_seen":"2025-10-06T14:54:36.563083Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5172,"timings":{"blocked":5143,"dns":0,"connect":0,"send":0,"wait":23,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012033943705.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012033943705.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:39:43 GMT\r\naccept-ranges: bytes\r\netag: \"804946523cbfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 1716\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1716,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced","md5":"5428cc0461a84e00cf1fbc3dd6626dd3","sha1":"e5121c3b674de3948491189071868f452b9b9a44","sha256":"9925e0116c2f929495f6e8e68d042db42542e64cbfd05c987686ed0fd6b7ed65","sha512":"aed1f140a22ac8f5b38b6675d56ac43fb274c55114f9e8c6f11ecc666f29f58f138161a84f5d30aeb42b2fef9756fc1488c5ad78262f460bf24296ab59c46877","ssdeep":"","tlshash":"a1319699b992bc42515ca1852cfa50238b378d908bf0e152bdcfc84579264be161ebf7","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.359817Z","times_seen":15,"resource_available":false,"data":null}},"time_used":839,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":839,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117043810416.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117043810416.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 08:38:10 GMT\r\naccept-ranges: bytes\r\netag: \"0c5ad8e7dbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 2581\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2581,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"171212d6d15801afc8cc6974f94566c4","sha1":"701ef01eb4e5c5c4f12d22eba2045d48acef6c52","sha256":"f439aad6a18bc368404b1ba3bec03f38db5e095c58f8cb275bb0e6065aeabaa4","sha512":"320549fd9d46b5aad1bcce304c227255c65708346ec1afdd3ad7b159dd75adbd1016f57b657015bc99b2fed9c86c96c3398a266e34f022413caf73363e47eff6","ssdeep":"","tlshash":"a8510a8ca5dcb1d3288fe69128d1607765324994c7d5e8f078cbd01a79a01f1287eaef","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:54.880179Z","times_seen":15,"resource_available":false,"data":null}},"time_used":868,"timings":{"blocked":550,"dns":0,"connect":0,"send":0,"wait":318,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2017/0414/20170414082617258.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2017/0414/20170414082617258.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 22568\r\nConnection: keep-alive\r\nLast-Modified: Fri, 14 Apr 2017 00:26:17 GMT\r\nAccept-Ranges: bytes\r\nETag: \"86eb48bbb5b4d21:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i63608_c22643, i2475911_c28821, i1940263_c22409, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22568,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"3c97392bb74a39ea08bae9cd0b0cb8cb","sha1":"2de59a64232e9c88e165cdf27bb52c820ad1afd6","sha256":"85f8a2c6bc7eb95b0ff322548f507ac1cb76538ce14ec7df75a4d27343112701","sha512":"534466b6cc1f65ec28c7c204d1d8604487a58318e37234f730793a4604934983c658f74c9518fe348a815e967b7dcba89b82e6a59fd3de0bdb1e87d2d523be5a","ssdeep":"384:1z/4J2Kk6HzdyK8xE1WqslFIxzSbfhXIjMKHQIc5tbzbUNhC8cD:1zQG6H5ylfIcf8Il5tbENhbO","tlshash":"6fa2e1e98600eae7c237b6d4fe8e2b35cfd10da44ce46a77b709507b785c249498a847","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-04-16T01:23:16.726703Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5051,"timings":{"blocked":5027,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/0802/20190802105755316.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/0802/20190802105755316.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 7189\r\nConnection: keep-alive\r\nLast-Modified: Fri, 02 Aug 2019 02:57:55 GMT\r\nAccept-Ranges: bytes\r\nETag: \"8ae98b15de48d51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i91550_c21609, i2475937_c28821, i1940269_c22409, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7189,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"6c86dd58bae7eb589a8d292997ba2e66","sha1":"9611f843901d728ab03505694457d68cf93b930b","sha256":"87606d33c7fde3543afce40eb84e2c8a21592b8e86355d030b369e6c41d80a1f","sha512":"0c5ae07e364e84779381ee5aaf7234a0f9c12e87fcc78687bc906bf01a93746e6ae252cc32cc4fb6b8ad1af774f41a109c622f90fb2ac8a920ee5d16aac5b602","ssdeep":"96:p1F9VSdqL4ReRZiqATMDPH1Z7YHxk5K1/66YK4lcVPzMm4BJSOwRYwQrh9YUZN1G:pHmdPReziXIDPJK1i6OlphcRGJH1cU8","tlshash":"f2e1be0e2e6caddef059a1a112450931fea6f3776fb3dc04a6f504cc6a165730a20a35","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:16.870135Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5793,"timings":{"blocked":5772,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/dgjs/index.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /dgjs/index.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Tue, 27 Aug 2019 07:34:47 GMT\r\naccept-ranges: bytes\r\netag: \"8085e0e6a95cd51:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 1023\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1698,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"a5ef82fc38a2d2583b406b2ff1f65bcf","sha1":"9973e26da28a9981c32d2da9963e8b64050c1d20","sha256":"f026ce06396aff73ace56c04ddfcc786ba9b59784293f866367057dfe35d632e","sha512":"343e4c3e9d26249d9ac06a77c19143ffd02cac8c196b8bee637ad7be573428932255583ac2ac48f17731b2d998daecccdfe5c4736ae6570702640f83952c9725","ssdeep":"","tlshash":"dd313188e9151a79a273733497fa8108f9f368336608d160f92c94d07fb3a61516afec","first_seen":"2023-03-26T07:56:35Z","last_seen":"2026-03-04T05:46:55.192291Z","times_seen":15,"resource_available":true,"data":null}},"time_used":827,"timings":{"blocked":464,"dns":0,"connect":0,"send":0,"wait":363,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0725/20230725033014215.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0725/20230725033014215.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 39213\r\nConnection: keep-alive\r\nLast-Modified: Mon, 16 Sep 2024 05:40:38 GMT\r\nAccept-Ranges: bytes\r\nETag: \"4bcb4f5fa7db1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 169088\r\nX-Ser: i24679_c6956, i62088_c26647, i58862_c11118, i1940259_c22701, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39213,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"c017ecca739532275f3c70768cb20b4d","sha1":"a3040af3cbaaa8164182dc6c6873221cad8783bd","sha256":"40565dddb3264e664ad039c0d6f990553c3a741fffa18051ec6192e460d43cf9","sha512":"48b62364653a3647a27a0908146335456ec29e4f9f7e27dcec058198861f073551687bf34f47b588c5f15918758f04b83334d37315b9178e767e538e8f996dd9","ssdeep":"768:OgxgBsc7YKeXl9twm62cY7GWxGCSbN7nMbuXt6MLf20:OKgZ7YKe1LcYfGVnMW1+0","tlshash":"8603025174496f2ab4804407b971a3dbfd38bcf25ef8552095e0e38de27d792c134aa6","first_seen":"2025-01-03T05:17:31.294234Z","last_seen":"2025-10-06T14:54:36.574696Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5131,"timings":{"blocked":5093,"dns":0,"connect":0,"send":0,"wait":27,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0930/20250930032037591.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0930/20250930032037591.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 11087\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Sep 2025 07:20:37 GMT\r\nAccept-Ranges: bytes\r\nETag: \"76fe3cb8da31dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28818\r\nX-Ser: i32019_c12732, i2103129_c28197, i1940269_c22409, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11087,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"a61965fd6cbb7991c98c9a4ce7d41505","sha1":"8a1b5181bed223cd19ebbcbfc9c3fdb8b807f816","sha256":"a9fee904423d6addd114753a3ef70c0b572f3e09d3428d28b49a1fbde0793f0e","sha512":"277245221195255fcbb182bb643dc23ad5eb94952b9394f3bad437f7ebd2c7cdb5a66178d3424dcc8c3a396fce9e29b6bec01f157a13ee10f8fd36b012ec20f8","ssdeep":"192:wFFhfV3J9BSjqSyxSoWGP4AUu7B/gdrbp2yzsmmaK5iFPJnkYEVvSycVbF4:wFFhfFJXSjqHxSoRP4Oo5bUyzHK5WJnQ","tlshash":"aa32cfa7a8bd05722913452c899c7ecdaa7ee73d3121b01c3edc0571196db20abd4ed2","first_seen":"2025-10-06T14:54:36.575531Z","last_seen":"2025-10-06T14:54:36.575531Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5594,"timings":{"blocked":5566,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/1104/20221104011726626.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/1104/20221104011726626.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 20287\r\nConnection: keep-alive\r\nLast-Modified: Fri, 04 Nov 2022 05:17:26 GMT\r\nAccept-Ranges: bytes\r\nETag: \"b13a96bacf0d81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 31802\r\nX-Ser: i92716_c22643, i2475919_c28821, i1935891_c23471, i1935945_c22759\r\nX-Cache: HIT from i1935945_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20287,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"2954784dac780dc0ef98606be5d361cc","sha1":"3afffc014cca35adbc4fac38c48cdd0627ef1307","sha256":"33ad8f6897da89aae1848bb96a2fc344a476e42c8600343d8add80ad56e11f49","sha512":"46bec2d774d993d4d58222e1218eff4ab7cba8acf7654793e7522ac8da95e2d02bff98545cb5434027cf6915093bb8443894d9e49afc48e966371d3cf56470b9","ssdeep":"384:Q2JnagrtwNhypZiK/StF76yNPVgN1YHFA2tkWlsGASI/o:Q2nREheiaSP+yPs1Yl92es1po","tlshash":"f692d04f88d0a8f9fdd6823339d39328ab29b9bc4601818bd77737179c58795b9c3481","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.592622Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5204,"timings":{"blocked":5180,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0715/20220715082924194.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0715/20220715082924194.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 9524\r\nConnection: keep-alive\r\nLast-Modified: Fri, 15 Jul 2022 00:29:25 GMT\r\nAccept-Ranges: bytes\r\nETag: \"a338bfefe197d81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i91550_c21609, i2475927_c28821, i1935879_c23471, i1935945_c22759\r\nX-Cache: HIT from i1935945_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9524,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"ad50816b20172116aabddb1e8a410250","sha1":"113caaab8c96dff9bf63f5ceb1f41453e93a2c7a","sha256":"642d44b12eeacfa69402629253823125d1b3f86e33ac82cb817c9027280c3e4c","sha512":"f79dc40a61dc31774584b1c35c71e01ca27693d75055e2045a5d59fb533721a22b10c590d16494dd7ed49fe88d6fd69f12d1193f62aef6d424a40b740a884652","ssdeep":"192:yYEgP3KpZwNyoBme8OMOf33CDleXJnfIiapKGe0LmCIns:Xn6wxByDm33CQfnanLmCIns","tlshash":"e112af3035586a25dbaa8b3c7720f4e1249fbf8215247eef78b350517da02f80227ea5","first_seen":"2025-10-06T14:54:36.580052Z","last_seen":"2025-10-06T14:54:36.580052Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5017,"timings":{"blocked":4992,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0814/20230814042828453.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0814/20230814042828453.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 36869\r\nConnection: keep-alive\r\nLast-Modified: Thu, 25 Sep 2025 09:17:35 GMT\r\nAccept-Ranges: bytes\r\nETag: W/\"8c182e3bfd2ddc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 544782\r\nX-Ser: i24679_c6956, i2103125_c28197, i1940275_c22701, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36869,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"4f1aa4276384bb56c1fd027c083cde6d","sha1":"3f53967600af5581e0848ef4dc1e9cba45d435db","sha256":"13daa84b3e879bf8e39f98adb1e85ff4f849afd81c4f62cb1f119ac97795a1fc","sha512":"da570a2b0e2df8f6c845a6cf76dcbd65c6bbd80a0ef93ad402ad4cfc7678b0e2447ff53cb1d35ee50c4618b1d9d34c256754438aa8640bc53c8214d81822d910","ssdeep":"768:iXJC4VE741yNyXddBBoAK5x3RO3JAnyZ7+pPPryJXVkeMg:4DVq41dbBU73ROe8SpPPe","tlshash":"eaf2f141aa23940eabbc202bec850c8aa04a775d9f7e67d3fdf1eb341c4c64625fb505","first_seen":"2025-10-06T14:54:36.58308Z","last_seen":"2025-10-06T14:54:36.58308Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5569,"timings":{"blocked":5533,"dns":0,"connect":0,"send":0,"wait":30,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/bg-line.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/bg-line.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/index.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 25 May 2015 10:04:32 GMT\r\naccept-ranges: bytes\r\netag: \"078132d296d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 389\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":389,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 7x30, components 3","md5":"815ed8d7271b6dc57986236566b24803","sha1":"9126c101c8333528e063513b0d943286f5424540","sha256":"3b8bfde0a153e293f44fea8278982832993df91ff4e628b5e48ea3542fd0db20","sha512":"831d73ba61c213798cae7a42f7868fe9d6afbc24f60a7ed0b10384ef81ded8e54bd895809214c4f0779a469facf1aa680702ec546bf5e8d1d1a3442715ff9ad6","ssdeep":"","tlshash":"34e0a7d65c1c9751dce20e32271752152b0a2e156450971d19934e91ec6a6dc2c81015","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.443844Z","times_seen":16,"resource_available":false,"data":null}},"time_used":344,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":344,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/1211/20241211013311808.jpg","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/1211/20241211013311808.jpg HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 12514\r\nConnection: keep-alive\r\nLast-Modified: Wed, 11 Dec 2024 05:33:11 GMT\r\nAccept-Ranges: bytes\r\nETag: \"4c9a2f2b8e4bdb1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28821\r\nX-Ser: i91568_c21609, i2103143_c28197, i1935851_c23471, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12514,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 350x211, components 3","md5":"5a307649be736d18c3e844102124ce2a","sha1":"e5e1d0877f956ecbd5a9a793d5d8e4d7930ded10","sha256":"16c9a6c8851d02ce7b20788991723d87632e4cfd250416d2abc9d33b44bdf195","sha512":"bd4fe5dd8b8e2fcea0a252d5cf335f9e3a403743d7c593f737a01fb70cf6847918a1760b1502c0343fe018916d2f60e638b97497e4f8f8ae562df43e88f996b3","ssdeep":"192:SK6mXTcGL1+O8gzIvDqcNX6aoCyGGlpoIs5DpK26DkFO4MUXz8Lar+qZe0Su:R64oGL1+O98q0qa3JG4pnkLUjUmTJd","tlshash":"5342d04182cbebd0347d1fd044630986c5756c1e17838cfea1dcae4a4dd183aedd4b26","first_seen":"2025-01-03T05:17:31.429165Z","last_seen":"2026-03-04T05:46:54.866946Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5470,"timings":{"blocked":5448,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/1118/20221118112846277.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/1118/20221118112846277.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 8080\r\nConnection: keep-alive\r\nLast-Modified: Fri, 18 Nov 2022 03:28:46 GMT\r\nAccept-Ranges: bytes\r\nETag: \"7f97fdddfdfad81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nX-Ser: i34710_c4672, i2475963_c28821, i1940251_c22701, i1935839_c22759\r\nX-Cache: HIT from i1940251_c22701(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8080,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8732c8d94818362122ab5d76d35c0b47","sha1":"e3f9ad97826ccde775c5f7e7de87fd488dd69ced","sha256":"b8fb13fab61e68f2f1f0916e25759e941ac69a2e642cf2d0a868459d15fa2fe0","sha512":"2d414fb560914026a6b10e5246cf24907569e470a676878be767b909415b6bcc21bf868feb9982271f23cfca989a54a034729e57f5d1c29f67379fb1996ecd38","ssdeep":"192:mWA+mfJCOPNuB+0qqQII32gE+sEpV5xz8HWB/HuxwyQ1g8:mWA+mBVNi+0qbIc22nxY28wDg8","tlshash":"65f190f3741c2c68da07dde726db54244af17ab626f0eb1a5cc18965752c033f76501a","first_seen":"2025-10-06T14:54:36.59071Z","last_seen":"2025-10-06T14:54:36.59071Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5642,"timings":{"blocked":5593,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/softicons/qqyy.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/softicons/qqyy.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 30 Jun 2015 06:59:02 GMT\r\naccept-ranges: bytes\r\netag: \"03fe13e2b3d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2229\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2229,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"43da0b84d9c12296be30f0db33661b36","sha1":"24f184bf707e440072f6e727a02949e43e6ef45e","sha256":"b7a2994b4299394817f68773a71335ce209d9ff643bad380c3cae2b793345012","sha512":"2bda25e479a37b75ceeba5df3a710b2607b5d7d23552c36d5c8e6f9a8eff1863b8494172a9539381e383df5d0024fce3a69461f52cb8ac981ba25aa409ebcebf","ssdeep":"","tlshash":"ea413e55a8165d480976cb50fcf950b5391dacd28c95001c0a63d3d73dec3477e876b3","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:54.914442Z","times_seen":15,"resource_available":false,"data":null}},"time_used":784,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":784,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117021839206.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117021839206.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 06:18:39 GMT\r\naccept-ranges: bytes\r\netag: \"80892c116abd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3009\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3009,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"c96e340a594d92e2b5648ee9ee0efe10","sha1":"d687cfa933d34178b6d9c657a5f8abd8d6ba6598","sha256":"b0befe2a2958c303c065ba61a97b1dfd95879d5a6a1df2225733089eb51ec5e7","sha512":"dd87afb0b3653943afcdf1f3cb0021f67efe4a2c0fe07c948f431cba27541d7f8569937ae97532a25a41b368026291005515a3fb37e046252f50131b5abda7bf","ssdeep":"","tlshash":"2b512c1dde803102900941971cfbe117abb11844faa4a1f6e887dd17157a6e9681cbfb","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:55.233799Z","times_seen":15,"resource_available":false,"data":null}},"time_used":805,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":805,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117034817940.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117034817940.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 07:48:17 GMT\r\naccept-ranges: bytes\r\netag: \"8036b69676bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 2142\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2142,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"865fbe71d9aea8707e864ddd2c804d55","sha1":"aee4d468299847677fa454565d560c36e0121b6f","sha256":"05ba70a4204d0b9713e500004014b56e13b2961bcdac3795791c778be1528ed3","sha512":"4e18aa9d9d25b07e41d15038f2c188a008e1f8821f23fc81513e5cd3e832daaefa1cf2d76d3986ddcd79811966c3216014b168dc220158d0bcadfa9dad077cac","ssdeep":"","tlshash":"36411a0da8c699d2ca88d51218e1a1bfaa37198082e5e033dacbdc4d3df40f65159d9f","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.491218Z","times_seen":15,"resource_available":false,"data":null}},"time_used":861,"timings":{"blocked":366,"dns":0,"connect":0,"send":0,"wait":495,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0619/202506191659470371633.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0619/202506191659470371633.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 29507\r\nConnection: keep-alive\r\nLast-Modified: Thu, 19 Jun 2025 08:59:47 GMT\r\nAccept-Ranges: bytes\r\nETag: \"635eb981f8e0db1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i91636_c21609, i2475923_c28821, i1940235_c22409, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29507,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGB, non-interlaced","md5":"1961354204996eaab1033d6bb897c91a","sha1":"778b500aa0dad2c832a472bfe5a90427689f3e8c","sha256":"a5d7797f54baeb073962dbf17b3cb9bbcb2324e8978b551a43e306d596780d91","sha512":"3b8b6230937e8ba6dabec626ebf142cbe27e38866b88ff68ec77f84ac9baa746c2387c75c812716e7eec69d4a03ed3d8e67b01cf6c371a6cf8c51aba150d092f","ssdeep":"768:oOSF90VVOgdwSGoOHSunqjiGweTCOkxsA:91A0Syuai5px3","tlshash":"a5d2f1583f0b2a61e5bac5c131d3067d6fc86b0da9f437087d13472de9a64a01c96eae","first_seen":"2025-10-06T14:54:36.598872Z","last_seen":"2026-03-04T05:46:54.985554Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5578,"timings":{"blocked":5554,"dns":0,"connect":0,"send":0,"wait":22,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0610/20220610095757371.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0610/20220610095757371.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 23323\r\nConnection: keep-alive\r\nLast-Modified: Fri, 10 Jun 2022 01:57:57 GMT\r\nAccept-Ranges: bytes\r\nETag: \"2ca493816d7cd81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i92408_c22643, i2475911_c28821, i1935851_c23471, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23323,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"7a06382c03f183d4e6985836c3a43697","sha1":"1e3e48985b3b9c3627bf801f0123ba956e50b749","sha256":"6d940007a8ab20d901add5b002e3121e917427d6f2b4868e617162311772cb7a","sha512":"92a52ccbd3cbd95673cb1fc50d64022d7fe5a71298023433858fd99da3b7865009deea2e77c280460d0fd41c50e384c856b7d0dc1ee5505c8f862cc4e5a27157","ssdeep":"384:BjX8c+P11Wx+fEspbyvjDG56kl6WD4BmPRpjApJyLxtP:BX8tWxuEs1yvjaYkl/Dempp0pJmtP","tlshash":"33a2e188dabb75103279d9326b61492dbcdbebee0fe1137e790583eddb0342c41952a1","first_seen":"2024-05-20T23:08:37Z","last_seen":"2025-10-06T14:54:36.60084Z","times_seen":14,"resource_available":false,"data":null}},"time_used":5634,"timings":{"blocked":5610,"dns":0,"connect":0,"send":0,"wait":22,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/css/index.css","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/css/index.css HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\nlast-modified: Sun, 04 Dec 2016 01:39:54 GMT\r\naccept-ranges: bytes\r\netag: \"091d34fcf4dd21:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2162\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8733,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"eaf2e435d2f0e2626ed6f43fd37980fe","sha1":"1357b6ef89ddf9b9d9b0f1df3b1aa28ca5cb30d5","sha256":"d002de574afa679d6e79949e5b9e86475860dd7a56b3bddad8a9d3b89ca4c0f5","sha512":"4732131c0a0d27449afbb6768e175e2570f424067a77a07360731072cafc4ed6a5da28ecee1628374d5126bb9e556848dca214ef186a21e72aa189010e0ec1b2","ssdeep":"96:nJfRd/uZMsnRFwdVRNpnfc0qSi8MJOg+wAfrkCBdGAeNH0oTekFhEqfaA3+4hBB:nJfnu3TURY021JOgIfZte50qrr","tlshash":"e30231b9e672209ff32767defb36578b5f0940879b4f0664fae13954d04909938312c8","first_seen":"2024-05-20T23:08:36Z","last_seen":"2026-03-04T05:46:55.340204Z","times_seen":15,"resource_available":false,"data":null}},"time_used":633,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":633,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0329/20250329093803169.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0329/20250329093803169.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 44393\r\nConnection: keep-alive\r\nLast-Modified: Sat, 29 Mar 2025 01:38:03 GMT\r\nAccept-Ranges: bytes\r\nETag: \"b7c194364ba0db1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 1146\r\nX-Ser: i90984_c21609, i2103123_c28197, i1935885_c23471, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44393,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"43dad6505d7b03f1ce610d86fd475592","sha1":"0177b879183d296236f705fc67ad36dec4f82e52","sha256":"301f9599d64d848c8122804a0bf0ca4a70b19b1eb260ee724211820909d47e2c","sha512":"17e5908bcabb0403a05f5c32e90c18dfb000478f47be21820e735753f09e00c92f1ca8993f6e39cb3ba01d7ec90a2c14d126e732f0c54d027c12eb3430f00d9b","ssdeep":"768:RzRlUGLD1eHsG32JkbD2g4Gx6odermse92oJWOC6CgOHmOwX+G/3I46wOq:SoDpG32Jkv286e7J92pL6MV+79","tlshash":"8313f1667d6f4a092210aa356cd709d29a370b6a9c8f069dd1735bcf08f542471e1db3","first_seen":"2024-05-20T23:08:39Z","last_seen":"2025-10-06T14:54:36.220754Z","times_seen":14,"resource_available":false,"data":null}},"time_used":5531,"timings":{"blocked":5510,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117022826989.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117022826989.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 06:28:26 GMT\r\naccept-ranges: bytes\r\netag: \"0a1d6f6bbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3031\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3031,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"bc67d8bb0e94b162870f102d8581622f","sha1":"135b8fcc6a24e09a726a56b61c722c7aa93f2434","sha256":"50950aad64002262dbbbe6c4cec1fbe1c01ae7364c47b7e41b11269c138cc7c0","sha512":"a485d9bbb78add62879524a20e59bea525c8e2a626fb4b42a73181d1d6f5e138fa6f0c9c20b2bc5bb4e73d74ebe081be4ff06d24dacac4bac5ffecbcf69bd9d6","ssdeep":"","tlshash":"a6516d4df648b1c095eccb3a3cdbd4e1586b49c48b5e60167d4a4dc26abc1fe261c5cd","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.33478Z","times_seen":15,"resource_available":false,"data":null}},"time_used":952,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":952,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117042553845.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.958Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117042553845.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 08:25:53 GMT\r\naccept-ranges: bytes\r\netag: \"807e64d77bbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 2464\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2464,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"b4473ec2e130593fa49c0ae31a79d2ff","sha1":"643463f6c35d662afc78081a18902333b9317cc1","sha256":"07c27618a0733b43fb07a203007549503c06bd5e1c403de4eb7b799644d824e7","sha512":"7e95bb7081fab9d1fd62078307e081f53f56331694e7312141ada8c6232e34a75f7aac75facdf51b11c3bd71a15151a150f0be37dd4619af866932d2357323a9","ssdeep":"","tlshash":"7d512a985ca0df0221e8f65c0ccaa413fc57ed99c4903cd734c6c5bf5a68ab96051acf","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:55.57541Z","times_seen":15,"resource_available":false,"data":null}},"time_used":866,"timings":{"blocked":516,"dns":0,"connect":0,"send":0,"wait":350,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2017/0715/20170715083036822.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.011Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2017/0715/20170715083036822.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 40733\r\nConnection: keep-alive\r\nLast-Modified: Sat, 15 Jul 2017 00:30:36 GMT\r\nAccept-Ranges: bytes\r\nETag: \"352518941fdd21:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: BC43_dx-lt-yd-jiangsu-zhenjiang-11-cache-4, BC195_lt-obgp-fujian-xiamen-33-cache-1, BC130_IT-Lombardia-Milan-1-cache-1, i1940275_c22701, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40733,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"4ef6fb019f966bee9aeb7dbc6d219c84","sha1":"8e78631ecbb5fb1c5df6ef1d5e5456c271032c0d","sha256":"30130675300d15b11a7564c284ae780f80c6a3c30830a9aa6e0855a17209e0f8","sha512":"a362e0f7d6ab874b7f837f3641cbf38afd8ed2fd7a2e7317b95ecb3936fae04115bcee9936ad585b1575315473be1d2e062382a7abafe8db1c435f4aedd5bb10","ssdeep":"768:Bvh0woDAdjnDhVmtRixf02D9BYy0eV6sxkGlFunyfX0cDqkM2yddfYI:kwzn+tRiK211xbFLXM2QT","tlshash":"ed0302561f00bb3c7c8e53dc21925edc2ae7857c0bac331341b39a686af62e9e527c41","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:16.737566Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5684,"timings":{"blocked":5656,"dns":0,"connect":0,"send":0,"wait":23,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2017/0116/20170116012611239.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2017/0116/20170116012611239.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 10121\r\nConnection: keep-alive\r\nLast-Modified: Mon, 16 Jan 2017 05:26:11 GMT\r\nAccept-Ranges: bytes\r\nETag: \"a02d32cb96fd21:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i34714_c4672, i2103123_c28197, i1935851_c23471, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10121,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"fad63cc6f7408c140e7513f6eb094286","sha1":"041c791f32f14aa41a5d9a7c21d35bc5d3593e7f","sha256":"c901f51d3ccf9909a0e4c49933972321b999719316262fcdac89eb96ee186dc9","sha512":"c699753e1eccdbec60bba89825e277a3ee5af98f2bc5e64460ccc1fcff4a55f8d15271b298380d2a07057c10fd259f5380e203a2b14353f9cc9dcd4640912ba8","ssdeep":"192:hDCPFn1CgKFwmzmFshMA2mXgYKhrFjHJ8MCdhkzBWdETiUaq2dnpSfO:h291mbzmKMATQfhRDJAUodETxaq2dpL","tlshash":"f022aec23e970967f4e6c31b726730c949346abbb5d128da387c2424c22c47aa3fed55","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-03-04T05:46:55.064201Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5834,"timings":{"blocked":5806,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/icon-classic.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/icon-classic.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/index.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 18 May 2015 03:37:46 GMT\r\naccept-ranges: bytes\r\netag: \"0a14211c91d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 1786\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1786,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 53 x 52, 8-bit/color RGBA, non-interlaced","md5":"7e1659d3a27469d550b742c190570da4","sha1":"faffda8e2c00ff0fc92df54e6f0c287e23c5c070","sha256":"bc8bdf667576c5f1276c2147647288a814e8c207184a8f59d47abb1fa2c23c5a","sha512":"b21d597c617f3ad3572ce684ff01ce30b30efc70217e43ac4ee35918ab652e0f6b5aadd42d8e98121224390b7e0f72cb75f59f59b71ba8a1701678e93a91030a","ssdeep":"","tlshash":"cb31e98dae44390269eca6f22ce78427560b8e00d940dcf77ddfcc195ed16610a7dca7","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.597268Z","times_seen":16,"resource_available":false,"data":null}},"time_used":336,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":336,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012033534313.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012033534313.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:35:34 GMT\r\naccept-ranges: bytes\r\netag: \"0e7dbbd3bbfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2994\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2994,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"d01c6301f448698a1cc2bafd760b489e","sha1":"21b433f58b528222fb3aa229384264676661d1ab","sha256":"0667a4f7841354b3709260a793cf23b9211c0a9cfb0ad936be39c93d5ab2e217","sha512":"b7f587e86315cc355fb1713018394fa8e8d88b962e2116debc85897152f165fbe14578c9b16864a837f179a7a890be2486580c96b7554ef476fa4afbf01dc142","ssdeep":"","tlshash":"0c512a089885f88042cc5e4574fd8023541bc680c3a9a2b2dd8eed77b6271fbf97d4da","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.333858Z","times_seen":15,"resource_available":false,"data":null}},"time_used":839,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":839,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0902/20200902043357395.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0902/20200902043357395.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 8528\r\nConnection: keep-alive\r\nLast-Modified: Wed, 02 Sep 2020 08:33:57 GMT\r\nAccept-Ranges: bytes\r\nETag: \"4274e6cc381d61:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i64208_c23533, i2103119_c28197, i1940237_c22409, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8528,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"497d00d543b69a7db2ee39a9a132e6e5","sha1":"ebf06f717a092b563a8ac2257ee7c8a0e0d36d50","sha256":"8b2ac9b3da489d008cdc8d2acb95d91932edd4b382228fd6eb4f00638b2ddc5a","sha512":"4f69db89329f45d667c2693bcd44cc21094e8b7a0be967de0dc8ef8182a85a1d1479f8cfafeff0ee060111456280a02c60cf16512658e7a0b466c4fb184f62e5","ssdeep":"192:2qnjnPakMtPF9qwIcWbpE0fz+qrVW57MHlI+sNU2TxQU6RbibT02QgqtOzNxEf:2ijnPakMhF9pIJ77r27MFAfNR6RbUXEf","tlshash":"4202ce63e79930a80c8f9f61f6a196566c1c9a16c180bcbf11abc4c52910b8f6fb4836","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-04-16T01:23:16.824926Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5055,"timings":{"blocked":5033,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/1112/20211112014550132.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/1112/20211112014550132.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 12472\r\nConnection: keep-alive\r\nLast-Modified: Fri, 12 Nov 2021 05:45:50 GMT\r\nAccept-Ranges: bytes\r\nETag: \"4882668c88d7d71:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: BC144_dx-lt-yd-jiangsu-yancheng-8-cache-16, BC201_lt-obgp-fujian-xiamen-33-cache-2, BC132_IT-Lombardia-Milan-1-cache-1, i1940265_c22701, i1935945_c22759\r\nX-Cache: HIT from i1935945_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12472,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"89041b90d5a9d267370641a20d2c44f4","sha1":"f2fd4fe5861acf79e431d51966654c0298a12fa7","sha256":"8711786004b221923eb457c1da9191c87824ef3dc26fad06367840ea7942e156","sha512":"6836e43be3973c612c013cad7707834b14047c8c08b61f4f1492f60b385e83cc520601a734c880b0cedc17297764874e3df6606beb136bbc59e1d05d3b14a71f","ssdeep":"384:CaM4gA1L8gYl1UH5LdG+VexDb88hirr1aj/K2:84gAGgYlU5RGF1b8girr1abp","tlshash":"6342afd2902e8f24389f0d9193dd48d5d5580d33b786bb5cac9e8eb7a705e5c3c90689","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:16.79591Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5774,"timings":{"blocked":5753,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/css/rank.css","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/css/rank.css HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 12 Aug 2015 02:34:28 GMT\r\naccept-ranges: bytes\r\netag: \"052069a7d4d01:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 1235\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4321,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"99ae5e57e840d04dc61a3aa883a595ac","sha1":"b1a853f94fd98b7d5113d727298a3f698baea130","sha256":"db585a20a8eefa34af1c175f8ee3995c57332aeaa511a52f44e3228538c2411a","sha512":"5edfcf8d9bfaa275ba40aacccaa9eea97c4d558e03535a3071483f7e84cdd68c99ddc95a28c38ac104795654a467b3f1cc7d32c2bdcced716583008dcd44330f","ssdeep":"48:jEhZQcBR0e02RLcZTA55kH9R9ew7oXM56M3MHXyi17EzGVUJD/rniLWLBtWC5eiW:ozQcBB00wZK5Ap3KhqnBp1t1wh","tlshash":"0191346cc7033187b232c4a95f63d642ca6c9087960687bc7fd132e44f7b4689a96fd9","first_seen":"2024-05-20T23:08:36Z","last_seen":"2026-03-04T05:46:55.43253Z","times_seen":15,"resource_available":false,"data":null}},"time_used":916,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":916,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/0613/20210613081359791.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/0613/20210613081359791.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 3047\r\nConnection: keep-alive\r\nLast-Modified: Sun, 13 Jun 2021 00:13:59 GMT\r\nAccept-Ranges: bytes\r\nETag: \"3c8b2d2e95fd71:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28821\r\nX-Ser: i91504_c21609, i2475927_c28821, i1940245_c22409, i1940231_c22759\r\nX-Cache: HIT from i1940231_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3047,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"a44dc8d2f3537d6bf7b4781273055c98","sha1":"0764a65211b161f57900efba2175e552c4bcd453","sha256":"b760d9df424e4abdea4c4727312d51fb24a88ebd28712afe5cee17dce05068df","sha512":"b65a62889016270e15aaa7d93518c9ab949eb6b55bf3033c02bef8fcc9281a0a25c9b15670e50a0ebd6fd47cbb8579be1fac5d88ff98bff13256424292dfa9b1","ssdeep":"","tlshash":"cc518e87e796e71c4e83861872339517f615b86d3907455fe7326c215846eb34cb3234","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.554027Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5092,"timings":{"blocked":5072,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0523/20250523020231875.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0523/20250523020231875.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 39445\r\nConnection: keep-alive\r\nLast-Modified: Fri, 23 May 2025 06:02:31 GMT\r\nAccept-Ranges: bytes\r\nETag: \"e56f4645a8cbdb1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28818\r\nX-Ser: i8684_c18005, i2475923_c28821, i1940263_c22409, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39445,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"1c3f2aee967dd714d880b756f047bbe1","sha1":"8395b8cf6374f43e68e97b5a970b27521a01bfcc","sha256":"0b92a6ff66d4e57f76d7dce3d2ddb08a0d881bb01f97570ab483f0d4a88f6ca4","sha512":"24b7dbe3a9d5a0c5161d42f67c79d6df1f631c30a7d6b9022f38b26e35f937df8f88d770e5a5fa57857028d544ff0115c564dd6117109b7221d01ae368ef0e82","ssdeep":"768:qDHsuI6V1FjDpopw+MV6sU4vkL5tXrzz1ol8wx7N1H32FWDze5zMDOai4vu:qwmLRoibVBUWkLXrz09xnWWDzwai4vu","tlshash":"960302ee0ee0fb04248760f462500dcf885a4833a8edc9d75442fda7264ed6d3c9e623","first_seen":"2025-10-06T14:54:36.623825Z","last_seen":"2025-10-06T14:54:36.623825Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5151,"timings":{"blocked":5113,"dns":0,"connect":0,"send":0,"wait":27,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0623/20220623044526698.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.007Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0623/20220623044526698.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 11324\r\nConnection: keep-alive\r\nLast-Modified: Thu, 23 Jun 2022 08:45:26 GMT\r\nAccept-Ranges: bytes\r\nETag: \"30b6dc95dd86d81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: BC152_dx-lt-yd-hunan-loudi-17-cache-9, BC195_lt-obgp-fujian-xiamen-33-cache-1, BC132_IT-Lombardia-Milan-1-cache-1, i1940265_c22701, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11324,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"ca9a427a73de097e873611b9dee86aa0","sha1":"66b9278d0559a62e3f2d7df413f202310bf3e35e","sha256":"2176080dc4cec495688347bc2c6ba2812734dce45856b5382e3903f8eb03b7c7","sha512":"c79e0edf75feb161b465753b096f82a9cf91332fe7e4affda0cc33594c839635658a944954b148909a4a6a1c9c32f09027e4bdb868382d31f301ab0b4a3a6857","ssdeep":"192:U4inR6/lthbynZx/GtE0eCvpaKrcvh0IBW4CHnW7elYRqmY4ekzN2x0xPF1:ninUlCZx/GFYJhpBW3H8eOHekzIW5","tlshash":"e232ae74da57fd325e0dbf43c58e07d77b145c08a892ea9cd1998e232b238eeb011998","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-04-16T01:23:16.844975Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5039,"timings":{"blocked":5016,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0411/20230411025930490.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0411/20230411025930490.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 39775\r\nConnection: keep-alive\r\nLast-Modified: Tue, 11 Apr 2023 06:59:30 GMT\r\nAccept-Ranges: bytes\r\nETag: \"f52c142a436cd91:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i64294_c23533, i2103123_c28197, i1940263_c22409, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39775,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"aa2242a25a64bb1885e59b882985f9a6","sha1":"dd1d3994d225153fb9be40956ed172de67a4ab16","sha256":"04e20b9992a139624d8c48179055c85581668d1ae58a989f8e483bb66b492c09","sha512":"3365a310b1b513706f69bee35cb6d8a67156edb536ea397f68b6122ae76fa0a5ab578a800d2d788fbe7ada1bf6035fc3f468d274608a9a6d2eafb3f5960711ff","ssdeep":"768:SjDTn3G8BNRxabOtngBe1SMMnT39x54cCsyn4iVrI9y0nBJJ:SD3Gon91SMMnT3354+au7/J","tlshash":"1503f1827379ef7a6a08f9f291525cc1600c67d03ab1e406d894196f5172dfc6f2cee5","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-03-04T05:46:55.497978Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5734,"timings":{"blocked":5697,"dns":0,"connect":0,"send":0,"wait":32,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/l1a.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/l1a.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/lib.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 15 May 2015 10:10:29 GMT\r\naccept-ranges: bytes\r\netag: \"80d8a95ef78ed01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 1273\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1273,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 4x18, components 3","md5":"97c8e0b4abe961ac495f2d5218417327","sha1":"2d5bc883f18b3acd14511cf7ccf10548835e98c7","sha256":"b843342e125407faf47afab260a6ce8e3f8936a728265e29970a58420b7c25e3","sha512":"2890dc80fe22f1da38339cfa68d75d17d2811c6e05eff241d18e1d893c35536ceac502f52a6884a25f7f55edbe048623e0f711ea8899315cbcae9e30931a0290","ssdeep":"","tlshash":"5721140efa427b02d8a8da3334f3561f5a1585c0f9d0ea9578f99c1758701f50d2a1df","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.469642Z","times_seen":16,"resource_available":false,"data":null}},"time_used":342,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":342,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/dian.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/dian.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/lib.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 20 May 2015 05:00:02 GMT\r\naccept-ranges: bytes\r\netag: \"0f52bd4b992d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 347\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":347,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 9x9, components 3","md5":"526d98716291898231f367cf4d464192","sha1":"6a1577ebeccc71f30e1c58763693dabc0eaa5e05","sha256":"5ea15d3d4d257f657f91d8584541e0bba43c79934c0d21bb9fcbc4cdc6c271f0","sha512":"752ff94deb251d41b6ec3db1fe5c7e0cec37fa156fc528c72740ef6970d786eed2b66b7e30465f515a8885bb268f481074391af04357d92609c76c2ae7f3d0cd","ssdeep":"","tlshash":"74e012775e1d10d2e8730a35475426582347190cb6954f1e96aa6990ed359db3d64202","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:55.470219Z","times_seen":15,"resource_available":false,"data":null}},"time_used":481,"timings":{"blocked":11,"dns":0,"connect":0,"send":0,"wait":470,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/0324/20210324032238733.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/0324/20210324032238733.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 36209\r\nConnection: keep-alive\r\nLast-Modified: Thu, 28 Aug 2025 00:11:06 GMT\r\nAccept-Ranges: bytes\r\nETag: \"f712bd3fb017dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 31042\r\nX-Ser: i23545_c18005, i2103125_c28197, i1940245_c22409, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36209,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"4307f4c707c73d423aad4d25c4338687","sha1":"97773f1090e1ec5c22569d62573937cf7c6b55e2","sha256":"2e8f8da5873245a8f4c5a11820cd1be976834174249d345143c0d00872a9c561","sha512":"c26c1b358743a44ed7cb864387bcdf7afd4ee8e16cdb26b40c53d9cebce6e3f2c8e04af279d3c6ed54dbd34b68a0c5a9336a95f2c52c45679c8cc7e2020db627","ssdeep":"768:JlerOqitbTcoQE83JbX5aKKhMgaTBopxwv1D3tBxeCfLDKN/G:XoOq2Tcbd15axi9FokrkOLDKlG","tlshash":"dcf2f16e7f66537a0d2c1f7e79df3a1658a20f200a0a11f71ce22ed194a91a40fd17ed","first_seen":"2025-01-03T05:17:31.287139Z","last_seen":"2026-03-04T05:46:55.486999Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5170,"timings":{"blocked":5130,"dns":0,"connect":0,"send":0,"wait":34,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012025721246.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012025721246.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:57:21 GMT\r\naccept-ranges: bytes\r\netag: \"80de1f6736bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2694\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2694,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"f82815cebcc5fda1d98ce1ad9fcb8ab5","sha1":"951ade80a2b567c69e0826d0e40bb1db4bd79b15","sha256":"05796ed231eb53e81ba4f889030f8d6c968d77dc28788f94560db84a64c055c2","sha512":"5ba8219d68bd1f1adf976191854a2ea4c1107008381bbb2ca3053d9b7a823408cf21de8189aa804ff6feb3e0a45792ba73f6ce746c3d4343912b9fc581c23482","ssdeep":"","tlshash":"8751086ee852aa92814abce309f750237d327d92e6e5e09778cee11185220e41c596ca","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:54.870764Z","times_seen":15,"resource_available":false,"data":null}},"time_used":781,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":781,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012030211892.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012030211892.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:02:11 GMT\r\naccept-ranges: bytes\r\netag: \"805bfa1337bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3453\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3453,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"103c6df7bb4d8b7eda7c2a4ed249ed78","sha1":"de3b1156d8d5bef41c9d7c6920ce6cfd23bcaae0","sha256":"534dc5f5f59c21507779f7a1d36ac90550775923a52fbf4c61388da20be4825a","sha512":"31349d85fc7b8f1c86c881a717f2b71e7918f98ce597c5758fe890e4bbf4bb236571d50dedad416748a78518598ddaccc403876f6acea840f5ec381402ce0c3e","ssdeep":"","tlshash":"49612949fa01144064cbc75204fb2167dc7b5ef0f7806e7d7aae48059db0ec605a9acf","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.190611Z","times_seen":15,"resource_available":false,"data":null}},"time_used":767,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":767,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117031601160.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117031601160.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 07:16:01 GMT\r\naccept-ranges: bytes\r\netag: \"80ec41472bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2012\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2012,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"a142dd447930b51a78ff809cc21b872e","sha1":"fac63b8a598f98dcdc066f95a093853cec247b2f","sha256":"8a195a2df2ddf0d1a4d09b7a84ddb0645146a221d7af2455052975220706972d","sha512":"43bd31b3d3ab4ee13a2b39c1a7bcebf95c77bf2c9e46026a0cc479081acc6e853983b9fdda88f3670f655d60de6e7d13abd35f46fc6ec25003dfa0e1c8cd9458","ssdeep":"","tlshash":"ae41b60dead019906168ad4618ff9027dd774894e2f5bd7ef8c9c8091d3627050e9aef","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.278295Z","times_seen":15,"resource_available":false,"data":null}},"time_used":834,"timings":{"blocked":374,"dns":0,"connect":0,"send":0,"wait":460,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/1005/20251005013919706.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/1005/20251005013919706.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 6452\r\nConnection: keep-alive\r\nLast-Modified: Sun, 05 Oct 2025 05:39:19 GMT\r\nAccept-Ranges: bytes\r\nETag: \"4c9a9865ba35dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28817\r\nX-Ser: i37228_c28455, i2475963_c28821, i1935859_c23471, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6452,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"ad4009e3ddc7e314334385c4f9939d61","sha1":"0a6997619697244da7e24d788fbd9e15968287d7","sha256":"fcd3d2e1a41e2233bf64e0c34856e07a367f0bcf7001ac43e70a6b7fa7a81428","sha512":"3b9bd206ba5060797bc0392e33061634225ab144cbe8a099fb30389e7bd33a81cc4045f961fceb837934b0cea929923c7793b2c8dfb904cf06d27c8f3558ca87","ssdeep":"96:ZKkx9hxtukhRM5WlhE2ac8wYhVwMAmrvkoUcME6MMKE8tcCglOvA9/3uS:YkzhxtukXmWlhLV8vVjkLcifCgUC5","tlshash":"f5d1afe852c6331b163e2feaa3e7cb255027fbeb7c12634536841d9a0754e922948c1c","first_seen":"2025-10-06T14:54:36.641261Z","last_seen":"2025-10-06T14:54:36.641261Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5199,"timings":{"blocked":5177,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0924/20250924081723772.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0924/20250924081723772.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 2484\r\nConnection: keep-alive\r\nLast-Modified: Wed, 24 Sep 2025 00:17:23 GMT\r\nAccept-Ranges: bytes\r\nETag: \"e666e099e82cdc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28817\r\nX-Ser: i32011_c12732, i2103123_c28197, i1940273_c22701, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2484,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"1646b5e681089131d78c40412fde6b2c","sha1":"7a203cb910aee1fdef35befd3166f1b45c8d7a56","sha256":"3a2e1ab53de51d0899842aed4bdabdaba9b658fe4b1cd2982a41d888631c34c0","sha512":"50b3e886216144b5ec2449ed89fcbd6566329e1b512bab3eb234def52f959d30030860aa746dc556a23a1e88796c4f19d3692282bc57bd52e9dcdea33eab06ff","ssdeep":"","tlshash":"a9511931e284dec4519c05bcc3aa673ba163da1f4d44d01dcdf430e421258a9af95bdc","first_seen":"2025-10-06T14:54:36.643255Z","last_seen":"2025-10-06T14:54:36.643255Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5215,"timings":{"blocked":5195,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0118/20220118110623329.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.768Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0118/20220118110623329.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 18 Jan 2022 03:06:23 GMT\r\naccept-ranges: bytes\r\netag: \"8061985f18cd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2496\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2496,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"4d6d9827a039454fcf06907594a6c534","sha1":"8a7a7aaa9fbfbd4422d4b40d8e75b5c139dee55b","sha256":"db1f0625743e93f238c622d4140ffa3ea6326db1b3975198687f3bb30f65c3eb","sha512":"c8b5397e5df7b32f49eed558fc6d6ce178975ac4804d507b881a9539d95508206c6df6e7a3e336e14eb202953c34730eade4bea4129f61ce612b5f530b6eee2e","ssdeep":"","tlshash":"b6511a8abec21e42e18ed14428e731639d231c4197e4b350fdc5cc523e695d652092ea","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.622475Z","times_seen":15,"resource_available":false,"data":null}},"time_used":587,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":587,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012030124398.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012030124398.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:01:24 GMT\r\naccept-ranges: bytes\r\netag: \"0baf6f736bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2326\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2326,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"b272e93dd610a35ea9e15792ee211a95","sha1":"d5d5ce6588c491b324f071bcf40fbdc1f79e8551","sha256":"0d98ae265a4b3ffdb9fbf6b47c5964ff58e20783caef2a264a1915d62f84c2be","sha512":"39407cec54c98b5190aad988c61872b4c4f4854a150a48f479f9db738e477cfb3f1d344cf07408b11eaa92cf7003ffbc68d51e31a23886ec39879f9e6e30afe9","ssdeep":"","tlshash":"d441d60caac4f481d8cf94d600d664534ea3d4d096e2686bbcafcd172d612bb8015dee","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:54.917205Z","times_seen":15,"resource_available":false,"data":null}},"time_used":754,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":754,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117021853938.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117021853938.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 06:18:53 GMT\r\naccept-ranges: bytes\r\netag: \"80c484196abd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2471\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2471,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"bc00219bc2e3d67f98e60f320d724fcc","sha1":"b85a1c388f7b9a1921519f8e24a5a4637bc82ab0","sha256":"c237bdf3865c361262ee51e745499fd1e0411fe308e24e7b19aab206b916823b","sha512":"d42146b7ee28453878a9a1369ab87c38b3da0283462d84ddb7db2bcbe97800f64465d7eed02d0a7f704845844201b15c298c0e07ff43754688f942e1d8a27771","ssdeep":"","tlshash":"f7513b1eb9406c43d29de7b12cff80239b736a8186c474cd95eedd2944508f0825afce","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.291461Z","times_seen":15,"resource_available":false,"data":null}},"time_used":805,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":805,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/0720/20210720101258294.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/0720/20210720101258294.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 6775\r\nConnection: keep-alive\r\nLast-Modified: Tue, 20 Jul 2021 02:12:58 GMT\r\nAccept-Ranges: bytes\r\nETag: \"c9d064c2c7dd71:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 156993\r\nX-Ser: i32021_c12732, i2103121_c28197, i1940237_c22409, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6775,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"e538c195774bc954bfa17a46c6c7a3ac","sha1":"4f5c75a1067baa97655679f3d56b37f787aea06c","sha256":"d91c5d78993135c607d9ab09b45d22331cb96dbd5cc8f251de1b283f80085f9c","sha512":"d503668301df1767183337c939ff6aaa63362e9209bccd7f071309d2eba669b8ac4e415dc00d7cab913abf5ab712f988a7e5c0d3c4a9f382297528a062a39c45","ssdeep":"96:SaKmKEqClMf+MQqrtinX7mIRC3uOpc28+KIsxCC85AhuA8XHpnoFjOF47FN+Xo4q:Sak6GbQqrqrRUp6+Klg3poFjy4BQMrPh","tlshash":"d9e19ec36c88e575025f6c6d2fd78091893868a1ea643c424c1f10a48f2dab58fad7fe","first_seen":"2025-10-06T14:54:36.650575Z","last_seen":"2025-10-06T14:54:36.650575Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4992,"timings":{"blocked":4972,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0806/202508061651447646886.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.998Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0806/202508061651447646886.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 29447\r\nConnection: keep-alive\r\nLast-Modified: Wed, 06 Aug 2025 08:51:44 GMT\r\nAccept-Ranges: bytes\r\nETag: \"b52c1656af6dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i34690_c4672, i2260953_c27847, i1940251_c22701, i1940231_c22759\r\nX-Cache: HIT from i1940231_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29447,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGB, non-interlaced","md5":"0f274a91762c5968d53b57f0608a7c97","sha1":"fe16eefebba1ab15e16d1cc8ef3ba822ddce4b11","sha256":"f4b012e360decf9a0a464e66f1153859f8fcc61f66205d4ba1e3c4bff79a2e88","sha512":"10af715a4b663965544c035dc04678b7fcbd50a8d7d244ad45753fe5a00c8e7c433975ca2641cb659a7c8381204cda584ca45236df9ea1b41b016c09b9854db1","ssdeep":"768:o2g1posGjWVrew3Ng5xtS7y7o3VCtH2uxnq+Hv2EscfE:4pHLo1kYDq+HOEq","tlshash":"edd2f1e6a40088af500eab55f739d98b058fe61ca597353f34a19734317e4fdb02f698","first_seen":"2025-10-06T14:54:36.652775Z","last_seen":"2025-10-06T14:54:36.652775Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5590,"timings":{"blocked":5567,"dns":0,"connect":0,"send":0,"wait":21,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0812/20200812044122675.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0812/20200812044122675.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 11054\r\nConnection: keep-alive\r\nLast-Modified: Wed, 12 Aug 2020 08:41:22 GMT\r\nAccept-Ranges: bytes\r\nETag: \"2626b5b8470d61:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i37634_c26321, i2475927_c28821, i1935885_c23471, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11054,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"221814c3e13523c3b29826eaf604b196","sha1":"1cc0f743c8790e4556f0b2a4b1b6e92da35012f1","sha256":"5732190e83688a7596d8ccbd4c01a2670ae518f4c9571a103c7b30897bd7ab70","sha512":"f302bdf8e11e6ed3df30e74d809b240f4e48e68f81df45f90a8f2f46fe1abf833431e57bf8623eff5557620ece936b44b9a0a41fdc5eac76abadd9ebd71a719d","ssdeep":"192:E9tJhI7eXF1P5RKCgdBBa0c9R8Fl3MgyPmiQ9y5rYsXHMG0hV56XSt7/a:EjIShRKCOa0qR8FOnvY2sG0hV2p","tlshash":"4a32c0ecb1ec98ec14311a7a379783c6c5d597a6b78b159d6f41320adf51d00a81f2e0","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-04-16T01:23:16.989026Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5011,"timings":{"blocked":4988,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/0613/20240613085720165.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/0613/20240613085720165.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 18708\r\nConnection: keep-alive\r\nLast-Modified: Thu, 13 Jun 2024 00:57:20 GMT\r\nAccept-Ranges: bytes\r\nETag: \"cf8f2ba52cbdda1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 15650\r\nX-Ser: i24687_c6956, i2103125_c28197, i1935851_c23471, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18708,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"2bd9cc57b003375047103802a5e81cbb","sha1":"2d3aed3955656578aa19ce596c6e22f647b30263","sha256":"58e6a8d1d74410b5090f71ca7c1f8e86e5758290cf59721d434a1d634e3504a9","sha512":"50d353897447dba8ead6682374f021dca78211585e27cffb9ce533a60b05bd9a729e7b6ef4b75bc51a8c1c74bc8fcda7f97a3b3d57e0e410a4aad1cfb91b06c9","ssdeep":"384:fowqE1Fcj/ixEGcqhmVH9U5rnUL9/Ctwr+sLXxmcy3tTNNfY:QwqaFcbiaySU5rg9/CnwXAcyBNtY","tlshash":"6982d021012f62fc1bb356b01ae7287b503350ba645e983dd4ee57138f605ac6e1e2ee","first_seen":"2025-10-06T14:54:36.657463Z","last_seen":"2025-10-06T14:54:36.657463Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5536,"timings":{"blocked":5505,"dns":0,"connect":0,"send":0,"wait":30,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0930/20250930111110617.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0930/20250930111110617.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 23082\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Sep 2025 03:11:10 GMT\r\nAccept-Ranges: bytes\r\nETag: \"37f9e2deb731dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28818\r\nX-Ser: i32015_c12732, i2475941_c28821, i1940265_c22701, i1940231_c22759\r\nX-Cache: HIT from i1940231_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23082,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"13bd58bfb152159c43a127937f5a2fb9","sha1":"55340fb441d26698afa671f00d464035115dbaf8","sha256":"d6fad8d4ee1126998c38290db59a927d6d21f93b37400f8897792fef9011310c","sha512":"61dba8276d719f132b0dc0e4c4cbb1619782ac46fdc6d893acab869a36d30992d925b34ff10ecdc418c8e3a99b365611cdd6fecaff83415494dccbe915e0ada2","ssdeep":"384:yq/82D6lTvL4zU2Cv9MVljMdtNYPMvIc2SnPZuS0F6uVBG9+:yspExM0dTGMQqIjrVh","tlshash":"a1a2e176206f4726309b911a590987e9a0f2b50c6b20bf7f2062a1d3f7d5a31e1cdbd5","first_seen":"2025-10-06T14:54:36.659953Z","last_seen":"2025-10-06T14:54:36.659953Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5595,"timings":{"blocked":5572,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/softicons/wnwbsrf.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/softicons/wnwbsrf.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 30 Jun 2015 07:02:14 GMT\r\naccept-ranges: bytes\r\netag: \"01f52b12b3d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 1173\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1173,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"2d90c60ecf8555b8d8fe1c7471871d1f","sha1":"14b2808761d42dc60a2012ba7b9a7ec383736a3a","sha256":"cb48b9e93a510f2730f714dba1e2a55ed6df8dbe54141e3acdacc887f4b1ac37","sha512":"6c82b47f1be818b290abeb981eb30eddc06c96188f339468607becc0d9e4ee22fd2144edb1be894cd452d1564a1bd778e9095715e74d8e1fe58621a33915c2a4","ssdeep":"","tlshash":"4621b45faf4982a1e4430981486375e60be8a7613167c606e92f2e489074e07ac31413","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.487948Z","times_seen":15,"resource_available":false,"data":null}},"time_used":697,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":697,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0523/20200523021316170.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0523/20200523021316170.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 3099\r\nConnection: keep-alive\r\nLast-Modified: Sat, 23 May 2020 06:13:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"dd50b73fc930d61:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 178324\r\nX-Ser: i25509_c12732, i62516_c26647, i1940255_c22409, i1940275_c22701, i1935945_c22759\r\nX-Cache: HIT from i1935945_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3099,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"da070c70243957b89f9cb04159511d63","sha1":"b6822f436294af1fe4b0c4967268ccc1633fb242","sha256":"9875187e2e4e4f3fc63d43df76ddbf24cb7c5142a1a0a9e72e9ebbe826a6fdc3","sha512":"42f323c1604b245b2ee761edab4557218282e795639f21d64dc3ff361f7fa182bcd50a30869eee3ca64000098935d0519bd651c6b7ff2256ba09f7ede4d80135","ssdeep":"","tlshash":"e3514ce7196d5961c16ae258839917f0ba2176641fb841c4786ebf81a33cbe0f1210c7","first_seen":"2025-10-06T14:54:36.662851Z","last_seen":"2025-10-06T14:54:36.662851Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5010,"timings":{"blocked":4990,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0714/20230714051901493.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0714/20230714051901493.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 40045\r\nConnection: keep-alive\r\nLast-Modified: Mon, 29 Sep 2025 05:31:23 GMT\r\nAccept-Ranges: bytes\r\nETag: \"3ed2234b231dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 156993\r\nX-Ser: i92716_c22643, i2475911_c28821, i1940229_c22701, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40045,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"65a8a430fd2c01ef207fc2dc94cf01ff","sha1":"b122107253a01245a282b7e686e22ec8cd98d50d","sha256":"88c33e8beaafebfa03bd1b951110d90268a2b43523cbb605a6aac86239ee1e80","sha512":"adeff59c595bc14e697573a85028b488e3579fc132403cbce89760b96ffd693f2d2a8f83827e2d0edcacee46692a25e76adfc3f99c3efa725f18691c8d4ffc06","ssdeep":"768:XyN5mmBpON5AcpEWf7vCW6Bnsvr26r/PmL8N0aZ04ZXKiRVI7BGc5Ox5/S:X+5mgY+O7T6Rsz26K60aZpXhqBka","tlshash":"a70302570e4aa2adb993b8dbe56f63c8d713d9fe24165924e4fbe4b088b005f0186036","first_seen":"2025-10-06T14:54:36.66514Z","last_seen":"2025-10-06T14:54:36.66514Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5529,"timings":{"blocked":5501,"dns":0,"connect":0,"send":0,"wait":23,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/1201/20201201023909179.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/1201/20201201023909179.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 9944\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Dec 2020 06:39:09 GMT\r\nAccept-Ranges: bytes\r\nETag: \"316937acacc7d61:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i91166_c23533, i2103141_c28197, i1935879_c23471, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9944,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"6c81d66cacbaf0d6275b1cf81d7de8e2","sha1":"564684fa350fd1850b4a91952f23de29c0fd2171","sha256":"4345594bc8f49c502234dccca66a59ed8c6ce441b24e9d5a8f6e056b52b47898","sha512":"c890db99e6795762612aa8f5b528f3939c05c4227c154a8677bf5e753462cf555cedab3d63d9a8b0fa87b52e8194fdc6934de9d6376998fc0c0a93a6a08d1402","ssdeep":"192:A9eqVN1wl/cvH0hWSP+HdXQBDMBWccBsTYYb5SKpXUexne8dz5ew9kqtb:A9eYrwtc/0hdmHVIMBYszHyexne8fewx","tlshash":"5922c130b08f53c1cf85045a5a764cb5d554aa6111387d6d429becf491d8dd7c44edb0","first_seen":"2025-01-03T05:17:31.382324Z","last_seen":"2026-03-04T05:46:55.006412Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5083,"timings":{"blocked":5061,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/0927/202409271000363078498.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/0927/202409271000363078498.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 24514\r\nConnection: keep-alive\r\nLast-Modified: Fri, 27 Sep 2024 02:00:36 GMT\r\nAccept-Ranges: bytes\r\nETag: \"682d42b8110db1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: BC152_dx-lt-yd-hunan-loudi-17-cache-9, BC195_lt-obgp-fujian-xiamen-33-cache-1, BC132_IT-Lombardia-Milan-1-cache-1, i1940259_c22701, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24514,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGB, non-interlaced","md5":"8b0cda66dcc7b35a9da47e2af7319fcf","sha1":"57517d42881b8c36abf47ee1a5d2b71c48899c27","sha256":"c10254c447be4e0e879c67f11ce0989d03c158bb9206cb01da1aa0dbb891eafe","sha512":"964ab43df85102f3a1f239ec9bec13dddd852df82df9f4fc480dbae5fcf3981f4df8f29a94f95c69972c8b547a4fc3878bbffb0c7452df588a3ccf2a2efd3163","ssdeep":"384:oE/3EDmecmFjrvOqGi4JAvH4xFoPPW004kzq0kHlaLU5c8HS5CrZtnwqzdk7u2Mr:omEa6VrTGilvH8KXW7zqLHezx5GzdWwV","tlshash":"fcb2e10a29f7b8d50d113198a9b42452583967d92437335abd7c3cc63da7b40daab7c0","first_seen":"2025-01-03T05:17:31.452008Z","last_seen":"2026-04-16T01:23:16.830818Z","times_seen":4,"resource_available":false,"data":null}},"time_used":5657,"timings":{"blocked":5631,"dns":0,"connect":0,"send":0,"wait":24,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/ul-tab-line1.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/ul-tab-line1.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/lib.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 21 May 2015 05:57:53 GMT\r\naccept-ranges: bytes\r\netag: \"804676138b93d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 285\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":285,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1x12, components 3","md5":"00512af8f2e8bd7273086a3eec82fd75","sha1":"90427b3075397c559a907808ee7bf8b07f57cd35","sha256":"1580c8cef07b68c37ad3b0e5f87089125b15f7c93dbf11c6667002984c85b7bb","sha512":"a7efe63ea6386050a9ef72a0c3ebb86127e2d3bb90d975941f879661ea97cd02e7c3a31c51b9584799cd631a7bbf6ea78e18646222e2553a5c4cf0f716378f69","ssdeep":"","tlshash":"59d022f26b631032cf633b3903309b102329bb0ca630073c3c8e1200afaf7c4a0002a0","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.599937Z","times_seen":15,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":13,"dns":0,"connect":0,"send":0,"wait":319,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117034751760.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117034751760.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 07:47:51 GMT\r\naccept-ranges: bytes\r\netag: \"80ed368776bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 2345\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2345,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"b44a38a375e2ccd232bf1f6a2b5b283b","sha1":"665f94d5f3169bad18b49882e8cecd5597ee599a","sha256":"64ab96fc93e9618f350d551db090f9c131849ca64ffd1f90a584b2de9cc5f3b8","sha512":"c353872254168aee56f3a0f8304a89e7ce3ae346652c027c3b95d664de528d97a2c34d36dc1e0c953a6e47866b038cc261a75c9510bc5cbb11e723596eb3d14a","ssdeep":"","tlshash":"05411a88d6822d44908ad95f10dad006cc714bc486d4e6a9dedbcd0eb8771f1069c5cf","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.209645Z","times_seen":15,"resource_available":false,"data":null}},"time_used":846,"timings":{"blocked":367,"dns":0,"connect":0,"send":0,"wait":479,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0609/20220609045759787.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0609/20220609045759787.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 7603\r\nConnection: keep-alive\r\nLast-Modified: Thu, 09 Jun 2022 08:57:59 GMT\r\nAccept-Ranges: bytes\r\nETag: \"702de4df7bd81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28817\r\nX-Ser: i32015_c12732, i2103143_c28197, i1940263_c22409, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7603,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"b7378080fb7578cbbbc940218e8d5a28","sha1":"897e9feac3feae15d01bc45220c39c3e9b9f02c0","sha256":"9c43b41a7e1c3a5916c04423a9e303b3d2d09284e6a753ebdc80976373ef6b0c","sha512":"c45123a57d4a022e26fab2deef2807bfddf2427e1a9a272ab0ad7a65d1b836e9fc6674528d6f11101af5bb6cdf9d3cb8ef4a6d06b8b57d11d37d509b6be54c4b","ssdeep":"192:4uMtZYt2Mablpo4vFoUB97WBA7uiKBncG/6OmWh:4LDYt2Molpo4vFoUBU2cBZ/6a","tlshash":"2ff19f86d1b1b238da10bf74774adacb20c1496f30b22dc9d27cdb3b28f65323851495","first_seen":"2025-10-06T14:54:36.672924Z","last_seen":"2025-10-06T14:54:36.672924Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5513,"timings":{"blocked":5492,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/1217/20201217023952289.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.968Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/1217/20201217023952289.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 7389\r\nConnection: keep-alive\r\nLast-Modified: Thu, 17 Dec 2020 06:39:52 GMT\r\nAccept-Ranges: bytes\r\nETag: \"3e1cef6c3fd4d61:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28817\r\nX-Ser: i8676_c18005, i2103141_c28197, i1940245_c22409, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7389,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"0769b739a5ca5e84a7a62eadf9c73b19","sha1":"d0e872656f8033c4e341104ae27cdc9203bd93f3","sha256":"747c0ef10e758e63b8c2b17f1004b1a1533094c707a9470c1696cdb2717f1579","sha512":"63934743f6263bf3e94d37a19c0fc44c8093404782a031db54fd22ca33f9dff83f1fe78a0163fe0ec58b48cd14ccf5a5109e36667cff64bcac8c65b3a358dc88","ssdeep":"192:JWJ3LgIojndULkJeX08cvULyDptm1IO8Ss5aOYJN5:kJ3L8jntJBvvULGtvO8Ss5aJJN5","tlshash":"96e1afbf40c09b2510a5f5fd8daa7d38fa0abefd3580015613a39ce92d19468977790f","first_seen":"2025-10-06T14:54:36.675004Z","last_seen":"2025-10-06T14:54:36.675004Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4955,"timings":{"blocked":4934,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0525/20220525034658240.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.007Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0525/20220525034658240.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 9327\r\nConnection: keep-alive\r\nLast-Modified: Wed, 25 May 2022 07:46:58 GMT\r\nAccept-Ranges: bytes\r\nETag: \"fdd5dc9cb70d81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i91106_c23533, i2103123_c28197, i1940245_c22409, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9327,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"dd3bf89ed9e9092e31f1db6c129f141d","sha1":"e9b0bdfe7141e03d8f21020b2d77d4595f0f5276","sha256":"7d0e3259e8317b12e62d678aa9ac8de31fb45fae0c8c9294c3e8412a98324cd7","sha512":"56187c250d1c6afeada2f13e71939043471ba7856ac36c17a36aeeb43289da6397e8dbbf949deb43d39314affb4e1fe767f9466175c34da42d8788b20940f2e2","ssdeep":"192:cIBH26CsJG39NSW3DojDw0b8x3NiafbM3IiskQcYdHISJNaYXFSwIr:cI52iYSWzojUhx3NJfbMXskZsN3aCFu","tlshash":"d112a0deccea88ad75b8552159bb887084761dba5c41fb6d668ce5225ec3fa8d020334","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-04-16T01:23:16.713134Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5044,"timings":{"blocked":5016,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2017/0728/20170728041455926.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2017/0728/20170728041455926.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 21438\r\nConnection: keep-alive\r\nLast-Modified: Fri, 28 Jul 2017 08:14:55 GMT\r\nAccept-Ranges: bytes\r\nETag: \"c689ab98797d31:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i91226_c28777, i2475923_c28821, i1940235_c22409, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21438,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"6e9ae99e2d925ffaee49868589e4e7a4","sha1":"e167566bbbdf7564ebd2caf9edefc96aed78e657","sha256":"e6af60bba367b70fc21b4162c45ff65e23205bf95b13d10f585c54cca817a43d","sha512":"f45a9ac7dc30078a23bf2338012155c18a0dbe9a5b86ae28c7bf2cb5ad0ebd05695faf7703b212df5f659ac3ac3109dc24b395978517140915a44772d7d28e8f","ssdeep":"384:Ksa2Bed/ciucDO01CMDRVKqZkVIraNtnbn9kprdwxw0Msve9gHc/r4oMx3:Kv2kp5D1CMqPCaNJKGxwp0BHcz4oMl","tlshash":"52a2e19e4c496fc0103f34d9723446d14aa506f91b9e6c2cde3e6316988ab3e6f54dec","first_seen":"2025-10-06T14:54:36.678583Z","last_seen":"2026-04-16T01:23:17.040412Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5761,"timings":{"blocked":5730,"dns":0,"connect":0,"send":0,"wait":29,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/0318/20210318025647359.gif","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/0318/20210318025647359.gif HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/gif\r\nContent-Length: 46256\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Sep 2025 00:35:07 GMT\r\nAccept-Ranges: bytes\r\nETag: \"f3925a972121dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nX-Ser: i37228_c28455, i2103121_c28197, i1935859_c23471, i1935839_c22759\r\nX-Cache: HIT from i1935859_c23471(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":46256,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"c26124e38fe30eb40429f0b4ff80bd73","sha1":"b2fd86bf2018163bf813148140df534284c3019a","sha256":"ccb84d1dab0f04908c24918f6942b597149732dee7de08017d0aa5aa46064eea","sha512":"415292f469e1f5f98a51eb13ceec0a2782ad220c80b6205a27f18e47e43cbc48fdb59b0177d30370bb47fd52d2d8e939c754e7965a8b95545c8411609c883d91","ssdeep":"768:fT9IfQXwJyz9sDulTFaOL//+puqRRPDHVMxhKvvupVRnXpnVuymDaRmJ:OfQXwJyz9yQawuu0DHGhY2pLXpnVI","tlshash":"9123f1ad18dd362ca285135d14f1eba704a6688ef3ccc5e2fe989b90d0d02a7467f257","first_seen":"2025-10-06T14:54:36.680743Z","last_seen":"2025-10-06T14:54:36.680743Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5515,"timings":{"blocked":5458,"dns":0,"connect":0,"send":0,"wait":50,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012025400444.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012025400444.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:54:00 GMT\r\naccept-ranges: bytes\r\netag: \"0b451ef35bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3299\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3299,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"e8031b44d37a0ea483e72a6f09370752","sha1":"91906ed0e35e84033bc8678951242ad86969c0b6","sha256":"995db032132a90e90aa79c72a4341f387b6e1786e38031f92eb8e3c3bc4dd608","sha512":"07b6662bb6e20f1ea36dd3d335e40ef345c905670a787ea34cd08064032a8faec149ebc9dc0423fb92a2a4f7b6bbfe7954e3525da6c6fce7b2c66de8e89b72d6","ssdeep":"","tlshash":"90615c12fa873c4046cc5c1148de30d3adcfc6409f41b5a26bd9d852ea094e6de28bfb","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:54.964175Z","times_seen":15,"resource_available":false,"data":null}},"time_used":601,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":601,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0517/20220517034620154.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0517/20220517034620154.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 17 May 2022 07:46:20 GMT\r\naccept-ranges: bytes\r\netag: \"06e8b32c269d81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 1325\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1325,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"8a8efc1ce657355b2824d4f03463b084","sha1":"f48628b1631a6628f2afe106c654ca84993447f0","sha256":"91b59638ba291aa991597ba89aac71ff1727566bc8316353ceeda097489b7de9","sha512":"14528710d0b683129446447e76616a3f4ae9a5cf0a08b6c3036c95e81657ea0d5554880f078a109a99ca089c0f05da5ffda50fdad8b7b18c496ed3acd47b1fd1","ssdeep":"","tlshash":"1321d591018ba2ff2adc697f677368c17aa22d6456c12d812463408a69fc42d7a0b236","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.59357Z","times_seen":15,"resource_available":false,"data":null}},"time_used":815,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":815,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117040750967.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117040750967.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 08:07:50 GMT\r\naccept-ranges: bytes\r\netag: \"0cfdf5179bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 2298\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2298,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"a16ce29cdcdc6209fbf4be8548316c33","sha1":"16289f328366a9ec172c9bbb76a4bbed71a34381","sha256":"a66d5dff26c46d0157a2bd388976cdb2ac71544eea9b594fa43fc1ceb9c2f30a","sha512":"4efd70233f884b7ad25d83bc4fccf6bf7ae4d6f7516d8dea501dfde1b1d8a15c08a5711bd05e10413ba390e99727cc5480e078f603c74d65c6e5a5fb324f0ccf","ssdeep":"","tlshash":"9341d8c5b240156be64ab0501cde7123f4058d40cf96f1616dcdcc8b0ef45f9281e9db","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.318633Z","times_seen":15,"resource_available":false,"data":null}},"time_used":860,"timings":{"blocked":366,"dns":0,"connect":0,"send":0,"wait":494,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/1216/20241216024629721.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/1216/20241216024629721.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 9246\r\nConnection: keep-alive\r\nLast-Modified: Mon, 16 Dec 2024 06:46:29 GMT\r\nAccept-Ranges: bytes\r\nETag: \"6ab3853c864fdb1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 172680\r\nX-Ser: i91542_c21609, i2103141_c28197, i1940255_c22409, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9246,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"01ff504fccda21be9a5794a6d018da97","sha1":"80d4c9a2a45bf74924ab761203cc0ae31db43a73","sha256":"0751c72b2177dec8a1093361ee4bfaf622794eb0db32ef279c467898af294797","sha512":"3da10df896df2b8140b04c245e1b676442f71234886430636c4c53ccd5b309a93365064bb42362289c13f7de15bb09a03389b9117273acba61779b8ab3b76817","ssdeep":"192:9QVhj07dcqE8AEHicqMYHzYednGT+cXRblVp6U:96Z07d5E8rH5l4LGT+cXRb4U","tlshash":"4012bfbd3225ecbcdf41b90a7ae235a25437297ed964736ad8d2d0304e088246774e58","first_seen":"2025-01-03T05:17:31.533909Z","last_seen":"2025-10-06T14:54:36.687539Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5492,"timings":{"blocked":5470,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0107/20220107023957344.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0107/20220107023957344.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 14556\r\nConnection: keep-alive\r\nLast-Modified: Fri, 07 Jan 2022 06:39:57 GMT\r\nAccept-Ranges: bytes\r\nETag: \"ea704d63913d81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nX-Ser: i37214_c28455, i2475941_c28821, i1940251_c22701, i1935889_c22759\r\nX-Cache: HIT from i1940251_c22701(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14556,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"cec718e8d7855b2330cb24d9936914d8","sha1":"de153cd34126df5a0441083fd217059d6b9ca135","sha256":"76bb070509ecad929df0a6ed2da29007bb69fd06be4e1d2772e9315a574846e2","sha512":"ada5e6d0379c4cc0597c5a26997f6927ebca39f13badd6a76339d9ac6b1ca0040184152fc8902b1707feffdfdee17a46591cf54d4380e664df65883225b9894e","ssdeep":"384:bT7rAC/9NsGpT2OYitGvTS7bnZD5nBU0EAf:D/zvZ27iku7bZDwKf","tlshash":"f362d1d723c76d6a5ee242ee1c2086ad6cfffcf5c30056704774849a08069c899a9ddb","first_seen":"2025-10-06T14:54:36.688586Z","last_seen":"2025-10-06T14:54:36.688586Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5685,"timings":{"blocked":5631,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012030333998.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012030333998.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:03:33 GMT\r\naccept-ranges: bytes\r\netag: \"8090da4437bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2350\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2350,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"b5702f5d946b57d8a3a4e75e71a092c7","sha1":"ba86b006fdf0ec69cc0c5ac493fd056897155b90","sha256":"4b9695e6fafba6572f1ea9e652beceff6d69fe8ceeafcdf568cb87529e9bf3ba","sha512":"301869c3e0c9bd1ad04540fdc00da6b6c53398153137c671dabb75960f21485e15e9e0105462c5bc6da959809078ac62811c64948d57c755bb9e090e4a6bdf58","ssdeep":"","tlshash":"d541d7cef1c595c16ac8f65634ff8013dc66898042d2e175eccec59354bb878da4a1de","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.277676Z","times_seen":15,"resource_available":false,"data":null}},"time_used":765,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":765,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012035638880.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012035638880.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:56:38 GMT\r\naccept-ranges: bytes\r\netag: \"0ff42af3ebfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3738\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3738,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"6231756d444fa612cfd5d61ebc43e16b","sha1":"c545382e6a6a53b5a6b582e1050fd6a0d26f6f7b","sha256":"6ff76b73fb99e778cc33ea096ce17c7a5c4efaf4d8ce33874d9f30f9ca101afb","sha512":"3e7ba4ab42b607969c82e762b0f254c4763eeca745509afe343a0235ac64ea3feb475b2f3fcb0cbb9561626bd3f477a841f90cc620ccd047cb79a9215a3c5e8c","ssdeep":"","tlshash":"0c714a6affa438c06075fe4804fa007b40bb0e81acd49a351c9a9c4506f60a8272adde","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.261153Z","times_seen":15,"resource_available":false,"data":null}},"time_used":833,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":833,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012035809176.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.866Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012035809176.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:58:09 GMT\r\naccept-ranges: bytes\r\netag: \"807e80e53ebfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2764\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2764,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"93a3b44025b402c04766f5ff652bbbd2","sha1":"b72dab09987d3cc57ead5974abd4379591b36ad2","sha256":"7680ddfa5c5b3187f28c398e4edbe5e371c392e3e1452c5967fd0ef4cb781849","sha512":"35c9e0953db277da3fe4a663c34d56f0fddc2f3b0394663e4f95c705c0f4388b1f5a1bda548ff7738e71848f7c6be1c966285a0556c8f789995474ca6165f74c","ssdeep":"","tlshash":"4a512b57f1e5ec40db3a84d8a5d5f41694220880ee845066b4c38c1b897aff8b08dafb","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.295843Z","times_seen":15,"resource_available":false,"data":null}},"time_used":829,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":829,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/0422/20210422025218187.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/0422/20210422025218187.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 10218\r\nConnection: keep-alive\r\nLast-Modified: Thu, 22 Apr 2021 06:52:18 GMT\r\nAccept-Ranges: bytes\r\nETag: \"7a8aa594437d71:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 187656\r\nX-Ser: BC204_dx-lt-yd-jiangsu-taizhou-4-cache-12, i91252_c23533, i2475927_c28821, i1935885_c23471, i1935945_c22759\r\nX-Cache: HIT from i1935945_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10218,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"b6fc1dcc44a2d38115a272be4487909a","sha1":"342a5336c020754b52c9fd10adeb4087ab411e44","sha256":"8b7b1262f00fc10c7c6f223d744f22bf60d75f068b2800e291e6a4573f9af6d0","sha512":"5bb0c907704304dee8a86434e861c550191dc8cba6d6d14b096cae902c8247dc095ff3dd1c23a40efa50309e902e681f035d3cdcfdb2ce7bd0895b8b62ddf70c","ssdeep":"192:UMo1UP1HAIBnSMJaH8JNpEZdixQZDstRhhrzB5nRcHL5GoIEoYNfEG2IbPF5YR45:UTCHAIBSaaH2p0yQxstfhhlR6b9fN5YC","tlshash":"5322c0606121d9a5f0cfede869071dc62677ee05d86cacaf0610361fad156ec33c27b9","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.054833Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5477,"timings":{"blocked":5449,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/icon-point.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/icon-point.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/index.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 18 May 2015 07:16:12 GMT\r\naccept-ranges: bytes\r\netag: \"086b853a91d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 1114\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1114,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 11 x 11, 8-bit/color RGBA, non-interlaced","md5":"184b2afb0970242cc5e5ef18f6b8739d","sha1":"24fa00b4a83bcb8fda8c09405dfcd9e69110f1ba","sha256":"a71f76dd18218dd9d713c934b7b9ce8694628788a3f2e5a6032588fb96dfd599","sha512":"1b89ceddfed444aa2a2d4a9b50678cae87b7a465922013f9af5c21290483701abb762e40f81c67511984c11d6add52ab5b6918a4838e03c0d85c41727c28fee5","ssdeep":"","tlshash":"852130e9bb402580f10ad59118e540174a234c70e4a8e0faf89e9c2b4d616fbc45c1cb","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.349701Z","times_seen":16,"resource_available":false,"data":null}},"time_used":381,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":381,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/1211/20241211013145800.jpg","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/1211/20241211013145800.jpg HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 16555\r\nConnection: keep-alive\r\nLast-Modified: Wed, 11 Dec 2024 05:31:45 GMT\r\nAccept-Ranges: bytes\r\nETag: \"e945b8f78d4bdb1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28821\r\nX-Ser: i64214_c23533, i2103123_c28197, i1935885_c23471, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16555,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 350x211, components 3","md5":"8c20ea93a091421e9168e7d278f356cf","sha1":"b49b909c619bf22f85575989282c20cf984caac0","sha256":"89d7dabb3a8ecb6f536cc7e6fb9f032d65115f336d2c80a3994672a0bfeef76b","sha512":"519abf63e8e1eb0d8f9b20ab26d512aa94792947ee96c494dac7bbbf63789c9dbf24c8e67ee52ebc6927c2120e76a9d1790e1e50fdb361d8a63ba7eab17a4023","ssdeep":"384:RYBwotyBvirjbiY5Is/uwtiZHjYhEO+IoSm2RqHBOJ9JhZIMJemk:RityBvirjd/uxZDcEO+pz2sHBOJjhcF","tlshash":"7972bf80747e4ac3bd17e0f53a500a2146ec15880ae1bddc4dd4fabc7ac16faf9195aa","first_seen":"2025-01-03T05:17:31.435363Z","last_seen":"2026-03-04T05:46:55.286317Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5479,"timings":{"blocked":5454,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117041938755.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117041938755.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 08:19:38 GMT\r\naccept-ranges: bytes\r\netag: \"09e0f77abd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 2796\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2796,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"8f9aa20393fe5b3a5138e29cc7b92782","sha1":"31ccb02f18c9e177d50bc45307075931ee75c8e0","sha256":"101cd121ed7a25bf4350634ac03afbe78f9c7039bb50963fd1d4463ea6323932","sha512":"727959f545c53c781e7e232cb1626095fdc6c19c94453866a429f4e4e7cf7b07e47087733893e3f37620ae3a4b28a399f73b6e9d93dd99c3f09f12e14bf65439","ssdeep":"","tlshash":"8c514bccfb12d7025acf42920ce664278e670a818dc46c78d9dbf07b193d539291f1ab","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.398826Z","times_seen":15,"resource_available":false,"data":null}},"time_used":859,"timings":{"blocked":517,"dns":0,"connect":0,"send":0,"wait":342,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0727/20230727031408468.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0727/20230727031408468.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 35501\r\nConnection: keep-alive\r\nLast-Modified: Thu, 27 Jul 2023 07:14:08 GMT\r\nAccept-Ranges: bytes\r\nETag: \"a823afef59c0d91:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i17621_c17989, i2103125_c25795, i58862_c11118, i1940275_c22701, i1935945_c22759\r\nX-Cache: HIT from i1935945_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35501,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"2e08b4e9805e4300b0cf16d6ab742c07","sha1":"2104252d1f8c7208211b2809673fc7862087e22d","sha256":"c0a0a17c84aba2be9036cb25ad7e3022fca07dc4db5ccb08a033133c546214e7","sha512":"56a65adf35e65a15f1e0b9440a80119a9a23080bb8a398b941ee3a773de6d6b327463f0171c3383c7d3ff7bc95c55bc2cbb107bfb50f9ffaa77198d49cfcccb5","ssdeep":"768:33N2+aJMbgQsyop3k++RXdPHkZB/x9hKxkw5cN2RrFeQe814GVE7zVcG:33o+aJMbXsNp3725E3UW4RwQZS2G","tlshash":"74f2022f6c5b645e0b1765af3611e8b709cac399118993942e087eb923ec1869a5ccf3","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:16.754613Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5659,"timings":{"blocked":5635,"dns":0,"connect":0,"send":0,"wait":22,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012025541505.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012025541505.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:55:41 GMT\r\naccept-ranges: bytes\r\netag: \"8014852b36bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3595\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3595,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"0d6266ad71a0c5bfca96cb44972a5c07","sha1":"d6e512aba9283bc00bad2dc66b751c2beab0814b","sha256":"7bb31db778de50b9398044efcffc05f979b8c6019bfaf5a1bb629c62a65f539b","sha512":"43a2a0dad4cf5dfb645c1b97eeb061b6e7a14ef8c06cc251e1ecbebddf513af0bd518cb06fed364c6312d654918c667329b370d63b1b628651bc0f2c7998158d","ssdeep":"","tlshash":"e1710846a8493292e398cac52cee53f2f9774800d695f23468cad7624b790e13574bd9","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:54.992535Z","times_seen":15,"resource_available":false,"data":null}},"time_used":791,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":791,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117015833199.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117015833199.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 05:58:33 GMT\r\naccept-ranges: bytes\r\netag: \"808a574267bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2762\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2762,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"844b8ec078dca51b7d3a67543444fabf","sha1":"57ad1207ce361a6360cd5a29ee05e12249b2c1d8","sha256":"69ce083237a0dcaff907a4a126a3074dc5dc01ebd32850e86f2581bee98446ea","sha512":"bfcdba08856ef381f5644274c024a111e97fc0bba601ed681369893aedaecf1aef74a64edd2e9d69cf760764fc25041283c0b846af2ca6c211855ebcfc402077","ssdeep":"","tlshash":"a8512b1ba1811d40d38dacc768e373978a71d980fe52b923659dc80fc59427489a54de","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.625174Z","times_seen":15,"resource_available":false,"data":null}},"time_used":807,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":807,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0510/20230510023011230.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0510/20230510023011230.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 42342\r\nConnection: keep-alive\r\nLast-Modified: Wed, 10 May 2023 06:30:11 GMT\r\nAccept-Ranges: bytes\r\nETag: \"1476edf883d91:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i33667_c26321, i2475963_c28821, i1935955_c23471, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42342,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8e25cc3d1584a3c3ac380b27e42ced89","sha1":"f8699cccb99905a5a6d7c72800029672ab6ac718","sha256":"a08183824be7628f5e90c48bf30cc96d9355e350c396ead993e4dd8458c21d58","sha512":"2317a40f8305eccf370637991573624554c7233de0c29ed8089ebe39256cc620c3863bd7c88ef5633bd674ff708c00f2ebd9cef593d571fc454c6972c55fc018","ssdeep":"768:6V9iJs3EzIndy1TQa8cdUVuTSuoDgBhzIDoirIihyxW5Z4RTr:AQs0IdegKKuTSuoDs0U6dhyxW5ytr","tlshash":"2513f2415a122edcef27d85d60b18b54d45fb8e8cf12d8d50ce50c87189b3e623be558","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:17.026667Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5707,"timings":{"blocked":5678,"dns":0,"connect":0,"send":0,"wait":24,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/0103/20240103041236420.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/0103/20240103041236420.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 33407\r\nConnection: keep-alive\r\nLast-Modified: Mon, 08 Sep 2025 06:45:26 GMT\r\nAccept-Ranges: bytes\r\nETag: \"23487e288c20dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 31803\r\nX-Ser: i91096_c23533, i2475911_c28821, i1935879_c23471, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33407,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"d9421ef173463858831bcf69f329de79","sha1":"87e8de0c200736a2934ea47ba1cee303542bfbbd","sha256":"b4a776f6b8936f3d1fce6690503c09733b8517c03b055f2b1e7e6f1a09bde480","sha512":"281d94262ee6a76f1c003f16a955eb40a7aa9d23d965b4d5aa4484c7597cea21f95f80cb3b47d1831b00bb1eeaf2619c516fddd4dcd9b7009194226e28de37a9","ssdeep":"384:T+z2BbbNZACQaBSxRfEO9mxhfwAq0Gjx1HbaI1RZIssYTzb+ewRJdtX0S+u8K:T+CPNZACfSxx9zrxjb9Kyb3IZrd","tlshash":"4fe2f1a2894c44feb24705f7acca2d50592b605c84057d89e12deefef47422f985f872","first_seen":"2025-10-06T14:54:36.714518Z","last_seen":"2025-10-06T14:54:36.714518Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5171,"timings":{"blocked":5139,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2018/0927/20180927092854927.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2018/0927/20180927092854927.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 6065\r\nConnection: keep-alive\r\nLast-Modified: Thu, 27 Sep 2018 01:28:54 GMT\r\nAccept-Ranges: bytes\r\nETag: \"e4f31374156d41:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 38795\r\nX-Ser: i37654_c26321, i2475927_c28821, i1935879_c23471, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6065,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"5936a1bf8cfd1cdee874efbbcd1334e9","sha1":"9d79cc0b5dc6ca894156329727fadf58a4aa0a97","sha256":"db39ecb37fa1be1a913d68e2d02d82442e9c60c9d6eafb11ff4c6d2f1118d00a","sha512":"9831d26ebb9861bfefd07f7252e74614e31a8bae0996388a64ea21a83290ab68e05b74600e03a80b9bedc5ce17241ba8ce74aae84205410d4310e19784cc93a3","ssdeep":"96:URKPE0Edt3uCGW0uQkEcDHsT2o5xW5RrzMRnhnwjRrTT0t+Siyu4pw81XACzB:eoit3uVpuQk9DHsT2o5KMRnhwjR/Ti+W","tlshash":"e7c19d7bf98b9b57a5c63576b01020a24d4e32a70530dd0b7e82f36d5666a370b0129f","first_seen":"2025-10-06T14:54:36.716678Z","last_seen":"2025-10-06T14:54:36.716678Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5192,"timings":{"blocked":5169,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/0928/20210928102127790.gif","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/0928/20210928102127790.gif HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/gif\r\nContent-Length: 46256\r\nConnection: keep-alive\r\nLast-Modified: Tue, 09 Sep 2025 00:35:10 GMT\r\nAccept-Ranges: bytes\r\nETag: \"f0e24c992121dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 1146\r\nX-Ser: i17891_c6956, i2103121_c28197, i1935859_c23471, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":46256,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"c26124e38fe30eb40429f0b4ff80bd73","sha1":"b2fd86bf2018163bf813148140df534284c3019a","sha256":"ccb84d1dab0f04908c24918f6942b597149732dee7de08017d0aa5aa46064eea","sha512":"415292f469e1f5f98a51eb13ceec0a2782ad220c80b6205a27f18e47e43cbc48fdb59b0177d30370bb47fd52d2d8e939c754e7965a8b95545c8411609c883d91","ssdeep":"768:fT9IfQXwJyz9sDulTFaOL//+puqRRPDHVMxhKvvupVRnXpnVuymDaRmJ:OfQXwJyz9yQawuu0DHGhY2pLXpnVI","tlshash":"9123f1ad18dd362ca285135d14f1eba704a6688ef3ccc5e2fe989b90d0d02a7467f257","first_seen":"2025-10-06T14:54:36.680743Z","last_seen":"2025-10-06T14:54:36.680743Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5507,"timings":{"blocked":5468,"dns":0,"connect":0,"send":0,"wait":30,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0730/20250730020842733.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0730/20250730020842733.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 44413\r\nConnection: keep-alive\r\nLast-Modified: Wed, 30 Jul 2025 06:08:42 GMT\r\nAccept-Ranges: bytes\r\nETag: \"8413a666181dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 1146\r\nX-Ser: i91206_c28777, i2475919_c28821, i1940273_c22701, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44413,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"4f1def1a04e0d0eb8b6a48c7f755c05e","sha1":"3a1ed4ca8da22ec9f549aad7f772f3181f2a7d80","sha256":"d79eff991c0bcacaafc1a4542be6c13ad20a68b049208d6d5ef9a69082f68398","sha512":"ca66a9422eea02e4afade644de61b60a1b29ca58282911730bb3d4f34c0e94b98bbba2d59a5024fe584f5cace75e3dc3a975d63022a929e879636be62a5b70e9","ssdeep":"768:9LJo8TVKmE4NGOYKqF3RyIlSY7FEFo8PN+DZn7ywoIyMGHSdNUr4:9No85m4cOYKSyg72y8PEDh2eUydGr4","tlshash":"5113f2d6e8845304178a545a52ab791f418076fb32ae3024f0e653379a77f37cdb28ee","first_seen":"2025-10-06T14:54:36.719052Z","last_seen":"2025-10-06T14:54:36.719052Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5530,"timings":{"blocked":5499,"dns":0,"connect":0,"send":0,"wait":24,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0930/20250930094423724.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0930/20250930094423724.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 39508\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Sep 2025 01:44:23 GMT\r\nAccept-Ranges: bytes\r\nETag: \"eef1a9bfab31dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28818\r\nX-Ser: i63566_c22643, i2103121_c28197, i1940265_c22701, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39508,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8e4658911e060d0ce6dafa365fed16a8","sha1":"e5ac3a5ecc2c9e6786cd4e75b320693e4903bfe8","sha256":"45c2d841d8c06f00fbf52f21db3c9fb3c62a47265845d11d57ceb16bd79778f2","sha512":"01148990d0877ef8593418d99bab3f1053f3c715b0f0509ef5e3b014ef1b90eb02004a91a7368a65ebe3631891d5bc340db6f3e8ef7f16fc16d54ea5b14cf49c","ssdeep":"768:lfbJHmEH3Kkugk856+zuDbcIt/msdqPxPlBi8kzKseRNL5j8:5bJL5k2ijRdcszleRNK","tlshash":"a103024d0fc7f530561d6449399b8ad2b7ca30746a7b8dfe7488a077f88039a50dab23","first_seen":"2025-10-06T14:54:36.721289Z","last_seen":"2025-10-06T14:54:36.721289Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5628,"timings":{"blocked":5592,"dns":0,"connect":0,"send":0,"wait":30,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012022949341.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012022949341.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:29:49 GMT\r\naccept-ranges: bytes\r\netag: \"80ac748e32bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3707\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3707,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"e30cf34c914b1c3cf8dc31a29ca67ddc","sha1":"a185ed55877b301140f762bc0e4547dfdb3f9a00","sha256":"68ca0038bea500b26dc4728dba51c05bfdbe8c29215a3aeaf3304168b897d9c7","sha512":"533512cdcc08b3f6a7ce5f8c886133e408ddbb136b245d2c000179ce5400b8083d9007d3865756076d94ab3a5e29a633386e487bd93c2b644fe971c27f80c07e","ssdeep":"","tlshash":"60716c0e7d000d63525dd6c268fb4412c5e5488980c6bc2f6d9f82762c288b16ebdee5","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.569159Z","times_seen":15,"resource_available":false,"data":null}},"time_used":891,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":891,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012032106192.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012032106192.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:21:06 GMT\r\naccept-ranges: bytes\r\netag: \"09d7db839bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3139\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3139,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"e0a009e2b804baf92996a83efe8636f5","sha1":"272c355df706a3799a26e7f7d32c679ff860806f","sha256":"2b7e46eab2cbecb62b56e9f9dd7194de292993b8b6979b4fd75ed64cc27ba929","sha512":"6806a0f318998c7ac23a921666c1fd60cb2955cbfa4b2ecaf035654938bf5e9b755859c566d54680454522852bb7d23d62113532f1b13c9011d3c76ee5404634","ssdeep":"","tlshash":"da512bcee9622e00e044ed5224f75203ce72bb95e7d4ba70dcca840895719f26894fe2","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.54577Z","times_seen":15,"resource_available":false,"data":null}},"time_used":757,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":757,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012033400813.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012033400813.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:34:00 GMT\r\naccept-ranges: bytes\r\netag: \"0a4d4853bbfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 1564\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1564,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"fb7b802be96b878b96a399788158cead","sha1":"e9cb178bfb42da41ad03cb6568d1dbdbe0741509","sha256":"9c21518d8f8a57fedc3b4f3d80463c903c0eafd08c7f9dcb16d868055e805841","sha512":"f56bc020aca78c7a8f41b2b185981c841c80c8fd1afe082079905cf4f18a06d3db99a39c061dff1b11a625c93218bd76d8412f57c68bdb978c69505a4c448032","ssdeep":"","tlshash":"963195ceeac0784165cce68318ea7607a9124980cab0f06ef597e05759b21b6d52edc7","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.395306Z","times_seen":15,"resource_available":false,"data":null}},"time_used":865,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":865,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0730/20250730015944228.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0730/20250730015944228.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 44413\r\nConnection: keep-alive\r\nLast-Modified: Wed, 30 Jul 2025 05:59:44 GMT\r\nAccept-Ranges: bytes\r\nETag: \"7a27a925171dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 1146\r\nX-Ser: i91488_c21609, i2103141_c28197, i1940277_c22409, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44413,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"4f1def1a04e0d0eb8b6a48c7f755c05e","sha1":"3a1ed4ca8da22ec9f549aad7f772f3181f2a7d80","sha256":"d79eff991c0bcacaafc1a4542be6c13ad20a68b049208d6d5ef9a69082f68398","sha512":"ca66a9422eea02e4afade644de61b60a1b29ca58282911730bb3d4f34c0e94b98bbba2d59a5024fe584f5cace75e3dc3a975d63022a929e879636be62a5b70e9","ssdeep":"768:9LJo8TVKmE4NGOYKqF3RyIlSY7FEFo8PN+DZn7ywoIyMGHSdNUr4:9No85m4cOYKSyg72y8PEDh2eUydGr4","tlshash":"5113f2d6e8845304178a545a52ab791f418076fb32ae3024f0e653379a77f37cdb28ee","first_seen":"2025-10-06T14:54:36.719052Z","last_seen":"2025-10-06T14:54:36.719052Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5501,"timings":{"blocked":5467,"dns":0,"connect":0,"send":0,"wait":25,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/1006/20251006095108211.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/1006/20251006095108211.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 4121\r\nConnection: keep-alive\r\nLast-Modified: Mon, 06 Oct 2025 01:51:08 GMT\r\nAccept-Ranges: bytes\r\nETag: \"be6497af6336dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 38712\r\nX-Ser: i34712_c4672, i2475923_c28821, i1940233_c22701, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4121,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"4b8b7971259ebae2f04fe6164255d8b6","sha1":"ce5910050581fcde9c6866303697d7df4e764c55","sha256":"820128ff0df2e0a088c01bfa3be2e3cdade6b674f9b08a6cd07c151a31f99687","sha512":"ee81a390317ce1d45d7ed8ecdeebf44dc93394d3806faf7107b202376b0c476bb9c67b66ec541b569591f3320ff4b729df4a490bcf36cacbc7584f9f85ca0ba8","ssdeep":"96:SqspvBwGVPOvRsfN/HRj47+s0CMglAby/ffr:NG5OWflJ8UCMglAO/fT","tlshash":"e1816df39b5dc42d6b3d985d688377fd94ed57421d00c94e16d208a110c2a8b5eb7711","first_seen":"2025-10-06T14:54:36.730406Z","last_seen":"2025-10-06T14:54:36.730406Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5570,"timings":{"blocked":5532,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0929/20250929085026286.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0929/20250929085026286.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 7128\r\nConnection: keep-alive\r\nLast-Modified: Mon, 29 Sep 2025 00:50:26 GMT\r\nAccept-Ranges: bytes\r\nETag: \"b48770bdb30dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28818\r\nX-Ser: i34690_c4672, i2475911_c28821, i1940245_c22409, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7128,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"f5f99ed349fce93d57ea597573d2192b","sha1":"030e4042eef1dbf2424cdbbd9325d32ca925227e","sha256":"53c3eff8de2528b2aefb5ba4e474d1cda2767393708d52add6fdc0a02a2bd6ca","sha512":"717ad356307809273aba252fe32180bcc63ecad4e87ecbdd5fd709c9efa41e92e268d8affb3ebf14307b458a4fdd842691da9525fa606b05add414ad80ba4925","ssdeep":"192:kP58mVC6ZvHot64kRXUbKvwVOeRZwc2zD24Z:kP51ZvHot6LthvwVOejwt24Z","tlshash":"3fe1af473f2dd3651282b84b51dc4c85384f27c483fa9eeb9055dbb9245a149b68791c","first_seen":"2025-10-06T14:54:36.732614Z","last_seen":"2025-10-06T14:54:36.732614Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5573,"timings":{"blocked":5553,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/1027/20231027014140115.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/1027/20231027014140115.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 6752\r\nConnection: keep-alive\r\nLast-Modified: Fri, 27 Oct 2023 05:41:40 GMT\r\nAccept-Ranges: bytes\r\nETag: \"cc105d42988da1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nX-Ser: i33625_c26321, i2103125_c28197, i1935891_c23471, i1935945_c22759\r\nX-Cache: HIT from i1935891_c23471(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6752,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"b8eca5eac73674ca4e83b44a49ded8eb","sha1":"65e9db2fd65e781115a0513aa21405e698819849","sha256":"c5b8784f2beedb48e815a2b5b7529d7d0a8b25fa5f5e7920c46f4d2c3b4c3bcf","sha512":"ce1e13d5b01c31f620b1a54dc7ff51b64eab455519135aa52ea977dcc8d8323f578f8e324b5a2a8c58ee875a941fc35e129026d770a4729bb20fa2545c0ddb93","ssdeep":"96:+86XQCOoRDgsN45y/xGfTobNSH6/y3FlV4LCX6tvug4pgLTc+AJ5dFTBM5Dq5xcL:+8LoG5LboNc3FlSLCk5AHd9B//ZS/H5","tlshash":"4bd17e958e73137e84a43d60fc342912d26745ef99a7e27d944060eb79472dc405972f","first_seen":"2025-10-06T14:54:36.734925Z","last_seen":"2026-03-21T21:38:54.188482Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5265,"timings":{"blocked":5218,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/1105/20241105083104521.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/1105/20241105083104521.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 8291\r\nConnection: keep-alive\r\nLast-Modified: Tue, 05 Nov 2024 00:31:04 GMT\r\nAccept-Ranges: bytes\r\nETag: \"c1874ff192fdb1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nX-Ser: i91504_c21609, i2103123_c28197, i1940233_c22701, i1935839_c22759\r\nX-Cache: HIT from i1940233_c22701(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8291,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8e88dde5cf0bb792d259ded2d1765a3f","sha1":"8a40ede70c76590aa20254f128c1d64645a7887f","sha256":"2cdd571843b992638f3195a9f9512934ecf915ce3737c7ebf55b4650019286c5","sha512":"72549d34364d0d63510a9f82a71c2a85a0b617f3a71799b2f063d02ec3c5f9a50cdb79967186e15c5c466b6346cbee3d71fce146d9b17845a117558b4583ac8b","ssdeep":"192:2YopY7uERmkb+UZ9m6MY0Gb+lwWa28+x5Thpkn6:25+7j9C+nMY05lwN28+TR","tlshash":"c602c14cd9020a7e85898b5371c92e61e3326edce0695f56b2cfa4c3b6771e1c0be617","first_seen":"2025-10-06T14:54:36.737193Z","last_seen":"2025-10-06T14:54:36.737193Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5688,"timings":{"blocked":5639,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012032415599.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012032415599.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:24:15 GMT\r\naccept-ranges: bytes\r\netag: \"80b924293abfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2672\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2672,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"198ff8c037a91993434d0bb58608080e","sha1":"d1b8882caea8b4c4afc6b7ce89e32245e1aed72e","sha256":"9e4652de643754a1e38a8f0f194ad8bff3539e65d5fcec31f1e5ec5ee97dfefd","sha512":"4282bff2297ee4166449166193ee3528e87523442c20ec8012dae8c96c6fd4f1b0f08bbaefd009b101118f98c1906f7dd98e56453e96aa407bf21ef2f31c3c07","ssdeep":"","tlshash":"fe516cc9fe81b881d35ec08628e60017cc1b0a54fb547c87ee9fc49ba4f577498191db","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.226586Z","times_seen":15,"resource_available":false,"data":null}},"time_used":757,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":757,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117110706421.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.868Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117110706421.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 03:07:06 GMT\r\naccept-ranges: bytes\r\netag: \"0e9cf4e4fbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3213\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3213,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"5cf6ccc2c20965bd3186d3a64ffc681f","sha1":"48b766c7c17e0a560dcfe73a6d3afe13a9ed2210","sha256":"537c0ff3bffa610adb35af45d6806d3a87ad316cbb297dc3026a29f8cdf06422","sha512":"837eb59f1f3e8c29fec578c8f45c8a7e7b36916ce9d9d70071e5d2b7f04d7c0f91fd214c81f4358dee377e69b3dde1fff4d772f902aceae7539891f1a814ecde","ssdeep":"","tlshash":"4e612c8ce484a6c18cd20f923cf2a11bc132cca0d7d8d5526cee89095d78576352f5cb","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.025802Z","times_seen":15,"resource_available":false,"data":null}},"time_used":825,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":825,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117043738625.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117043738625.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 08:37:38 GMT\r\naccept-ranges: bytes\r\netag: \"0f59a7b7dbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 3000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3000,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"abac6adf9aee8bc445679d8bded44b32","sha1":"1bde5ca83f873cfba8a0b2acc19fb6a1d50da48c","sha256":"63ed6c76b99f9929f2b93bc470b143ea347c884a460e9484bbfdb19572f088d9","sha512":"299ff974ce09ae8914f956cf257ab9f6a54d69d9df2b710ab7eb9223e410dd0f6fc37c740a0bd3dde451bbf0a56b841539f0b1df132b69785658dcf66830910f","ssdeep":"","tlshash":"9d511a5ade46bb936196c642ccd12313590f88e8d8e0e8d17fe6863654f52e1943d0e6","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:54.856958Z","times_seen":15,"resource_available":false,"data":null}},"time_used":869,"timings":{"blocked":537,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-06T14:53:44.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-encoding: gzip\r\nlast-modified: Mon, 06 Oct 2025 12:45:38 GMT\r\naccept-ranges: bytes\r\netag: \"045bf1dbf36dc1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:47 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":588045,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1003), with CRLF line terminators","md5":"7a589aaec8aace8b29d9b78af1d59529","sha1":"6dedbaca2fe4d7b26f4facf6b01b851e37c439f9","sha256":"911bd752c017f5b68f494094d3ca2d687a3f7ef83c4f3d4b05aec3b25aa05dc6","sha512":"01d77d1fbf093e99520dcc7fc14c5747a30c77c5670c73be68d85950830a381ac7f854515f5d9f0f99c97165433e5c5dbdf22bda4d062e724c182fee68da562d","ssdeep":"3072:8dVUVEw9OKRSCFz60lnvIFBP9wyZrR27ft:B9OKRSCFz60lnwFFZr2ft","tlshash":"36c48a6253cca4662730c1c24179a724d87716b7f80296c7f5be1b7f7fbda9a080709a","first_seen":"2025-10-06T14:54:36.746129Z","last_seen":"2025-10-06T14:54:36.746129Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4824,"timings":{"blocked":623,"dns":0,"connect":306,"send":0,"wait":3578,"receive":0,"ssl":315},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/1003/20221003081154613.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/1003/20221003081154613.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 28134\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Oct 2022 00:11:54 GMT\r\nAccept-Ranges: bytes\r\nETag: \"6a5d33bebcd6d81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28821\r\nX-Ser: i33595_c26321, i2103119_c28197, i1940255_c22409, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28134,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"b58c748c21d939a6c28566dba03217a9","sha1":"f43d5c92f8076559d7099a2480251acffe57a077","sha256":"c9f715bfa8006d8e390439a9acd9d7b6ae94fec8c50e7887ef39a61d2c08a14b","sha512":"b49dc86bfefc9d645a887639ce3448f69bbef77f38c9c62e85ec00ba54fd304fb92d72073bb8fef63ef2e2f03a7f346107eceb41f4ab738002b9150254d47b4a","ssdeep":"768:Bc6Ji03ynxRZrohOkg42AfFaDPMKusVw6D9deD+eAMzSnV:u0eR1Z0NrHsVw6D9de1tSV","tlshash":"6cc2e19aa5f5313aab271d8e198fa3f55c0ef2f7d8382e069540cf454332f652546e0e","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.035227Z","times_seen":15,"resource_available":false,"data":null}},"time_used":10166,"timings":{"blocked":5051,"dns":5030,"connect":20,"send":0,"wait":21,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/1016/20191016101646388.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/1016/20191016101646388.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 14127\r\nConnection: keep-alive\r\nLast-Modified: Wed, 16 Oct 2019 02:16:46 GMT\r\nAccept-Ranges: bytes\r\nETag: \"141b8dc2c783d51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28821\r\nX-Ser: BC25_dx-lt-yd-jiangsu-yancheng-8-cache-2, BC199_lt-obgp-fujian-xiamen-33-cache-1, BC132_IT-Lombardia-Milan-1-cache-1, i1940251_c22701, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14127,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"9b460caf8bea8786043a6e776a63ac3c","sha1":"eabca7f8c8226e184157b70ed1aa144d6a555bfc","sha256":"2a15072a8c205d4f032124944fc88127563dedd1fc394f5b4ab36ff3cb9c601a","sha512":"ea169b5818e69d0bbd958c7f1c3ebe7c1c9b3b8f3cb4d926f778d1fc9994f1668fe92399116449c0c6ba883af9d302bb1e8329976ab3ef02fd4528f0459b8a65","ssdeep":"384:yEoBzU8piwZ40qTqFne/SA7+OBTJpVv/mQ:yJUhwa0gsFA7lJHGQ","tlshash":"8152dfdcf13cb52e9ebcbdb245c4093e8f80ba97643a86125ad0db771ed80c58612288","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.280176Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5093,"timings":{"blocked":5068,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117021820135.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117021820135.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 06:18:20 GMT\r\naccept-ranges: bytes\r\netag: \"05ed956abd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2975\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2975,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"4d22574f9c556fdd1158f744474fe544","sha1":"ee04c29f69467266457a9fc8bbf4628227e66768","sha256":"1871da1b391d0a76029e52855e971affe233f43153bf97f04383e540ddfc302c","sha512":"b36174b85f36a91e350a8807bd9bb6ddf2faf7feb2d81cc90b5e7291ec8ff0f3b0c65851d3d0d33680d1a2192c35b4f9a6976c6127dcebe3df5df21f4d4ab5fd","ssdeep":"","tlshash":"c3514ddcf4a57642f6ecf6651cd510706e931c809cd1e4d792c2c6a6d2a56b104af0cf","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.509009Z","times_seen":15,"resource_available":false,"data":null}},"time_used":958,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":958,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2017/0616/20170616092352670.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2017/0616/20170616092352670.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 10847\r\nConnection: keep-alive\r\nLast-Modified: Fri, 16 Jun 2017 01:23:52 GMT\r\nAccept-Ranges: bytes\r\nETag: \"ee19d0363fe6d21:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 15635\r\nX-Ser: i91500_c21609, i2103129_c28197, i1935955_c23471, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10847,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"5a0c1e70f72442c63e7a840d098ae791","sha1":"d767fff356e16b5a589854e2a130f9466a4318ad","sha256":"9d45642ae4e771ece5741c6ea08803c4fe8d16ff1a370e1e9b0159c90d268dde","sha512":"5db7d74b09a245cefb2aa1f444a40c0e346018c8ec4610056131439df98c23caa649899fcfeb382213fb79e355ae0b51bf10990eae40dbe819712b77fdc36bea","ssdeep":"192:c/D4YLnTqtOPIQMymWq4Hj28hloaW87eIoLFnFlItExKzH:cb4YjWtyx18628j/2XFlIweH","tlshash":"e022c0075058199a7c0bd57f2a45f6ab0ee821f5a48cd8c46b2ce85eedb5cf2078132e","first_seen":"2025-10-06T14:54:36.754534Z","last_seen":"2026-03-21T21:38:54.154305Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5494,"timings":{"blocked":5474,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0621/20230621041452780.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.000Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0621/20230621041452780.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 43747\r\nConnection: keep-alive\r\nLast-Modified: Wed, 21 Jun 2023 08:14:52 GMT\r\nAccept-Ranges: bytes\r\nETag: \"ea26a97418a4d91:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 195523\r\nX-Ser: i33625_c26321, i2103123_c28197, i1940263_c22409, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43747,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8c27ec4ba45673e8b2570447f2681b2b","sha1":"97df08bc93c328fe36964135208039e6416cfb1c","sha256":"eba7f97efd49f3e53da6a36de4a91a24a870b2b9931221f32c92dad417f9b6e9","sha512":"7d768d6806ebbad78199d4c83bc11109a970c37c51154480f33292397ae9cf9665a344afd574cd7d885a0a9b45531a91b7cea61d1b9d1314511465aaca1ea76c","ssdeep":"768:YR4YRJTcHiQ48dx0USPk71tC8ZAqiDZsJAYKPWYu+jP3RigxWmk9G:M4VBZQgC8SzmKez+LM+","tlshash":"4213029f4141297f6cff8b93c74b6c6a45b1bcd19eee94af8b6031a45e33b051004e29","first_seen":"2025-10-06T14:54:36.756941Z","last_seen":"2025-10-06T14:54:36.756941Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5622,"timings":{"blocked":5596,"dns":0,"connect":0,"send":0,"wait":22,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0316/20230316030744792.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0316/20230316030744792.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 41779\r\nConnection: keep-alive\r\nLast-Modified: Fri, 07 Feb 2025 08:26:46 GMT\r\nAccept-Ranges: bytes\r\nETag: \"febaea63a79db1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i8680_c18005, i2103143_c28197, i1935891_c23471, i1940231_c22759\r\nX-Cache: HIT from i1940231_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":41779,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"de50b344f1d557c72d3a004f40bc984a","sha1":"f0e2144dab68ca181b14da62be16a4ae6bed03d4","sha256":"b590d2a6fdb78dbfeb88e1b5f7d66483d441fbdaf33355ce001067f67407078c","sha512":"0e5f5c44d991ab8b6f3fa1ab5b1933b47968d5c91b6dd4aa65a360bec45440cd62c06af3ff66539e9e038af5d0a2243888e700f6646b48a31aee506eda040d16","ssdeep":"768:nXBnRC+I/N170Wx16qilbAK1bKA3f7HUVDKqAq8jHuuTpwRQ8AfPv7:XBx3+16vls6bKAjHkRD8jHJNIQVj","tlshash":"9d13f11b26371eb247b4f0aa4cdfb6ab70d1f681f9dcb83a5251959e3c085b104c95b3","first_seen":"2025-10-06T14:54:36.759725Z","last_seen":"2026-04-16T01:23:16.751781Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5712,"timings":{"blocked":5683,"dns":0,"connect":0,"send":0,"wait":23,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2015-7/2015724142743.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2015-7/2015724142743.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 21733\r\nConnection: keep-alive\r\nLast-Modified: Fri, 24 Jul 2015 06:27:43 GMT\r\nAccept-Ranges: bytes\r\nETag: \"2dde4d8d9c5d01:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i34706_c4672, i2103143_c28197, i1940245_c22409, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21733,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"018754a480256897868d6ce309d147b4","sha1":"d51d9417c326860e5436ef564313063f00c5c92b","sha256":"d45d6fd72aa572d7cc579650e9389354807c60deeea2e94dca5594a058659d4f","sha512":"ac3017ce355321c7a978f7b37a761825764a39d8064f3effbadac6b795feff7c821fbd8aa3ef085bee450b15d67949cc2b101e21479285d8bc1f3b49b9418af6","ssdeep":"384:mi5nVBya6GD277jGsi7eUAnRxn0OTdiCxczwkBL4Q00jxfqcqWAgzXZI8Dtp+i:/VByBoCjPiaUYEOZjuckeQ00jxycqKZv","tlshash":"bba2e1aa0c0d908080459acdae33c2468b750fa569c72d79c0f6d3bdb96db161727b8f","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:16.877675Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5777,"timings":{"blocked":5754,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0926/20250926020744333.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0926/20250926020744333.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 39527\r\nConnection: keep-alive\r\nLast-Modified: Fri, 26 Sep 2025 06:07:44 GMT\r\nAccept-Ranges: bytes\r\nETag: \"6d261e0ab2edc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 169081\r\nX-Ser: i34716_c4672, i2103119_c28197, i1935885_c23471, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39527,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"bfecda403c4fa68f85b23818ea67367f","sha1":"7a252c487a66f888b9f35a9c213cb255d61f87e3","sha256":"85de8a34978ef4e13ae44de4e92e6fd42139e98174c9eb83aed98566e50ebf7c","sha512":"421d313a052aabed09ea52e6ac8ad0772b2c82a22a9e82526c50fc7e0214948a16cc52456bfd30465504981841636c6ec0580075eab6ab0233b394e0d93ff752","ssdeep":"768:lt4KdKYhAz5z9BlVxB2hn/YbtjWzSy3yxlkYSWozMqsJYHjyttxLv:lHkZBVB6YRxl0vz4aHaxz","tlshash":"a103f17eaa1f8b45ba281d1a9e0f5d05748207e8775df9d8ba71fe77501280c317bc21","first_seen":"2025-10-06T14:54:36.764966Z","last_seen":"2025-10-06T14:54:36.764966Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5126,"timings":{"blocked":5089,"dns":0,"connect":0,"send":0,"wait":26,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012030041810.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012030041810.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:00:41 GMT\r\naccept-ranges: bytes\r\netag: \"807255de36bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3120\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3120,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"32b4064f927a0dbe5d7956db618c48b7","sha1":"e4829627e809c43f4e05c9b0eb85bb627bfeea4b","sha256":"340ff869207818f2812fbcad14b57707e6f90d7937ee2aedd4d3b97681034f94","sha512":"728b6db8799d5e90f07f015115544da2936439775a56ee11467e133cb971e05af031b8510411758e2deda8ba6adcef0031119aa2482021cdc82e45be61329e77","ssdeep":"","tlshash":"c4512b15b611bec0d89eeba50cd351c3b8bf69506736a410e4afd52319381fb70567ce","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:54.891547Z","times_seen":15,"resource_available":false,"data":null}},"time_used":773,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":773,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0718/20230718025054921.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0718/20230718025054921.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 36464\r\nConnection: keep-alive\r\nLast-Modified: Mon, 29 Sep 2025 03:16:06 GMT\r\nAccept-Ranges: bytes\r\nETag: \"366de664ef30dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 31800\r\nX-Ser: i93068_c22643, i2475923_c28821, i1940259_c22701, i1940231_c22759\r\nX-Cache: HIT from i1940231_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36464,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"a2d6182a5833f087fd861ce0ed8a646e","sha1":"3692132cb5e127858dcb82e2d28d7d63b8003c90","sha256":"2edb9af93a96daa68ae843b7e5df06a0e4723127cfc6b56d10766318d40b8a4e","sha512":"3a4bfed4d8788f6f33cf46f83834d3a6a436d217b22b2bd6cf0ef210577b1725e917ba71371ad7993bc49960584ac296d8dc7d976544f89dacf0eec9d931e868","ssdeep":"768:GHgngO3Y3LRLNiwWun+fJC4CxLi2jS0dWiE0wMm+9mN:GAgB3L53nnx7FPS0WIX9o","tlshash":"6df202e7c2d8eb1c019a5b88127b9db5f1fbf49b952433112f59015c91a6d0c9ea2ec2","first_seen":"2025-10-06T14:54:36.769725Z","last_seen":"2025-10-06T14:54:36.769725Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5549,"timings":{"blocked":5513,"dns":0,"connect":0,"send":0,"wait":30,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0525/20230525031931763.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0525/20230525031931763.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 41703\r\nConnection: keep-alive\r\nLast-Modified: Thu, 25 Apr 2024 07:51:33 GMT\r\nAccept-Ranges: bytes\r\nETag: \"f537e64e596da1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i92694_c22643, i2103127_c25795, i58862_c11118, i1940229_c22701, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":41703,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8c2f1c691dc6003051de25a7942156da","sha1":"8201277171fb1a21235ac5371e4a91b31e26d5f5","sha256":"1f7bca03bce831c21863bcba1cd37a6dfea9b77dcede790069ec49885f393126","sha512":"f4b9018f42ff2d5b93860900a4dd0420454634e51d380f81f87109872bb632f5a4062bf0da56b752a9b5b1f9dc8673dd5ace7158a52f7ecd9889dc8fb8318e12","ssdeep":"768:KZ97H5OyWUcpqmrbNSDUg2E4UFiaKBcwb4x5hPBzSBbg9p7qtL:KT7MickabNwF4UFiasNburBkM9Zq1","tlshash":"d213f136b0dc9d520cf05e6dfac2669ae5d4be2b5d88613ffde021b0198881989b7313","first_seen":"2025-01-03T05:17:31.604631Z","last_seen":"2026-04-16T01:23:16.658482Z","times_seen":4,"resource_available":false,"data":null}},"time_used":5696,"timings":{"blocked":5666,"dns":0,"connect":0,"send":0,"wait":24,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0711/20250711085505478.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0711/20250711085505478.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 28611\r\nConnection: keep-alive\r\nLast-Modified: Fri, 11 Jul 2025 00:55:05 GMT\r\nAccept-Ranges: bytes\r\nETag: \"4b82a470fef1db1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nX-Ser: i90768_c28777, i2103119_c28197, i1940233_c22701, i1940231_c22759\r\nX-Cache: HIT from i1940233_c22701(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28611,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"6368922a2b0a7a4b9b47bed3601c360d","sha1":"552a83c157e860b45770ad0663900aca42bf857e","sha256":"c25397747fb93eab32cabf304709da98f2ada6017cbe085deee7939f9214c3c7","sha512":"abad1da40590fbf7b6260f52bea7e8d58f274603c3b10228dfba37276718f63509c67c0c1997dbd373605c3ad2d5bc12617ab05974d114dd9bacd62f9d409110","ssdeep":"768:cxoyaCz4IHbSL3uvVnugxKKln0DSzHrtJXlm/Pt:c6yaCsI7SL3kVZoIpkPt","tlshash":"26d2f1aac578f09fce9455b148345e540ecfd34305622bafcac8d60a61dcec689bcda2","first_seen":"2025-10-06T14:54:36.774544Z","last_seen":"2025-10-06T14:54:36.774544Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5689,"timings":{"blocked":5634,"dns":0,"connect":0,"send":0,"wait":52,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/0527/20190527091238795.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/0527/20190527091238795.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 16717\r\nConnection: keep-alive\r\nLast-Modified: Mon, 27 May 2019 01:12:38 GMT\r\nAccept-Ranges: bytes\r\nETag: \"b115b462914d51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28820\r\nX-Ser: i33637_c26321, i2475911_c28821, i1940263_c22409, i1935945_c22759\r\nX-Cache: HIT from i1935945_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16717,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"faddac5551e248d57bc16bc3a163c0ac","sha1":"54028b4777e6e58e0b28c24a4c0ae38f8188f604","sha256":"bc43a681680298f14c0fa8be14f2cb6cfd6345558ab9abe4729d39bd7a364e4e","sha512":"4a628069c466806e6f4676390c4b94240fbdff429b538c2be5b5eb5d1f0515dfbf2ec1ac6c451432c0bf0fbc4a40b8cc607f2953f477ab720912b4fcceb7456b","ssdeep":"384:4EDe1Nz5pf5LYmdRPUH0dmKK02cM0Op7SfuGUPikxWRK:4Eqjf9JfPwT0hOBSfuGUdWg","tlshash":"d272d0cc53e58e54139d20918a62b4fb11bfe3efee946ef119d2152c19f347202ac4a6","first_seen":"2025-10-06T14:54:36.777136Z","last_seen":"2026-04-16T01:23:16.686387Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5723,"timings":{"blocked":5701,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0804/20220804052619335.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0804/20220804052619335.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 24439\r\nConnection: keep-alive\r\nLast-Modified: Thu, 04 Aug 2022 09:26:19 GMT\r\nAccept-Ranges: bytes\r\nETag: \"b991841e4a7d81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i25517_c12732, i2475927_c28821, i1940245_c22409, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24439,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"b0fd12a193e2bbffd49d0cd83f342113","sha1":"721e1b78777cb4e69d094f6035454ccb74b94ff5","sha256":"315f2bc31c7e58c0b9cf093b99f5eb17af9a476f5276bebd975a785998b4c16f","sha512":"e0a04d0116f78b105c62cf99aeadf650f54788d7c448a9ce4fcee19c91a6c668400e5c422ad7fc1387b3729de0a410957c4228412bca81997c58ebef56962301","ssdeep":"384:Iv2w/aOF+fA5rIU/+fKu0Yc/6oqpslpvJOvATSsZitqSY2vAgE0sDB1tWIKWI3d6:K/aOF+fAZuLtoqps3J+ATSqMlR4gDsqG","tlshash":"d9b2d0f63cf67e950446873d6935a1010c7e3d277b8831927d8b198e0caba2e8e163d6","first_seen":"2025-10-06T14:54:36.779676Z","last_seen":"2025-10-06T14:54:36.779676Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4995,"timings":{"blocked":4968,"dns":0,"connect":0,"send":0,"wait":24,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0615/202506151632061845921.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0615/202506151632061845921.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 20919\r\nConnection: keep-alive\r\nLast-Modified: Sun, 15 Jun 2025 08:32:06 GMT\r\nAccept-Ranges: bytes\r\nETag: \"88c21ffacfdddb1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i91252_c23533, i2103125_c28197, i1935859_c23471, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20919,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGB, non-interlaced","md5":"e31bdfbcb413b0d040d3c7c3bccf423c","sha1":"d98bcea96f0ba83fae9e4857d13d633c4d0d9b54","sha256":"c988afddf13bce92af2cab95574b25599c0481b120652829d3717430a01836da","sha512":"c1b109352cb0d9437225cc60ff2a50daff855e0e2a5ba92e117e03cd1fcc286ff98c19ada2c9fdcc48567222377d5ce9f06556a4ca4f9702a0f4dc77887c723a","ssdeep":"384:oQGvkvFzlbELJvT+cUvtkpAg9NUl9hOS4xh3EZ+SFJAuxLsn2FNskb+:oavFzw0vtSAgQFOf8ZzF+ue6N+","tlshash":"a192d1ff71b6139fd2d58557b2eba402499520e0093f117e932afbb8f2693952c432e1","first_seen":"2025-10-06T14:54:36.782164Z","last_seen":"2026-03-04T05:46:55.327803Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5643,"timings":{"blocked":5621,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2016/0722/20160722093515739.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2016/0722/20160722093515739.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 17412\r\nConnection: keep-alive\r\nLast-Modified: Fri, 22 Jul 2016 01:35:15 GMT\r\nAccept-Ranges: bytes\r\nETag: \"7eb74cb9e3d11:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i92782_c22643, i2103119_c28197, i1940263_c22409, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17412,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"0f4fe6cca04a7721e66206248e863553","sha1":"bbb6314801ab48fd8a21563109968ba4c91635fa","sha256":"569b760067c0d52143beca901c3b15e328ab701637b9d414274e972bcfa0a68c","sha512":"8c6592d7b7faf58d92f313d748fdddff92c9f59d76bbc3ed73cb7a03990a55851915523624a555463c70985fc2f408aeb4d45ca5303de264e29c4c44614ce9b2","ssdeep":"192:qeX8sDDeYZBpvXEciiuuxFPgArrKF3XJG17DmRq9exdNUHYpnYNzVrw3XBg1V6SV:3XDDPXp8GXfapE3Qq9wzgGwkXuX5","tlshash":"5c72e08ed09060859c647889c0e900a5f82b6a725856e4e1b5ce79de273cab730ffccc","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:16.90864Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5769,"timings":{"blocked":5746,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2017/0316/20170316012756773.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2017/0316/20170316012756773.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 5578\r\nConnection: keep-alive\r\nLast-Modified: Thu, 16 Mar 2017 05:27:56 GMT\r\nAccept-Ranges: bytes\r\nETag: \"526a511169ed21:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i37210_c28455, i2103121_c28197, i1940263_c22409, i1940231_c22759\r\nX-Cache: HIT from i1940231_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5578,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"3fef6da00c2e88561718255676727f63","sha1":"84815c2dc0d57a5f58b5fc2bffdd9146ab69d9de","sha256":"8f75aaa391b93daa58708279f84c9743d84e3d7c3aed0732b92b9dc6ef7d4601","sha512":"51ae45cd9680aaa33a061806e961a22599b39058534b8a2b839d5ae8c6225b99bd17751e554f02bb6a328cbe7800193be75231a0bdb38e8df6cc29a3b8d914fd","ssdeep":"96:DnWfe3c5yHK/0uBsq6LFSo4gAStqDS/n7XftzDZwgJolJ1xDmEtIovS+:jIJ5N/0gsqWSSpDXftzVwPJ1JmC1a+","tlshash":"84b18e891cde888f7537d7c3b833cd43b89402798421788939118ee69027b99d2b39db","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:16.685327Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5786,"timings":{"blocked":5765,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/0615/20190615043806848.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/0615/20190615043806848.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 9588\r\nConnection: keep-alive\r\nLast-Modified: Sat, 15 Jun 2019 08:38:06 GMT\r\nAccept-Ranges: bytes\r\nETag: \"68eb2da75523d51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: BC54_dx-lt-yd-jiangsu-lianyungang-14-cache-6, BC204_lt-obgp-fujian-xiamen-33-cache-2, BC132_IT-Lombardia-Milan-1-cache-1, i1940265_c22701, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9588,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"9ee78e8c9aa116b18962d895d7eb6ab3","sha1":"46d20b7048aee5d6a23303493cb53c926ad14da0","sha256":"3d07bf4fc6cbbeeb28d6729e8bd30a0e026cf7630ef6d63ab22a0d22eebafc0d","sha512":"619b800332b7ccc41b3adf9ceadf7b02dafe53bd3eb867adf25bcf14b16c7e15555fbb77d007f133004026654c7b8fe20497ad30eda0168b93c06a4b20028879","ssdeep":"192:ShrJr2mEzDNoUwJZxoheA6gCwYmTF/Pck3+Efcky0G:ShrJV+DN8LdeCwNR/EkOemh","tlshash":"eb12bfd11680e414556c4b7ff956e4d67e87f6ace1a8b563c9f938a4b09d0ec803353c","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-03-04T05:46:55.362629Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5812,"timings":{"blocked":5792,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/cui.js?1","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/cui.js?1 HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 11 Dec 2024 08:30:19 GMT\r\naccept-ranges: bytes\r\netag: \"801f66e9a64bdb1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2845\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12052,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"43a560ac53ace0805b7652a20cf07492","sha1":"08f68a3fbfc3edf2e709d43a6c52f72aec1e422b","sha256":"1dc81993059aff51337b54d00ce5cd945bc384338bd6e92dd9e1dcb84bbf2335","sha512":"55ec9ac2946e74d80216f5b4757db95a7719c68fb10d1ec13833801e51b1f529bf25645e2f4824e146399e2abb0390214cfe8690b15149464f90a9f96559e9d1","ssdeep":"192:H/lWcbKvtjuJ7H4zxzxxzxxxzxxxxFxxxxxFxxxxx+4x4xx4xxx4xxxx4xxxxxK3:H/lWRFck0WI","tlshash":"c242341cb22c1eb452bf15ae6b2dd4d4dd1a0427524cb703f4bd096a2ff4448ba369eb","first_seen":"2025-01-03T05:17:31.731952Z","last_seen":"2026-04-16T01:23:16.763369Z","times_seen":12,"resource_available":true,"data":null}},"time_used":949,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":949,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/0610/20190610045009275.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/0610/20190610045009275.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 9601\r\nConnection: keep-alive\r\nLast-Modified: Mon, 10 Jun 2019 08:50:09 GMT\r\nAccept-Ranges: bytes\r\nETag: \"87b07a82691fd51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 187662\r\nX-Ser: i91084_c23533, i2103141_c28197, i1935885_c23471, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9601,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"b051074b14a72c98a38d57d80489a873","sha1":"14e4bb1470ff59c50660077d3b514a7e7fe4d37b","sha256":"6a71c4ac5428dcd84999166e3d21addab439f6f80e7ed84719d7987ebbf04863","sha512":"0881ecafc0fd3eca31e27163edb5931e6367db5e8a79b7eb7dcef2b1c421e91b6ff74076ba0714dca0d100eb7ae7dd7aa5cd24fcdf59b6fade3a2e2bedf77c26","ssdeep":"192:2fPbQbG5jy3fOrT/DN/q6neECB43NZOdzfCER6dwt9rYzWHq12i:2fPbxG34zDNtng43NOK8dt5CWg","tlshash":"68129eff0243a4b1656317f646e8021927300deb7b548e7b1c56156e6ccc6ac3de3a36","first_seen":"2025-10-06T14:54:36.794464Z","last_seen":"2026-03-04T05:46:55.070355Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5573,"timings":{"blocked":5553,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012022501426.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012022501426.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:25:01 GMT\r\naccept-ranges: bytes\r\netag: \"805ccbe231bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2319\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2319,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"dff3f2ae6a8794b6b5ea58b1017cbe1e","sha1":"161696b09c6ae6868e22f4172167b17f1630ff32","sha256":"cd2b0de504e20e656a3919c61fe8bfae0af0f22dd2411fc93a01a9a7ee57759c","sha512":"4a67ea235c06ee0cb4a26fe4ff86d5408e785587f357f9fc4764aecbbbc1fbc49a0e60fd5e03f51325047c6e36a2afedf31c4dd11adad33f40480f1151a1f564","ssdeep":"","tlshash":"ac41195eff922a43b16cd23100fa5253a43355c5ca905c79a65a857f0e704718dea0ee","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.139286Z","times_seen":15,"resource_available":false,"data":null}},"time_used":853,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":853,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012033445201.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012033445201.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:34:45 GMT\r\naccept-ranges: bytes\r\netag: \"8018a7a03bbfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3421\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3421,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"98633d832508df083e497419b380d8b6","sha1":"8d38ec920707ba3778a3b5d34644a40d13405741","sha256":"f55d93f8893c1e6e39ca68b0d964d34253e19401cdcb549c0c5e9c95c29d6de4","sha512":"5b41c360ce851669555aa7bda12418a98d0205866d6dd5703a7a00f1a680de62669f81f511a781b74564e055f18160ba245090321d41b063f774b39bd30763b2","ssdeep":"","tlshash":"1d612a4ae4037ea16e8cf1568cef912a45272980c7c4e76ebac648123db58f6c6205d9","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.127393Z","times_seen":15,"resource_available":false,"data":null}},"time_used":844,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":844,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117034830738.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117034830738.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 07:48:30 GMT\r\naccept-ranges: bytes\r\netag: \"0db759e76bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 3443\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3443,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"c0b1d41df7278d60d338596dcc000713","sha1":"711ad9f92f597633619694f42381df99a969c0ca","sha256":"ebb72d578c3ad19ecbded62e66d10aa75d5a3a8dd638d267e3ecb641ffbf7b0b","sha512":"ff6767402db0092a89366a82cb7eec30f5d01bb2acc114206ba979aa342e7bc90b8d66ee35d566c8d7cdaaa7607011f8ded0f2d25e1b269a3375da2e0b02f3f7","ssdeep":"","tlshash":"f2616e0af502f540b226d65e2cf6106d24060db862b4dca996dfc84b31a4da8d8d4dd7","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.053792Z","times_seen":15,"resource_available":false,"data":null}},"time_used":859,"timings":{"blocked":366,"dns":0,"connect":0,"send":0,"wait":493,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/0815/202408151754051366739.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/0815/202408151754051366739.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 19583\r\nConnection: keep-alive\r\nLast-Modified: Thu, 15 Aug 2024 09:54:05 GMT\r\nAccept-Ranges: bytes\r\nETag: \"42997710f9eeda1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i91654_c21609, i2475941_c28821, i1935885_c23471, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19583,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGB, non-interlaced","md5":"c64f9ce311b5301c90ec832e113fdf40","sha1":"b6b8b32d490b7e4e13f8acd1997b3f9f59067c77","sha256":"09876c70d18999f053f9f15e1ee0c0d386a9c25e15a68a4156f92b37fec913f9","sha512":"28084c158eebfcf6c08994e945aaf441a7551e588eee130d1802a367729d01118fe10a3aecacdeabf3dbb094165d3a4bcfd0de3a5ce76c6824c2141510e67bf0","ssdeep":"384:oKYrpE0B5HZa7EYtqhwXfg1qZKMeZ62b1au9Mtb/Cm7o0rwFJlPV9ya00:oKEBVZa7ztiwXcQ2b1afrGrVg4","tlshash":"9792e057afded24a7603a1a06524e808b931ccf7dda0a4176837fdd94f2a07b443d896","first_seen":"2025-10-06T14:54:36.8021Z","last_seen":"2025-10-06T14:54:36.8021Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5547,"timings":{"blocked":5524,"dns":0,"connect":0,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0408/202504081532240542890.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.000Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0408/202504081532240542890.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 30827\r\nConnection: keep-alive\r\nLast-Modified: Tue, 08 Apr 2025 07:32:24 GMT\r\nAccept-Ranges: bytes\r\nETag: \"4b3deb5e58a8db1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 119315\r\nX-Ser: i90978_c21609, i62120_c26647, i58862_c11118, i1940265_c22701, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30827,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGB, non-interlaced","md5":"eb978c89f6e2cf259e83518da04a041d","sha1":"f97b6eb8a8c021b1e58bae0a78ccb63f1a237844","sha256":"97e402df923964acd7302c1260f0ef75e8a29fe8359b807726d97fff03109b70","sha512":"fdcb4da960b13c460c588aca16fddf110ec855ab97fe5dcd601453a71562037b002784aef3a7d2e1bb0a0c6ef72729aa498e728d59abe7039991d13936211b7f","ssdeep":"384:os2D2HUeOTYwzKMi0WoNWGdSsYICRLOcpqO+Imoq/xUvyU6BaXizlrGVp2lw+VFY:o3Te4YwzK0WydStIqOQ+0GxUv16uGYtV","tlshash":"e6d2e1056fc01952ea430ea608ed89299c60ee1d4edb13b8db55df2e935c39d45e0c3f","first_seen":"2025-10-06T14:54:36.804017Z","last_seen":"2026-03-04T05:46:54.984187Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5619,"timings":{"blocked":5593,"dns":0,"connect":0,"send":0,"wait":23,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0426/20230426100534267.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0426/20230426100534267.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 42857\r\nConnection: keep-alive\r\nLast-Modified: Wed, 26 Apr 2023 02:05:34 GMT\r\nAccept-Ranges: bytes\r\nETag: \"cafef095e377d91:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i34714_c4672, i2103141_c28197, i1935879_c23471, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42857,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"792cdee38268b62c4304821f139bbd4d","sha1":"769647178c0b841eda5fdb4859a9eb63fd026e76","sha256":"64ceba435a012da2ca120e90ed49605e64a5ed45b549ed29dde4efc306e13fed","sha512":"74d9203d9c187758f0925d7fe7bc99d245bb4abf8dfdbcc8fb321b04cf6106e1b81b8bf8731ddcd90cdc3322f623c71649f0253983e77b12f53670eed38c4de2","ssdeep":"768:zjwfnpxXOh0U0ASru8EDPWSnDFQ+xhzAi8jO1awwvuYF7YNf86ZZvmrVq+gyI9Ao:YfLOhL0AIuLnDC+3QjQw2XZOm9x","tlshash":"c413f1b7ceec5160820d68583c1a28899c0aed4795f0a5ee2cdbf4cb8b963d476204df","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:17.001987Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5709,"timings":{"blocked":5683,"dns":0,"connect":0,"send":0,"wait":22,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2015/1006/20151006083650945.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2015/1006/20151006083650945.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 23359\r\nConnection: keep-alive\r\nLast-Modified: Tue, 06 Oct 2015 00:36:50 GMT\r\nAccept-Ranges: bytes\r\nETag: \"763a1217cfffd01:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 38701\r\nX-Ser: i92434_c21609, i2475937_c28821, i1940245_c22409, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23359,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"22fdd57880a26a8c1e29b501ce10d39b","sha1":"c212da5e408df45f900896087ae402dff63bdd71","sha256":"dfb366a2c48ffbd6dd3244bb45791008451f8e131422bbddfaa04e66f56ddfc3","sha512":"55461cb34a4dc5955d99fdb4e35201dc8585f4ed7ece9595b9c663631707a25e7710bb6cfbb06c63cf4cea4728ddff02e27a9dbb05eb4ff27b81c978ac13d917","ssdeep":"384:yYiMYGu2LqF1szY807ynXqdgUvGqhVLzWZlFUL/bRhblXeJ4w9MfV9sANl:yYHubF1QYr7EqdfhVzWbur1r+4iEsc","tlshash":"8ea2e119f83854cadc3c5d4d81e158275a88a2a56ff47552cb2e77ce3001ff97a98c4c","first_seen":"2025-10-06T14:54:36.808165Z","last_seen":"2025-10-06T14:54:36.808165Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5202,"timings":{"blocked":5170,"dns":0,"connect":0,"send":0,"wait":30,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117043755625.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117043755625.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 08:37:55 GMT\r\naccept-ranges: bytes\r\netag: \"80f3bc857dbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 2606\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2606,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"5577bc20bf5e9806209a5fe11d3a631c","sha1":"48fe02af980dfb707f4a8f816d864df0e7e8b946","sha256":"8ed9661a98e3224854d1064cb8140dfb210290447d6d8eb8dbc66d342639ea82","sha512":"a58ad36956cfa31c70c93ea057e833b3ec13f453e01745b169d134b8400c93935e50f626aa8a45867a5a5908fcc7faa5c9b7b9e85b8e5df84118051a68c56d29","ssdeep":"","tlshash":"ea512b5cda40f8425d0e969218772023e4560550b5b8ac236acba62659f8ff5c12edd2","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.219223Z","times_seen":15,"resource_available":false,"data":null}},"time_used":869,"timings":{"blocked":550,"dns":0,"connect":0,"send":0,"wait":319,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0702/20250702074839771.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0702/20250702074839771.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 6656\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jul 2025 23:48:39 GMT\r\nAccept-Ranges: bytes\r\nETag: \"71576eabe2eadb1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 55804\r\nX-Ser: i91204_c28777, i2475919_c28821, i1940259_c22701, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6656,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"57f69491344eea81dffb4c1126cc42f4","sha1":"4a36b52292ff2c91b95bc3a16759f5c1bc02a181","sha256":"6185e14789de393ac44f8b1ba090c78782d4c8eea83047f473acda01d05fa850","sha512":"e6defbedc9c808f167af92d9e260ce6d8534caab891223fc2ad254b7fcc41f62d4d757e7de0728ed03fb59560406c6fee5b2279af911d39d49c622c0431f4a9b","ssdeep":"96:xpbN1paIAHMlEVeUyLBFHreM+wnW9KbKYZ/u6R/D/4WILtv83JC0H0c:3H4hslEwUaPfxbM6R/cpx85p0c","tlshash":"1ed19f245f205272d6e38ba1ed8d61d324e1f000761fb52a6eeb05579703740aced8f2","first_seen":"2025-10-06T14:54:36.811233Z","last_seen":"2025-10-06T14:54:36.811233Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4955,"timings":{"blocked":4934,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/0203/20190203034448939.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/0203/20190203034448939.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 13072\r\nConnection: keep-alive\r\nLast-Modified: Sun, 03 Feb 2019 07:44:48 GMT\r\nAccept-Ranges: bytes\r\nETag: \"406a835694bbd41:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i19049_c6956, i2103143_c28197, i1940237_c22409, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13072,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"5dca7b0105527fbeff5d961422f8a8a4","sha1":"b86264d9c72c8a6d438d7e8e777e3d8df23a07e2","sha256":"9eb49dea0ab9498d88b6cae5d5be4902dd171da34964ebcb04d8474ae94fbc8e","sha512":"9562c7ef7a2d771b93eaeb8aad3a7b7c7f3d9d1d9979261aefa374b0b73f7b8e871a35d2d5402806271e80233885a04503491cd945f179c1f3c77b22c92710f3","ssdeep":"384:DugwuC0YuFtuUz6VMzQOfKNlRN0cH7bzlCxIarl:DdwYYuFtZGMzfQRNdH7b6J","tlshash":"2f42c07fa3a5c3ad668988e2250137355f172de4401ce2e5d91f0847063dfeb1ca5d6b","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:16.713843Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5793,"timings":{"blocked":5772,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0605/20230605022732949.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0605/20230605022732949.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 38552\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jul 2025 06:16:37 GMT\r\nAccept-Ranges: bytes\r\nETag: \"e88eb3b34feadb1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28818\r\nX-Ser: i33677_c26321, i2103141_c28197, i1940263_c22409, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38552,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"6c3dfa460dc8b2c3789ad75d726f33c9","sha1":"93574b47b8c8e60f2db86d1a86c0fb9d33a87c7a","sha256":"3bb34662eb88c7b06e15600c5d0911290e5a1c5e2432ba213bc39ab87bab0228","sha512":"d9905b499857b9d561ce2161d89be7073293adf4990ff75555fc9be3a17d13b77e713289edb816d62e37a41a98790dc21429e095e1b0eac1ef96faaceb04d64a","ssdeep":"768:cDQDUI2RhdxgkdD2S9S3XLd4L2qrkOZ4n3DBuXtOzmGiaZM4K/9h:cGU1Ck52EQLy2okOqz0XtamGGTh","tlshash":"a503f1f5a14222139f38e2b5dbb50721a0fa4badf163f4e512707917f2a9b6e5261007","first_seen":"2025-10-01T17:02:32.787981Z","last_seen":"2025-10-06T14:54:36.815305Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5140,"timings":{"blocked":5095,"dns":0,"connect":0,"send":0,"wait":33,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/1005/20251005015432221.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/1005/20251005015432221.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 11669\r\nConnection: keep-alive\r\nLast-Modified: Sun, 05 Oct 2025 05:54:32 GMT\r\nAccept-Ranges: bytes\r\nETag: \"5d52b685bc35dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28817\r\nX-Ser: i90768_c28777, i2475911_c28821, i1940233_c22701, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11669,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"84eb7411b99c21db0e02525da659630a","sha1":"0a1f2ddc81c12b2c8bea7b43fc96903c29e4e32b","sha256":"02667b4fa4692915db014de5385d715db2d79c700dd794567c92a07b57114cd2","sha512":"757aa1b33ccfc0a757f31be203216f69059067b5f8d99b890694820fb0fe03ad520ab1eac8baac5d47a7be95d6aee547e95582b40fe10e7d117398160d6f7803","ssdeep":"192:/IV0SOx9FmM9+zjDAzR/Jnh4+tLbnRgM8F9gTFM1iEgryLrjanXwpWMJ1U:/IV0SNL4zR/xhRL7RViyjcJjQ","tlshash":"4c32bf23721eedb1ac8eb40e41d332925c7df178bd7b18725c36b7587016028974e85c","first_seen":"2025-10-06T14:54:36.817128Z","last_seen":"2025-10-06T14:54:36.817128Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5192,"timings":{"blocked":5170,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/1005/20251005014628863.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/1005/20251005014628863.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 11503\r\nConnection: keep-alive\r\nLast-Modified: Sun, 05 Oct 2025 05:46:28 GMT\r\nAccept-Ranges: bytes\r\nETag: \"a6683a65bb35dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28817\r\nX-Ser: i33599_c26321, i2475911_c28821, i1940251_c22701, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11503,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"807413ba38cdcc21cfbcb89828d64052","sha1":"fee52636f95ab6585e98276127d541a98b06ce26","sha256":"325e646eddd0c26e3bf9ae0739a5653e028c23eb1213c4aab23992611a1d70b1","sha512":"b40ec02015cf009aa29915ef922bb6306b22196099d405f02d52e29ec7236958634a60dc1f4d79ec2dc33c70e137166231c5ad30d4b1aec281eec968a1eea8d6","ssdeep":"192:ptbQw1w/3dbZ5Ahb5t6EzUDAbc0bduEg4Q3MuKNodZc4ncUss3vvqCXNhqCeoV9:pVY/N9674DAbJIkQ8ZNuy4tFHTNECeS9","tlshash":"8d32b013e8e44b690bfeb6f2557f7810f560010267a53e25f74c789af505e1c2bbc85a","first_seen":"2025-10-06T14:54:36.818845Z","last_seen":"2025-10-06T14:54:36.818845Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5194,"timings":{"blocked":5171,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0329/20250329091645428.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0329/20250329091645428.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 44393\r\nConnection: keep-alive\r\nLast-Modified: Sat, 29 Mar 2025 01:16:45 GMT\r\nAccept-Ranges: bytes\r\nETag: \"8cd5d63c48a0db1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nX-Ser: i37654_c26321, i2475937_c28821, i1935955_c23471, i1935869_c22759\r\nX-Cache: HIT from i1935955_c23471(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44393,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"43dad6505d7b03f1ce610d86fd475592","sha1":"0177b879183d296236f705fc67ad36dec4f82e52","sha256":"301f9599d64d848c8122804a0bf0ca4a70b19b1eb260ee724211820909d47e2c","sha512":"17e5908bcabb0403a05f5c32e90c18dfb000478f47be21820e735753f09e00c92f1ca8993f6e39cb3ba01d7ec90a2c14d126e732f0c54d027c12eb3430f00d9b","ssdeep":"768:RzRlUGLD1eHsG32JkbD2g4Gx6odermse92oJWOC6CgOHmOwX+G/3I46wOq:SoDpG32Jkv286e7J92pL6MV+79","tlshash":"8313f1667d6f4a092210aa356cd709d29a370b6a9c8f069dd1735bcf08f542471e1db3","first_seen":"2024-05-20T23:08:39Z","last_seen":"2025-10-06T14:54:36.220754Z","times_seen":14,"resource_available":false,"data":null}},"time_used":5513,"timings":{"blocked":5459,"dns":0,"connect":0,"send":0,"wait":47,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0930/20250930084220702.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0930/20250930084220702.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 36377\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Sep 2025 00:42:20 GMT\r\nAccept-Ranges: bytes\r\nETag: \"a79c8414a331dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28818\r\nX-Ser: i64214_c23533, i2103123_c28197, i1935953_c23471, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36377,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"f13da14de6190822ed1148acd72d55e2","sha1":"b97d5ea2ea65875488c12f283795c705ec6be0dd","sha256":"17f3b0fa02b9496e7fc2916fe8a03f443fdad4b222f0cde19c292008af777089","sha512":"bc3f7213262390f3cf99f1bf0b24c4a0f936518bd24913c2e8cc4bc515b7c67832bff7c6e9227f124c578eee25e2c0a85191301b2d2d2728e7214673d74501e1","ssdeep":"768:fHwvfudrofFj1FjonVQAC6//j8NATAqSMXuKXzuH4Cpl:fgkwOnv7/oqTdXuKqj","tlshash":"96f2f182a99029d9bb5d1f7ccce98d4013d64f8eb4470c2b3c0132a6a75de8ad3ef655","first_seen":"2025-10-06T14:54:36.820932Z","last_seen":"2025-10-06T14:54:36.820932Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5620,"timings":{"blocked":5592,"dns":0,"connect":0,"send":0,"wait":23,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012023738603.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012023738603.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:37:38 GMT\r\naccept-ranges: bytes\r\netag: \"0650a633bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3522\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3522,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"6b02abc53b292e2054ae77a0c35fc2c4","sha1":"13be49005f11712631216ccee34d9bc588df44f8","sha256":"5997fdaedc694c97ab34a647af552a5c2e31b547d595988680bad68ee7d3cd42","sha512":"bd7046792dc1cc28a02a8406fe4a2ac8e5b5dc412eb8b2ecf9308e73b72dd8670a1d51e10b7045f8f2c6ad110f9c396997ea17bd117f174ef0c3c92391c3567d","ssdeep":"","tlshash":"c6715d85c5812202a5acf69334eb60334af71680398bcb787ccdcd22152b0f10f5e5db","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.271479Z","times_seen":15,"resource_available":false,"data":null}},"time_used":697,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":697,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0111/20200111011242254.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.971Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0111/20200111011242254.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 5425\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Jan 2020 05:12:42 GMT\r\nAccept-Ranges: bytes\r\nETag: \"3b1bacc03dc8d51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 31799\r\nX-Ser: i31227_c6956, i2475919_c28821, i1935953_c23471, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5425,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"060b4411f6258827cbb444f8d742c393","sha1":"26993d52945f5d0189c755d5af8b07c0e137d5ff","sha256":"f99d8f05d0195e7d180850a522170739d710719a2d76b88b68718f4856cd8949","sha512":"c48f14cca64d1ec25f66c2b035b9610f349146f40bee9fda44a5c802d97c96fb1105f318b87136d1fe8b1a12988a2d5867cee473f381ce518a3b681f745a0ca6","ssdeep":"96:wGI6h1cBgzULmzZimdcpPx2h2QIc4dRHW8yqUF/2AMP/n3ML9WH/MTfUiLxX17:w9LBgz1i72hpGHF+R2AMXnQTTfVl7","tlshash":"19b17e8e0b2641b1026dc0eb93d8ca7d4e2447c5de15a37e6e6a5ef1f9343d67623d08","first_seen":"2025-10-06T14:54:36.825397Z","last_seen":"2025-10-06T14:54:36.825397Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4970,"timings":{"blocked":4950,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2018/0330/20180330105801861.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.011Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2018/0330/20180330105801861.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 39987\r\nConnection: keep-alive\r\nLast-Modified: Fri, 30 Mar 2018 02:58:01 GMT\r\nAccept-Ranges: bytes\r\nETag: \"d1c752ead2c7d31:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: BC32_dx-lt-yd-shandong-jinan-24-cache-3, BC199_lt-obgp-fujian-xiamen-33-cache-1, BC132_IT-Lombardia-Milan-1-cache-1, i1940233_c22701, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39987,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"c6efc3a6aee2a88b9d5f0b00a64187fa","sha1":"8466d860f9ea036546c2c83b357b4364c5d7e852","sha256":"b4782cf8c3625a2279c1393b95f866cff71df4ce528e1a479a0bbfc335adc4b5","sha512":"3d8adf522f8b723e441fd514aaa4704fdb339ff8c6e93c104e531164941aad05d32ada37338e861eba35171e8a1ce65ed9ae662345209504c5d90a6c3f20d0f5","ssdeep":"768:Ybudjok616iLt73e9YbC2pclqBh7ZoSm//7n51lOTzIwHO+nqjfyp4yacU:YkoJLtje9H2pclqBUSw/7nn8T6vKeyaJ","tlshash":"3003f1149ee13bc6cb95efb6f3e03e3871b84dc360e19417a31629a45be92d354259f0","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:16.942559Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5678,"timings":{"blocked":5650,"dns":0,"connect":0,"send":0,"wait":23,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/uaredirect.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/uaredirect.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 23 Mar 2024 05:12:49 GMT\r\naccept-ranges: bytes\r\netag: \"805e9bbfe07cda1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 666\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":974,"size_decoded":0,"mime_type":"application/javascript","magic":"C source, ASCII text, with very long lines (974), with no line terminators","md5":"a2b8d1f604c569b1e001eb520c8a853f","sha1":"a57b1a042290fa42501368ee46bd112289b2cdd9","sha256":"81cbd7692ae8a9ec6597fe5c8f64dde6ddc700524a159b7cbc52c4e0f2ad4480","sha512":"87400445979f78356d373f87ec555d8449b5ddd058a1f03b58fa66bc5927751531c063966dc77f2bfa067d0a5f00f03ea8d24f2964f54f65faca48e0d0cfbfcc","ssdeep":"","tlshash":"8d11c2c7218156621ee22c25f1bf63929977d8d71d0dd069c154d861302598fed37f48","first_seen":"2024-05-20T23:08:36Z","last_seen":"2026-03-26T10:00:03.832455Z","times_seen":20,"resource_available":true,"data":null}},"time_used":913,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":913,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/1005/20251005081222510.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/1005/20251005081222510.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 7336\r\nConnection: keep-alive\r\nLast-Modified: Sun, 05 Oct 2025 00:12:22 GMT\r\nAccept-Ranges: bytes\r\nETag: \"bbc6c1b88c35dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28817\r\nX-Ser: i34692_c4672, i2103143_c28197, i1940255_c22409, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7336,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"ceb60b5c63a5a5c5c7d51b6bab8abe52","sha1":"dceb127e0304894205ae67aec02268247b03de0f","sha256":"3c34f3298fff056e61577ca076ed4f132ce0cd0a4c219845f6305a35ec1c55d0","sha512":"bd3c0886e32c80b9d4c2f12bfcc054b1bae4e4defab10c369405287b8739808348b15819b93bffaf85f988bf8f2bd96a640f1a8aa35119867ddc6eab6b8b24b8","ssdeep":"192:Qw7UdhT0QGycwbpadkftpi0IbZeawklIq:Qw7sT3b7pjKfLf","tlshash":"d9e18d82e5d4a8f582e15375f7a8854e38f6fe26d6e203ec01468d05ff14e1c29e722a","first_seen":"2025-10-06T14:54:36.832693Z","last_seen":"2025-10-06T14:54:36.832693Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5211,"timings":{"blocked":5190,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0329/20250329092829571.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0329/20250329092829571.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 44393\r\nConnection: keep-alive\r\nLast-Modified: Sat, 29 Mar 2025 01:28:29 GMT\r\nAccept-Ranges: bytes\r\nETag: \"68b78e049a0db1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 1146\r\nX-Ser: i33677_c26321, i2475919_c28821, i1940277_c22409, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44393,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"43dad6505d7b03f1ce610d86fd475592","sha1":"0177b879183d296236f705fc67ad36dec4f82e52","sha256":"301f9599d64d848c8122804a0bf0ca4a70b19b1eb260ee724211820909d47e2c","sha512":"17e5908bcabb0403a05f5c32e90c18dfb000478f47be21820e735753f09e00c92f1ca8993f6e39cb3ba01d7ec90a2c14d126e732f0c54d027c12eb3430f00d9b","ssdeep":"768:RzRlUGLD1eHsG32JkbD2g4Gx6odermse92oJWOC6CgOHmOwX+G/3I46wOq:SoDpG32Jkv286e7J92pL6MV+79","tlshash":"8313f1667d6f4a092210aa356cd709d29a370b6a9c8f069dd1735bcf08f542471e1db3","first_seen":"2024-05-20T23:08:39Z","last_seen":"2025-10-06T14:54:36.220754Z","times_seen":14,"resource_available":false,"data":null}},"time_used":5503,"timings":{"blocked":5472,"dns":0,"connect":0,"send":0,"wait":24,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117031628443.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117031628443.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 07:16:28 GMT\r\naccept-ranges: bytes\r\netag: \"0eedb2472bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 2423\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2423,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"fa983c11e00fd83a8cce9fb2ea0e8209","sha1":"4a24772ab7de41d261fb1b67cdea28e2ba9da43f","sha256":"311586fc58d53e79e5cf1f592b8a390c246d76137ef9cdf8f4929b9cdee560de","sha512":"46f507de6d0b62335bcbc84b329ee8306fa4229bb5448d89e3c2041cc40046a7ec7f043575db13963103f3302f7b6660fbf9f1d4d6ba8d9f62914eebc1d6488a","ssdeep":"","tlshash":"34410ad86d41628113dfba8d0cdfb43bdf261c80b1c894ea5ace943615342f5a52a1ef","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.377758Z","times_seen":15,"resource_available":false,"data":null}},"time_used":869,"timings":{"blocked":373,"dns":0,"connect":0,"send":0,"wait":496,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117041951369.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117041951369.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 08:19:51 GMT\r\naccept-ranges: bytes\r\netag: \"80ad9fff7abd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 2905\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2905,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"edc01366f7f2bf87faefb1c295b3cac9","sha1":"2208f69be932406f07d4b5cc58faf49d67738c43","sha256":"78ad5b2ba2d8e1bd91c80559cdc445f4072990fea5b4cb7bb0e9b2f3a258c04d","sha512":"b508300c2f5a56b521a7733d4f3f9da6542762f26a15b97a01fb29bffeebcbb9b9dcb60800f3fc2df927d4ade421a8d2358e387ab06a6dbc1af282f4409dd644","ssdeep":"","tlshash":"e3510b5ff80c6e4229abd49235f20c278e7251851ab2b4b9778dc15a40227f694a87eb","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:55.605865Z","times_seen":15,"resource_available":false,"data":null}},"time_used":865,"timings":{"blocked":517,"dns":0,"connect":0,"send":0,"wait":348,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0729/20230729015520106.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0729/20230729015520106.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 12360\r\nConnection: keep-alive\r\nLast-Modified: Sat, 29 Jul 2023 05:55:20 GMT\r\nAccept-Ranges: bytes\r\nETag: \"7ef4d42e1c1d91:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i34704_c4672, i2260953_c27847, i1940265_c22701, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12360,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"f2bff4503ad6912f9b4c49b236a87f2e","sha1":"92cc44d9f4d0bdfbdd6ab1be4fa8530ccb537d43","sha256":"aa48bce0cebe477c85a93ffc3c9415f6672f71432caa25b9c2e7e190f00a2ace","sha512":"2e9afb7d3acfb01d990a1799b966e75e2791d5e3f3bd7c6125fab964316960d8392463c7c558a743ea86bfb8e4bf922fd2871fb3231939fd803ed596922a0f79","ssdeep":"192:bpaOAkcrdmwkcwClI6opa55I2YwZoLBbF6xB4/v60KRq9vx8uKDc7iNwNEskJzmi:boOAbRDfYc0QxAv65TDswd","tlshash":"c642d1ea9faddbaf3c85ca975c8af1b18d6e15ef5452470ca8bc230a44f6c3541a07c1","first_seen":"2025-10-06T14:54:36.837672Z","last_seen":"2025-10-06T14:54:36.837672Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5003,"timings":{"blocked":4979,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2016/0107/20160107083106992.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2016/0107/20160107083106992.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 11913\r\nConnection: keep-alive\r\nLast-Modified: Thu, 07 Jan 2016 00:31:06 GMT\r\nAccept-Ranges: bytes\r\nETag: \"36466eb2e248d11:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i25517_c12732, i2475937_c28821, i1935955_c23471, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11913,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"31052665dcd163f2eacec61cd6951a17","sha1":"09fa81eb35d17c89a046f4adc381abb504d1d7c5","sha256":"2054b1337acf4696bfcef4ff2d034a47066b9436df6d311b912dc6b0bac78840","sha512":"12a73e79d63e89fae679e8a95b4c4b6d09586863648f5d2f8fbfe4027ae717e4e40d54ed67b448d27cc6e4dc3a1aaca4fd0026fc357fa84ddda3f2bd6224b7b5","ssdeep":"192:sV4Ixq8+fAqEDMkhdLkIJNJcQ5wZ5MTurTBvBk3ODqMhfrZJvzYhX3n3j:e4bYqFk3XJjiMSRBk+m8f1ZYd3n3j","tlshash":"ed32bfb8b86a8c26469d955727c4e3f7143ec1f68332d64382cfa413784d6e0db698f5","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:16.971813Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5797,"timings":{"blocked":5775,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2018/0611/20180611100854619.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2018/0611/20180611100854619.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 29039\r\nConnection: keep-alive\r\nLast-Modified: Mon, 11 Jun 2018 02:08:54 GMT\r\nAccept-Ranges: bytes\r\nETag: \"c9e25226291d41:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i17891_c6956, i2475937_c28821, i1940235_c22409, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29039,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"fa5c89923c82320fdbcb02da21b428ff","sha1":"073a1ef488ee0f2a6b0f6a2f1ec5f859fa39d37f","sha256":"76dec2d6bcbce35071527b0f2b5b720a462cd4ce9505dbb44ba5fefd54b254bf","sha512":"f4cade9008f8e3b2dcc8ee5e88aaa378aca6d94b8b3de99d217b57da1359bf78ec8d19cb3fd0005d624fdb03eb0f30a08b3748820de8698ef22bf09ce40d5c43","ssdeep":"768:IizPhA1yoqThvJ39Qf4wREUUW9a6zG6hFks0a/:vzpAU39QwweKa6zG6bkk","tlshash":"8ad2f16e8474c90b1c30b80d428bef766956a3fcb71f1c4580464693b2da3ddab348bb","first_seen":"2025-01-03T05:17:31.643809Z","last_seen":"2025-10-06T14:54:36.842331Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5837,"timings":{"blocked":5811,"dns":0,"connect":0,"send":0,"wait":23,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012034808963.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012034808963.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:48:08 GMT\r\naccept-ranges: bytes\r\netag: \"02c477f3dbfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 4021\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4021,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"54b9c7b61fe7509d2f1acac1d5090bcf","sha1":"2b077129b5731293c9ec66b0e11c8b26f8e0d828","sha256":"93856dd6e51052870615a237d9e4abdf113beb6537a84569bf95ce0dfbcf6155","sha512":"00b9b66923c28976f16848afadb6b711637a414270f882ed322d75c3ac11b0feff2b2378de88c0a4ad9a5930629b4d3875b768f4ce9f6244337a4adb9edad736","ssdeep":"","tlshash":"fd817d18e8b794d0c1ecc3865397e063bc0e88f2ef84a568a147ccb574206b195558cf","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.384356Z","times_seen":15,"resource_available":false,"data":null}},"time_used":837,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":837,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/bg-d3.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/bg-d3.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/index.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 18 May 2015 06:24:22 GMT\r\naccept-ranges: bytes\r\netag: \"02f57473391d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 1386\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1386,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 5x20, components 3","md5":"0b6cec1f7378082e5937a19ddb0ae88c","sha1":"acb6fe7f529f30d05cf99c3b52687f82bb78eec6","sha256":"0a7a42694e120118bf7a4216a137e329f199b1caa97edd349532b3dbb95db173","sha512":"f207f32165d2c37182fc93779ea3ec958237b98593d825dbf4447ed6ea5c1c8bb86dd5d20d87984c7a93b6fa7eb34d667f4456fa2350432ff4d2a0c61ef42b30","ssdeep":"","tlshash":"fe21500ff6027b02d8e8d93634f6541b890208c0b8c1e69aa4f99c1f28742f6181e2cb","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.253395Z","times_seen":16,"resource_available":false,"data":null}},"time_used":334,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":334,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/logo.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.611Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/logo.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 22 May 2015 15:14:09 GMT\r\naccept-ranges: bytes\r\netag: \"807685f3a194d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 6111\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6111,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 107x89, components 3","md5":"b956f24fbd9c38cff0c0a3c4e54dd9ab","sha1":"6cdce8dc42255354e480565b8b542f4f472708fe","sha256":"3027ef252e2fa47202909fdfaffe82923212991402d1f605bafe2c985a0aa694","sha512":"da3bf2c42914eccea8247ea7eb9d3162a8faff8dd20d4fc4496018595af4dbcc33b8b1ae6aa93c1e7382d3f7e5ee07ce764675f52d923ba7ce1a7aae1f2be07d","ssdeep":"96:zU+AX65PFNPlN8OJB8evkoHu8ouC9FDjuaKAdzMkVmX4Hx28eJ+RLk19J+Vs2Pn:Iq5PLlNOev9UfuKdz574VgBqJ+Vs2P","tlshash":"73c19fe174403b42dd765772d22a38c8a471799552da12e30ce90884cdbfb25bdfa0f1","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-04-16T01:23:16.701967Z","times_seen":23,"resource_available":false,"data":null}},"time_used":760,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":760,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0811/20230811080415998.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0811/20230811080415998.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 7821\r\nConnection: keep-alive\r\nLast-Modified: Fri, 11 Aug 2023 00:04:15 GMT\r\nAccept-Ranges: bytes\r\nETag: \"f7a925ee7cbd91:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 31803\r\nX-Ser: i32023_c12732, i2103143_c28197, i1935953_c23471, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7821,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"c434b493bb83aa6bdd0aa55ae279a6da","sha1":"335745d0eb186dfeeac975c9761227b66e1f4fbe","sha256":"8410f5ec781b3adf96bcf05e32ba1577a1c8681fc9b7f9e527420976176552a3","sha512":"ee180430ada0b3eb84b64e824a06d4543d5cdfe09d648598741cd135e0c53809001f740fec7c9335778fb9ede0809d56f8c8c98469482fc4cfcc0e739d0b8b32","ssdeep":"192:WlHrtH87NJ7ZBbdwSUjpNyIw66TdUbpiq++slRxH6h:mHrIJvbdell76yI+gah","tlshash":"48f19ed0124fd02ba42ab5476e02b4e3d9fa6d025dc13dfe36448abe09594ecd386a9c","first_seen":"2025-10-06T14:54:36.851704Z","last_seen":"2025-10-06T14:54:36.851704Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5191,"timings":{"blocked":5170,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012022319920.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012022319920.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:23:19 GMT\r\naccept-ranges: bytes\r\netag: \"8065ffa531bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2525\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2525,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"a3f2b952d87d8bfda19a0bde1b676397","sha1":"b5ba220d58d543b8a0d50fa7c72f40f00a6859c4","sha256":"684bb85bd1429474c2a05d24748d814d67e8cb8bf306f56270dc6e4ec0db6ecd","sha512":"08925fc4e158bd2597494eb67f42a027a45eca678b251b5e953867cc502978730c472ad728d6178eedf835208ca0e12f3adb04993ab0e2a885544a71132f6ee0","ssdeep":"","tlshash":"59510786fcd17d82a26499c20de75913c8264a00e7e0e189fd8ee16808700bb911e1cb","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.290771Z","times_seen":15,"resource_available":false,"data":null}},"time_used":892,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":892,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012022625270.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012022625270.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:26:25 GMT\r\naccept-ranges: bytes\r\netag: \"80bedc1432bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2190\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2190,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced","md5":"1a69d2085dbe8ca4f93f9c32310c9040","sha1":"8ed2331ed3bbaf0d733b123ac264af7c644c1eb8","sha256":"e7b19e4dff217bcafb824a72c84963cccd7e0f5f065f4054d39007ee7d65d263","sha512":"633f8a0bdd5a2039ab42535eaa9f57d4d9d35afa164e0692d808a87b335b17f4c6ecb958cfb05f61f4a7876ba37f2719067f1031540f937e9daf26d174b780f8","ssdeep":"","tlshash":"7f41e78de2427e833188d9a944f3783b8a374cc54ef0a5787ecddc6258380f1649c6ca","first_seen":"2024-05-20T23:08:37Z","last_seen":"2025-10-06T14:54:36.857397Z","times_seen":14,"resource_available":false,"data":null}},"time_used":888,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":888,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012023828778.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012023828778.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:38:28 GMT\r\naccept-ranges: bytes\r\netag: \"0cacdc333bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2583\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2583,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"32e010a538b2569063b9b7b0a33bc8c1","sha1":"baad0d03218d69c83babed1da96302bff915ea7c","sha256":"4f1b26cefd57dd5d6cae72183d8ff96511f47159e32330615d90d3bfa9f43557","sha512":"0548d7c0b3a0a86f6e9e7236ce333bad56f6991bfe16bce8156021254515fe051b5d197c3062bf7237958ce2d3a558ecbb290c760636f6ecac0f1697115a0a1d","ssdeep":"","tlshash":"c5510a0cf8c775447469a8d11bff603785674d00a178f5aebce7f86218351b166297ce","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.347961Z","times_seen":15,"resource_available":false,"data":null}},"time_used":696,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":696,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/1112/20211112035202520.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.016Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/1112/20211112035202520.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 30124\r\nConnection: keep-alive\r\nLast-Modified: Fri, 12 Nov 2021 07:52:02 GMT\r\nAccept-Ranges: bytes\r\nETag: \"c013c52d9ad7d71:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i92782_c22643, i2103119_c25795, i58866_c11118, i1940251_c22701, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30124,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"dbc2fc224333022ec1b962a589b4d311","sha1":"78c6ceed792c6f0850a45d07fb30e4959036ae73","sha256":"3002cdc318d83ec2f8cb5add80e7f15dbb29270f1bf128f75acbdbfd9153708f","sha512":"015b0143ac550e20c529035f03f7bc3c79101f719f0a6ccd473ea8124c5f111069718831a8ce5f5b212edfa708d5aab2f493b0edc6f48a03df6dfcf690c546e5","ssdeep":"768:c5ftyTbF2QO5/cfZRQXG4WmNKu4uP6hJ7exdkfk:c9tGY5ZcxRQ24MuxP6hkd1","tlshash":"0fd2e18930b502086b9875f3c7a7f9ef91dc12e589f8335172952382ae426fbc7b0652","first_seen":"2025-01-03T05:17:31.616908Z","last_seen":"2026-03-04T05:46:55.269797Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5756,"timings":{"blocked":5730,"dns":0,"connect":0,"send":0,"wait":23,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/icon-point-on.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/icon-point-on.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/index.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 18 May 2015 07:16:52 GMT\r\naccept-ranges: bytes\r\netag: \"0ae39c3a91d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 1051\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1051,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 11 x 11, 8-bit/color RGBA, non-interlaced","md5":"9954cc5db093f9ba8d35e907f2d76f64","sha1":"fc207b6c64943b18081e6af905f3078fbcf95faf","sha256":"b5deed60541224b35014f6cc6603f4a0bad0a6c15158090b460ef534f6e45525","sha512":"03e251c7ab54e62d72fd6c75fa51d3f64e82aa7b88f69f5581cde017f5a3b948e16074c17359257bfd2ea48704b04347ef2b8695d9e69a087756d2107b958e12","ssdeep":"","tlshash":"0a111f0fea802902968fdec21aeb041794037f90d890e0a5b88a891b0b6a1f744294cb","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.08896Z","times_seen":16,"resource_available":false,"data":null}},"time_used":316,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":316,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0313/20250313042517590.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0313/20250313042517590.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 42987\r\nConnection: keep-alive\r\nLast-Modified: Thu, 13 Mar 2025 08:25:17 GMT\r\nAccept-Ranges: bytes\r\nETag: \"e864a073f193db1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 169343\r\nX-Ser: i91550_c21609, i2103141_c28197, i1935953_c23471, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42987,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"91ed224e8a70b38f8dbd2292cc592b50","sha1":"ffe6f2591c1b68136177f075908f2cc8356190d2","sha256":"8ef4b8d235ec6ccf6d905382f6d26c55838941d1ca8b21b17b6c2f73ea966e04","sha512":"4920528033dc29f7e4886f52ce671fac3105eb164822466bb68c4f59fdbe63bd6963c1c3e22d9dbad17558007627a0704d132345302bfcc1d1f2b17e99c6f8d1","ssdeep":"768:Fw1zgR+qY4ExrzngutweLcdqIZjIzyw3CKt8p0+/brpEfzxX3kC:+9gHExrEutbLcYR0QR+PpEftkC","tlshash":"3313f25623dbf34bfb7643b64bd4094b826573524718ca9b7599c073488870cd8b3a5f","first_seen":"2025-10-06T14:54:36.863199Z","last_seen":"2025-10-06T14:54:36.863199Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5231,"timings":{"blocked":5200,"dns":0,"connect":0,"send":0,"wait":24,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/softicons/360wifi.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.859Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/softicons/360wifi.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 30 Jun 2015 06:38:06 GMT\r\naccept-ranges: bytes\r\netag: \"0db3e52ffb2d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 4978\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4978,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"5c4302e2025212003f54f56a749cb291","sha1":"2fce5a259388f6c933026244b4a72699c04ad554","sha256":"16fd4d94d1824fa60233b7c565b73d84e87d0e81e8c7fea42822395ee0037924","sha512":"16f9b93afc6ca4bd81368824dc31800534e0864e27c51ea08fe588b6e67d8a3b7e8216f11432ad62531d9a00c0879c10c74f6a426fa0235c0f749e70c66515de","ssdeep":"96:zcC0nxW+VQay5AAGpHav5mNZ6BnFLRna2dgqyxdJDMLGF1YOI5uL:IC23yOAd8Z6PdnaclyxdOLetI54","tlshash":"a9a17ed5eae26f6ceed9c2866647c551c03207e958b5cbe911b67c56c0dc88461af301","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:55.058436Z","times_seen":15,"resource_available":false,"data":null}},"time_used":831,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":831,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117021906930.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117021906930.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 06:19:06 GMT\r\naccept-ranges: bytes\r\netag: \"06944216abd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3431\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3431,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"588edfa36d9233bdf8427b365d0e30b2","sha1":"82bd3984257bd9335917c35840f46eedbbf113b3","sha256":"2c6419c2119f0aab5e2c4bc71c5f8ac226743af0400d35c9ec3c49e64f557985","sha512":"7535a5f15897fefbbd368d89d5b8eb4efee3eb7c0c917d304f96e69548788d0cedca165e69e8ef710c6a425bba0cecbdf03ab762803c3adad205e5d7f0f2900e","ssdeep":"","tlshash":"e5614b05faa49debc148aac034f7c06774e725c6cb58f619e8ede04929703f9154e1d7","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.557814Z","times_seen":15,"resource_available":false,"data":null}},"time_used":956,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":956,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2017/0220/20170220092116497.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.968Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2017/0220/20170220092116497.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 25418\r\nConnection: keep-alive\r\nLast-Modified: Mon, 20 Feb 2017 01:21:16 GMT\r\nAccept-Ranges: bytes\r\nETag: \"3d93c6a1178bd21:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 15635\r\nX-Ser: i17891_c6956, i2103125_c28197, i1940265_c22701, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25418,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"79b63b45e8577a972b114af383a17092","sha1":"7613634641d448899d7341d3560d32aeb5cba2e0","sha256":"cb336638fe8bfa2b8b419aef6a0142ddfb3e912c8a24e17125490d60ec411bd0","sha512":"f6eab244f15f48ebe44a9b1185a59638c41330d99f5ae30051fc092cdb0195de530a390b0c5d90119a41135e17a09bea6572ef07cb5b9089a8ca44cdce3b49ab","ssdeep":"384:QMROaXx+Iohl23fpiKbyuuYm87tWopzlThzFZQCrH6dgzszu2XRWCf8fdIVr:BL+J/wB9byuyuEopzlTrjQgzszuIu1or","tlshash":"8cb2e0bfb5c39f5ae644db98711ee68ac3a03cef00034f5b36aa705d1960ea869414f0","first_seen":"2025-10-06T14:54:36.868877Z","last_seen":"2025-10-06T14:54:36.868877Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5530,"timings":{"blocked":5505,"dns":0,"connect":0,"send":0,"wait":23,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0212/20200212031215871.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0212/20200212031215871.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 22135\r\nConnection: keep-alive\r\nLast-Modified: Wed, 12 Feb 2020 07:12:15 GMT\r\nAccept-Ranges: bytes\r\nETag: \"182817c173e1d51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i91718_c21609, i2103125_c28197, i1935885_c23471, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22135,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"09d6a70610d269247da8a33e2d31c0d6","sha1":"ac2b5be1c0d5863dcacfd7b414abfacf7f216fe0","sha256":"e9acb8904276e6bc9a27fff558897c717cbe129af8020963ccef63d1ee8815c5","sha512":"8407e6c6927ac3a66c1dd9c7a6469459a3b9e208e24459f3e6fe5fbd19f94eb18eb810b910209ecc1579d51a348a8713c9769f7b7fd1b1f8d9d0ad5efea51af1","ssdeep":"384:J6659yhzi4gd5LfMeXeriFYpeUaLgE4f75rrMcvFkEXAKVmq6HJuVQhqxLRc:JJ9Nd5rM6QiF+ev4fVPMcvFkEXAKVoJ5","tlshash":"66a2e013bd208e69a5434bc0291a1176ea7e8059481efddf6af6bf3c490714cde03e06","first_seen":"2025-10-06T14:54:36.870633Z","last_seen":"2026-03-21T21:38:54.201322Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5022,"timings":{"blocked":4997,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0928/20250928105557448.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0928/20250928105557448.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 40808\r\nConnection: keep-alive\r\nLast-Modified: Sun, 28 Sep 2025 02:55:57 GMT\r\nAccept-Ranges: bytes\r\nETag: \"dc2136a2330dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i63608_c22643, i2103123_c28197, i1940255_c22409, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40808,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"be91f67ee28e6df998e8545270ebe10c","sha1":"250f6dfc21b53d52761d628e3d552f7d1443024b","sha256":"815b1177fbc13b6ab541c6b1b6d6c49aae90131cdcb5299546498a751553e8e3","sha512":"12c2fd316c6a9739f101c04dfa3072ff793954fdb808ea6399d7c962f7880f7cc3f0535517d42873d970fc1e37c4ae80c620665a9c994419ca4612287a5d6628","ssdeep":"768:JmEd5xk3lWPrf8k1bxUJE0f/LS3ALScQdTjqztkNSQd5j5uZvAze8NxXk26aSLmC:JJ5AlQrxlKa0fqT2tkldRLtDPK","tlshash":"1503f26accae0001dae93b3a46374b064cbd6f7d4cdb34d90e1efd6642bd91079149d8","first_seen":"2025-10-06T14:54:36.872579Z","last_seen":"2025-10-06T14:54:36.872579Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5581,"timings":{"blocked":5543,"dns":0,"connect":0,"send":0,"wait":32,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/0607/20210607083123523.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.011Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/0607/20210607083123523.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 54991\r\nConnection: keep-alive\r\nLast-Modified: Mon, 07 Jun 2021 00:31:23 GMT\r\nAccept-Ranges: bytes\r\nETag: \"e1626d71345bd71:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i91688_c21609, i2103129_c28197, i1940263_c22409, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":54991,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"fb38503a7d6276c5f5c6be9cc7665426","sha1":"b8945b0c38b59cd0541b7d5e6fd749f0517bf7e4","sha256":"1449b371fb6b54f855cf3c03027798476425ed6538a36673c4f2039b7a43c962","sha512":"cfb7eac95201dcb68d1a43b5b77a83b4b0a9dd1c104adb3d8a3f3f36699e4a809580a7ab246d276beb6e39dfef00066d07ec9ea2e217bb6f6efdbc58b66f806c","ssdeep":"768:EtH8xx07awWtACgLnxbEopg0otVgvWaKSSXZK3VAaCJ5Zsh:E2xxP3CVENeWRXclAa0Qh","tlshash":"7933f1255ca1b1861ca897f1dad6116d6823ed47e2c28e45744e0b26df80ff7cd0e7ca","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:16.885118Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5699,"timings":{"blocked":5657,"dns":0,"connect":0,"send":0,"wait":32,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/css/cui.css","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/css/cui.css HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\nlast-modified: Mon, 01 Aug 2016 06:17:23 GMT\r\naccept-ranges: bytes\r\netag: \"809bc45dbcebd11:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 1175\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3503,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"c0018d081684e7415cae185e2c676d9d","sha1":"dce6741f70cc393483b904f592bb9e2d8d684ff7","sha256":"bad8c451461169b50e7216d4da2c50d865fc2763ac88daa3a9449fe16eee3d1c","sha512":"36d7823370d90bf28804e914dd3c99a69f7642e2271f7928a6d040dd760600d990633f138de2b408a2cd41d3c2cc2cece80a576abeb13f2e4bc57116a9389e1a","ssdeep":"","tlshash":"1571eb534af52809b03ba62fecc2ab7a71109437d1736db7b625eb89c8fd5663640334","first_seen":"2025-10-06T14:54:36.87545Z","last_seen":"2026-04-16T01:23:16.746719Z","times_seen":11,"resource_available":false,"data":null}},"time_used":458,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":458,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/common.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/common.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 11 Dec 2024 11:01:49 GMT\r\naccept-ranges: bytes\r\netag: \"80c7613bc4bdb1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2308\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7323,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"043a512d415fe741ef7ec356132d3a30","sha1":"53070533e4bc97e7e5518b98e8e767713f2b57f6","sha256":"f7c163cb0ed738bfc92db29cf8ebbae9abe3c0fa89d00abcc99e9f333d661822","sha512":"bcb2440fb588618f6335d90711204dc1ecaeacb7996b8bc37b22e546abaeffa127fc4440e75cf05c02ce0811e852c7335ee6d3b7d4c7392b771b48bfab14fe6b","ssdeep":"96:cme/3tfiXUGqELj1X/DknNxDSDKho7hBZIOhbjp4Lr7LUBzI:O3tfi5qKX/eNxOtNBZ5h6Lr7IBs","tlshash":"d8e1ce09b7bc0f9291f7238a173951c1ee2a481766558342f8f846b93fb590ca623d7b","first_seen":"2025-01-03T05:17:31.246562Z","last_seen":"2026-04-16T01:23:16.974685Z","times_seen":8,"resource_available":true,"data":null}},"time_used":760,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":760,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/0510/20190510121351309.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/0510/20190510121351309.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 3825\r\nConnection: keep-alive\r\nLast-Modified: Fri, 10 May 2019 04:13:51 GMT\r\nAccept-Ranges: bytes\r\nETag: \"b1bb29c6e66d51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28821\r\nX-Ser: BC43_dx-lt-yd-jiangsu-lianyungang-14-cache-6, BC202_lt-obgp-fujian-xiamen-33-cache-2, BC132_IT-Lombardia-Milan-1-cache-1, i1940251_c22701, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3825,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"4c2e70ae8d6a4d911bd0cc1cc6b0aac7","sha1":"f0cb0623e07221c02bea7e1306171bbc60571b44","sha256":"9d262864383209a1956f25497f53fc3149674f0c4de811d6713d6fe65bb1ec64","sha512":"6e6eaf59325d13f66172ec3051b4cb3f89097c6164b8d6b1c25d68ca07bec237e79101961a6cf0a059a5b5800a016dcc6fd3419a755835b8a43874b60d99ec47","ssdeep":"","tlshash":"41815b9dd552c2aaef8d29d3979819b4391d7cc2bd08f38996ec7040654a358b2374d1","first_seen":"2024-05-20T23:08:37Z","last_seen":"2025-10-06T14:54:36.879799Z","times_seen":14,"resource_available":false,"data":null}},"time_used":10165,"timings":{"blocked":5051,"dns":5030,"connect":20,"send":0,"wait":20,"receive":0,"ssl":42},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0330/20230330015400284.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0330/20230330015400284.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 44261\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Sep 2025 07:04:24 GMT\r\nAccept-Ranges: bytes\r\nETag: \"3fe31874d831dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 546342\r\nX-Ser: i92782_c22643, i2475919_c28821, i1940263_c22409, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44261,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"3f91a140c688a5af08aafc09ea2482fb","sha1":"b379e46125e961a038b5a91b4a397c9324186080","sha256":"3d19ef4bca9313f8094246248690cc4cf542e6a0f66f2510c3b1275d8b557f05","sha512":"a91fecc13163e4a908a50798d501df72d846030aa1ba70d216eef3c60976de7bf727a2cca19341fa3f0f320ede42baae2e7bc9bc328589a26f38ea0748e358b3","ssdeep":"768:/8Ibbmew2tyintC+JzQo6E3/f3jRGnW8p3A8+55V8e7RhuqRWa6Y9kREyNdaLdCq:/8sJ08tWoDwW8p3p+m6RhuxEy6Met","tlshash":"b71302170227c1e2d2a85166168d8ef055afcbecfbb89e57c960d1c7b489b097c0e727","first_seen":"2025-10-06T14:54:36.882044Z","last_seen":"2025-10-06T14:54:36.882044Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5160,"timings":{"blocked":5126,"dns":0,"connect":0,"send":0,"wait":25,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0708/20200708032023435.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0708/20200708032023435.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 3743\r\nConnection: keep-alive\r\nLast-Modified: Wed, 08 Jul 2020 07:20:23 GMT\r\nAccept-Ranges: bytes\r\nETag: \"ea9c23ef854d61:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28818\r\nX-Ser: i31227_c6956, i2103121_c28197, i1935851_c23471, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3743,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"a191bcb833d5c75b5dba863b9a89b2be","sha1":"d7a0e75f803d9ff46a96e7d74894a7d891863bf3","sha256":"f3f8eb443367bcc6ad790404e1e89e1cf3682dad2d85b8bc1910da2586ace73f","sha512":"19d63771df10b1a8b4ac63ef810c76bafaee8c4be116c997b52838a90110d7aeb5f8961d43344d9416135b39a7ed3a97227d169780e25988d1a72eb1051dd2a8","ssdeep":"","tlshash":"a6716be34e17c83fb549d38e895f73484ea82050168a7043f67f623a06a2d94b62944a","first_seen":"2025-10-06T14:54:36.884123Z","last_seen":"2025-10-06T14:54:36.884123Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5587,"timings":{"blocked":5567,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/1102/20221102035104210.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/1102/20221102035104210.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 13083\r\nConnection: keep-alive\r\nLast-Modified: Wed, 02 Nov 2022 07:51:04 GMT\r\nAccept-Ranges: bytes\r\nETag: \"876b31dc8feed81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nX-Ser: i25509_c12732, i2103121_c28197, i1935879_c23471, i1940231_c22759\r\nX-Cache: HIT from i1935879_c23471(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13083,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"f648c20bae0001b6b93e62eae81908af","sha1":"27a8c5b29972f6188796755327c84defda0b7123","sha256":"7d5e196654313679f140b19285517ca9dbe080b900b801a402f8bc245bc845f0","sha512":"88e376c392859368b727298eed3f184129bbaa82572f8d6fc58ce48e2f88cdc1467daf71d93e5c327da6b400c30a0084c80e48f9db44c12f04f9b8965801aee8","ssdeep":"384:CzAeBCaXG0BGlP1wG2q4rmjixO09YcFB0T8TvNE+:H6G0YldGrEi33D0T8TvNE+","tlshash":"5b42cff3642df93061cd4a3fb350a9b4f7c603ab7f0b1a21e24593b6ab98371614645b","first_seen":"2025-10-06T14:54:36.886163Z","last_seen":"2025-10-06T14:54:36.886163Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5636,"timings":{"blocked":5592,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0904/20250904094429834.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0904/20250904094429834.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 15075\r\nConnection: keep-alive\r\nLast-Modified: Thu, 04 Sep 2025 01:44:29 GMT\r\nAccept-Ranges: bytes\r\nETag: \"faef6743d1ddc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28820\r\nX-Ser: i91226_c28777, i2103121_c28197, i1940277_c22409, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15075,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"7fd814d3148b3c947543db4921bbdad0","sha1":"83fa7a4f18c0baa1c476d5d592249d49ee3bda31","sha256":"b439f5b353871794753d3e9bff2c676fb672a44ad6fd130787057a8f26fde4b7","sha512":"1ccfdd2169cc093821c853a114a0d3909b1062685ea9e2f576f844a104ccc8fb155ac0a0dab8cce5ebf53e09545e2a0e4a2520e61f5861f558d0658fb142b2be","ssdeep":"384:/qLT1iWt/VIDKto77U3CKA8zX8r3g8ny2/2:WT8WtdwWo7n78zMrRny2/2","tlshash":"6362d0c620f2caabb607816f65f51a7b6d8c1c09a18949dcfb08e023735d8e3c2519f7","first_seen":"2025-10-06T14:54:36.889288Z","last_seen":"2025-10-06T14:54:36.889288Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5706,"timings":{"blocked":5684,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012023109196.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012023109196.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:31:09 GMT\r\naccept-ranges: bytes\r\netag: \"80b423be32bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3613\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3613,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"9f91183bab46c0c8c89dceef6d7d0d98","sha1":"bb80ab76351f19f67d478a70b5ddf46d4536f346","sha256":"db1b1d7cef105270e7eee57e22a8d40ea56b9ec1f5b6976f74986934d9d4196f","sha512":"4a66af6297cfa87509b9390ac8e9b58b77a951ef53740cf666f6aeaf1635a444f37f5785650a54e31cd7edece824ec875f23a8c526ab0e4575d11226980aa671","ssdeep":"","tlshash":"07714d4eba8b3409d8597dd99ccb31e7c933020696e5fb1c9a4b9c7209b87720416edf","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.0485Z","times_seen":15,"resource_available":false,"data":null}},"time_used":852,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":852,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2017/0415/20170415090039108.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2017/0415/20170415090039108.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 7088\r\nConnection: keep-alive\r\nLast-Modified: Sat, 15 Apr 2017 01:00:39 GMT\r\nAccept-Ranges: bytes\r\nETag: \"a4662ab383b5d21:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 31802\r\nX-Ser: i37222_c28455, i2475963_c28821, i1935953_c23471, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7088,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"803c229c2fc7e29e922c735ae0dcd265","sha1":"15385c8b220d89ad369fb64659327284628f51d5","sha256":"060ec87038a6066ad21e977ccb4a22b96ca7f12d712d95acc340c75bc072268e","sha512":"39bbb1c7eafd7eadd6a951729821e16fcd3095af9acc30a1fc7399e22a3a381d4aa99df4a3041e81b9a332a5f5c325283034cdd7b816c99bb75525db41a80f78","ssdeep":"192:wgs5YSbnaAUa28VKhddyTvbskzSaJs3zJab:wggNaAG8AdyTjsgSecob","tlshash":"ace1bf051b869f263e531102545353bfa08087e0a7f939945701ed3d222bbacf6f7ab9","first_seen":"2025-10-06T14:54:36.894743Z","last_seen":"2025-10-06T14:54:36.894743Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5179,"timings":{"blocked":5158,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0930/20250930102210474.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0930/20250930102210474.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 31085\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Sep 2025 02:22:10 GMT\r\nAccept-Ranges: bytes\r\nETag: \"93bab66b131dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28818\r\nX-Ser: i28797_c12732, i2475919_c28821, i1935891_c23471, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31085,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"174ed032b17f71fd3c73b22575e6b058","sha1":"c5aae10c145e5f6ba00865c67e7676b565275cde","sha256":"7ee90a7c919e863f216490b37302cfa8ca40a4fdd78738682dacc1709c55c429","sha512":"e5120b14c74f112f4bad8174519a33ef7b6d64a7aa9c13d794304657cebb7f7fe05af3bfb216c8794eb8b38164e461bb9a1521c29305cd7386d1e2dc055f9fb2","ssdeep":"768:O4IWMEwSY3eSM3qmlE7iNW3MkGRYLK3ArQPtwShf4ZE/vS:OHWM5FeLZE7iNaPoHew4SvS","tlshash":"e9d2f1de8a28ac54064596245ba71507af3a2deb8500881711ee83fffc9dfb84c4fb43","first_seen":"2025-10-06T14:54:36.897084Z","last_seen":"2025-10-06T14:54:36.897084Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5612,"timings":{"blocked":5586,"dns":0,"connect":0,"send":0,"wait":23,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/0926/20240926084255343.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/0926/20240926084255343.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 4226\r\nConnection: keep-alive\r\nLast-Modified: Thu, 26 Sep 2024 00:42:55 GMT\r\nAccept-Ranges: bytes\r\nETag: \"512f87adfdb1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 1145\r\nX-Ser: i34714_c4672, i2475941_c28821, i1940233_c22701, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4226,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"276d5bdf6bb3323cbffac4fd3f12204c","sha1":"7659d86082689e0912b8b0afb190717022525a2b","sha256":"60338d05338cc5a2ec0b4be8d6f1638f1ed6e8dbde79204c8dd69bf474458e17","sha512":"2337e589b474bffcc86b8894529f66c8d339e121b512eb37f613de92dbadd087cbff0dc7c982019034f7e08eca2c952bc22d42fa79b09d07165f599d306c63c7","ssdeep":"96:VLl39jCEQUMBEOQT9RQ6FVyd22O6p5Ep7RJlBz:VLl5LO896kEdFhp5Clz","tlshash":"17917e63bca240b25e396e60eba3375c0ca5ad6330cb2b0b9b40e2dd93331e61d52844","first_seen":"2025-10-06T14:54:36.899491Z","last_seen":"2025-10-06T14:54:36.899491Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5683,"timings":{"blocked":5657,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117030705282.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117030705282.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 07:07:05 GMT\r\naccept-ranges: bytes\r\netag: \"80f248d570bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2666\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2666,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"2ab6ce2af5990ced124de4c9a7035152","sha1":"33d509cdbad69ab174d6c3d0b337aafce48542a3","sha256":"6ebb0345bb87782bcb5d01cd10c127be3577b5d5037b2241c4961b997ff8d48e","sha512":"8f09b5f16a7bc9bac4651c4ba65ddb07a699745a53a5cc5cc766796f4037e1e86d183939c1682538aefe101c3500a0e2438cae56ae44bd50cb03f5d9b9f3491b","ssdeep":"","tlshash":"fd512b4afa401d7661cc84c37ce69c27ef4245a48aa4ec52b8c9c10f28f14ba966d5ef","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.492237Z","times_seen":15,"resource_available":false,"data":null}},"time_used":841,"timings":{"blocked":77,"dns":0,"connect":0,"send":0,"wait":764,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117031643850.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117031643850.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 07:16:43 GMT\r\naccept-ranges: bytes\r\netag: \"80bfcc2d72bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 2167\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2167,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"00b80d83e0bd7a3db02f91e109915670","sha1":"f50daf9b3f3b2e8c75ecdcddda04164ff45770b8","sha256":"c8ceb43d8c2b39425ccec881bb807b0e52761569d962dc16f5c7c0ebeb3a2bf4","sha512":"5a5d06333d95012d2edd2b1cf33044b006a2f0d97114dd71d9c82e705b747fec710099f5c5ccbca1018d15c5e8f37c9d2f98a83a2d4bd387bea3227029d20f18","ssdeep":"","tlshash":"b2410aaba750b99290fca84144d754bbcc234840e9d1a0eff4bfed491db41760d1d38d","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.311465Z","times_seen":15,"resource_available":false,"data":null}},"time_used":867,"timings":{"blocked":372,"dns":0,"connect":0,"send":0,"wait":495,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117043822815.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117043822815.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 08:38:22 GMT\r\naccept-ranges: bytes\r\netag: \"0d3d4957dbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 3122\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3122,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"2a437151343bc3b183977ff3f4dbef88","sha1":"1edbe786dfa95863a542b97efa04e3d9612e50fd","sha256":"e1041d56a19bc0b19ec4eeb8d6f78a8bba08587268528e0a1a5b70a520e94543","sha512":"c643bababaf108be48fda6b37565246fabf7b12d46e9e85983ae23faaab668c0e010b045467f6ca2e7da2bd522018a2e2f683319154effa5ca1977f85a68c8a1","ssdeep":"","tlshash":"7d513b44fed0a1435a1ad66709b4b07bfc335984c6cde48739c8c00a0af5c99a09facb","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:55.581374Z","times_seen":15,"resource_available":false,"data":null}},"time_used":866,"timings":{"blocked":537,"dns":0,"connect":0,"send":0,"wait":329,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/1214/20191214102712962.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/1214/20191214102712962.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 6856\r\nConnection: keep-alive\r\nLast-Modified: Sat, 14 Dec 2019 02:27:12 GMT\r\nAccept-Ranges: bytes\r\nETag: \"21396afe25b2d51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i91542_c21609, i2103123_c28197, i1940275_c22701, i1935945_c22759\r\nX-Cache: HIT from i1935945_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6856,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"27ce3a8cc577aee03c1a29874fc02b35","sha1":"8b515b802428bff3b1aaf643c4dd3e5d7e5e7c23","sha256":"802df151f88b139cf5fa8b07b0d050cb0793dea7b18803cb173618e5ec7a3df8","sha512":"8606203fb19f47c2f07d64cf443335c4e6833314692261142951c9d97b9774fa928ba4493063d55d933854a52a71d9c5492b038d39d057e2e7ce4e46fb9c7fe4","ssdeep":"192:o9OWecvfJRrtsRLM0/8+7cYovhz1Xq47OyX:o9O90XR2w0Vjch5Xlz","tlshash":"44e18fc1da0326b9d63eaa7020649a804f11f49af8dce5966e603dc188b57c549db4f6","first_seen":"2025-10-06T14:54:36.905738Z","last_seen":"2025-10-06T14:54:36.905738Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4993,"timings":{"blocked":4972,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0219/20200219034305543.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0219/20200219034305543.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 7828\r\nConnection: keep-alive\r\nLast-Modified: Wed, 19 Feb 2020 07:43:05 GMT\r\nAccept-Ranges: bytes\r\nETag: \"46747938f8e6d51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 714873\r\nX-Ser: i92694_c22643, i2475923_c28821, i1935851_c23471, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7828,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"9cb949a267055b40f203527d6bf74096","sha1":"55db4cbe39f826c8cfab95c6f23ede2630c3f95b","sha256":"3466c3ddfd18330589ab6e3b85bc13c39789fab5324bcf4004a0859e6de813f3","sha512":"07542b51c6293f0a7e021322b641f70023b09811e8cc69e6a8815fa13ba6125c398b1d00786f2c4d9f9319301c2158a1abd546709a925375806ed1debbfefa07","ssdeep":"192:U6pjPksljaBt9dOqF5I5v3NZw0ZfL4I+1ADr21kTQR/:Ug7ks8t9zFOZNxfL4I+1A/2CTA/","tlshash":"89f19e5289aea8eefe6d37f5170741e408d8ace58b90f30ee352c065d75da399b84306","first_seen":"2025-10-06T14:54:36.908629Z","last_seen":"2026-03-21T21:38:54.245691Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5012,"timings":{"blocked":4991,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/0914/20210914093808891.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/0914/20210914093808891.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 8424\r\nConnection: keep-alive\r\nLast-Modified: Tue, 14 Sep 2021 01:38:08 GMT\r\nAccept-Ranges: bytes\r\nETag: \"86fb8a2b9a9d71:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28820\r\nX-Ser: i92782_c22643, i2103121_c28197, i1935885_c23471, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8424,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"abfe1649b0c613023d4a6771fa332d18","sha1":"f11cb595d574973b5395b0e574fbc27ecc64f45b","sha256":"fc5f097fb4c72de195101944db943859a5703653e7d25c3b0942889bd1b64269","sha512":"efba5bb41c3f3592641a46a6c688749653aa05db0789e7afa04e6b88e3bb1ae6a37a07a76a620685c9166c8f46a28e2e13921e80cba36962fd96b08809927218","ssdeep":"192:AyYnc31M28OYKmC09osNVWisT/INcZFMisfXBZQ/RHD+2pZ2M:AyYnIW2bYvtosP3MFyvvQ/tD+s","tlshash":"6802af6ceaf7ae1ad72bff81da1e3d942c77f711485871c62c522750a9350b36c88632","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.480903Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5093,"timings":{"blocked":5069,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117040738846.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117040738846.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 08:07:38 GMT\r\naccept-ranges: bytes\r\netag: \"0c1b84a79bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 2255\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2255,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced","md5":"39faef1d2d0038c629e419b37de25292","sha1":"d301b1e0bc28804f09d81a29d3effacc3daf4261","sha256":"11c798d68f902d297829991d628a232d8cae627058cc376af62bb03e1ef90a6b","sha512":"fb20d9e17645691def557d34aad2087310502fce884d35fdb788e0f4e2a5a2e96e416206ebda5b4f182bbfcb0800e9df7e833b0813ff697c5b7a2cdebbc72a0e","ssdeep":"","tlshash":"9e41f91ee5603512484ee1662cf9453be6924090e3a1b541f6cecc1a8d714fa459fbcf","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:55.232566Z","times_seen":15,"resource_available":false,"data":null}},"time_used":859,"timings":{"blocked":366,"dns":0,"connect":0,"send":0,"wait":493,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2018/0716/20180716105115980.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2018/0716/20180716105115980.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 13548\r\nConnection: keep-alive\r\nLast-Modified: Mon, 16 Jul 2018 02:51:15 GMT\r\nAccept-Ranges: bytes\r\nETag: \"64f7e7dcaf1cd41:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 1733940\r\nX-Ser: i34710_c4672, i58866_c11118, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13548,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"612a9cb4e48b43a792c5c7fdf033b17e","sha1":"ad258521e75255704cd47f57e2a20a3f342d62df","sha256":"1b13daab11e8dc30d3ba270b8bfd9b238a0fe51bd7d953eb41257a4dad2513be","sha512":"05a032f620e4f5683ba1545758342f55998f5ad8efff26e12c89400d4be4b7f02ce8e541bcff6ac4e3baa0074be11cac5d5fc76aad130fa4bbd344cbca038c43","ssdeep":"384:n0iUaFeBgkeCbIWMZxDAqbFzQ8KVAw78liWTK4Dl:pHv5CCDAqlnTYaK4x","tlshash":"2352d0919b96f56fb3d9e6b36c2d01ea5331398d634488348a96c9c90b358585cd16c1","first_seen":"2025-01-03T05:17:31.528864Z","last_seen":"2026-03-21T21:38:54.070266Z","times_seen":4,"resource_available":false,"data":null}},"time_used":5490,"timings":{"blocked":5461,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0624/20200624044532765.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0624/20200624044532765.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 33964\r\nConnection: keep-alive\r\nLast-Modified: Wed, 24 Jun 2020 08:45:32 GMT\r\nAccept-Ranges: bytes\r\nETag: \"63bf6fd234ad61:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i32009_c12732, i62114_c26647, i1940251_c22701, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33964,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"e24537fab66451dd89bb01e7565ed0e5","sha1":"7f16b9739e982cc85bb48006abf3ff36db7b12c2","sha256":"27e3f0d7955b548a621f49feeadf2d4b0a7b4ba563c03cb259fa3fa824d3c372","sha512":"7e18a5fc2d425d1dabc6dcec9ed9f7618c35d818b411a92612aefa62dd9a217b1078d4135a715b1a42aa8fbfaae8b644aeb8b58e7457410b29d595189f1d1f49","ssdeep":"768:1ojHAqOeL4nZRGi9DQwvFQNPZ+f6VGSxndOUBSGzO:m7LBLQGaDrvqNPk6V1xBSGi","tlshash":"60e2f17b9b16333d5291c93d28abddd81362cdaf0698fa7decc857a5cc8b2d40072660","first_seen":"2025-10-06T14:54:36.917915Z","last_seen":"2025-10-06T14:54:36.917915Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5552,"timings":{"blocked":5525,"dns":0,"connect":0,"send":0,"wait":23,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2018/0324/20180324011322430.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2018/0324/20180324011322430.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 4979\r\nConnection: keep-alive\r\nLast-Modified: Sat, 24 Mar 2018 05:13:22 GMT\r\nAccept-Ranges: bytes\r\nETag: \"d1ae67d42ec3d31:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: BC149_dx-lt-yd-jiangsu-yancheng-8-cache-16, BC195_lt-obgp-fujian-xiamen-33-cache-1, BC130_IT-Lombardia-Milan-1-cache-1, i1940273_c22701, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4979,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"044f076db35cf105b42480a59a74cda6","sha1":"b600621563880d4ea2919cd0b6b9d8257d087e1e","sha256":"469f9d21551bd5f0308f8f71d0e48614b1ad3c7dd20ecab3a9a6a1d97e260b8c","sha512":"bbe7428a7ba9582ad7393ff49a92b77d89365f2bc36e0f2546040d2575dd691e211fe7ca45b57fcec6dfcb2be4d7b7976d98cfd52985e3159d4d564e0bac11f8","ssdeep":"96:VhtFHTyQSp5D3KknYdZfnbUz6dHb+Ekqe+gljhq8uhi/vxq3Q/Ah:/XzsD+ZPQ6dKEkH+e1qfAhq31h","tlshash":"e8a18f5b60e0551e878d226f45133cfa1b36d1dc3a718506fd5c81998e8fae250093f3","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-04-16T01:23:16.732552Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5048,"timings":{"blocked":5028,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0403/20200403023942308.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0403/20200403023942308.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 39069\r\nConnection: keep-alive\r\nLast-Modified: Fri, 03 Apr 2020 06:39:42 GMT\r\nAccept-Ranges: bytes\r\nETag: \"b81f22a8829d61:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i24687_c6956, i2103121_c28197, i1935891_c23471, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39069,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8cf809b509244c3fc4901acd6c0163e6","sha1":"b9bb980d61ab2cf622580991f3a20e23c4c48875","sha256":"9a16f34311f77befb2cd6dd6b8bc4fabb84cf9a82d6c2ac7268cd76b85d555e8","sha512":"873d6b2428cbe93954dca0116ca7b3f719a2cb95acca0a2348fdfcf047ae1a1557d93958cbe8109b5516735cfe44a42f18bec7f62f1077abd05aab870df50127","ssdeep":"768:hLjWWkF7PdePPEuE1p5gEmweRyifXSPYI3CKQwO+hqPQeOmYRz1P4hE/h:Z6F7UPPEzEEmH/XmYI3Kt+AQ156Gh","tlshash":"dd03020e2cf4fe7ca6a61e82541389121db70ac7738bd0953a9734820da93ddd6307eb","first_seen":"2025-01-03T05:17:31.613795Z","last_seen":"2026-04-16T01:23:17.0072Z","times_seen":4,"resource_available":false,"data":null}},"time_used":5749,"timings":{"blocked":5721,"dns":0,"connect":0,"send":0,"wait":23,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/bg-d2.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/bg-d2.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/index.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 18 May 2015 06:23:52 GMT\r\naccept-ranges: bytes\r\netag: \"08c75353391d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 1384\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1384,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 5x20, components 3","md5":"f60177ddc5d70417edc903d1b2fb2dde","sha1":"79652e1ef1bbfeb89490e494378f1eafd1e06d42","sha256":"af8ab5e852bfb2dfbaadc9b7d51e47a72f491fa429bdd9cb75546c82ac043507","sha512":"b7ba3da541883a616619ce5fb77d950a81716ff24a77c39a7a9ef42ddbb792d49ac36dd757dc3d2ba6987e4f125ce8b6806cbf85dff6018859f2e398852bac07","ssdeep":"","tlshash":"8121420ef6216702e8e8ee7138f6501b590584c0bdc0e58a69fecc1b58711f6086f6db","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.250544Z","times_seen":16,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012023915302.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012023915302.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:39:15 GMT\r\naccept-ranges: bytes\r\netag: \"806bd1df33bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2460\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2460,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"b7df35e11a8a1ce81de757068dc69604","sha1":"0c646df29599191fb2ae0deb181261a6776aef00","sha256":"fa1b798be2c5459a7a2b9517f7617b6336e07890e5c76dec045f50696d43804f","sha512":"b5a15f4611d859e130ce34d075293864e5cd38ae352669229d207f0acafc8cb5c793b381f3bf2e6930539681c4d3d63b067c2aff67dbb753ecefcb4d79709763","ssdeep":"","tlshash":"c6512c48b7867183609de7a02df3207359b955208fd06555becf81c718667ee4c4d2df","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:54.937637Z","times_seen":15,"resource_available":false,"data":null}},"time_used":697,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":697,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117025928310.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.934Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117025928310.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 06:59:28 GMT\r\naccept-ranges: bytes\r\netag: \"048e4c46fbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 1983\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1983,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"bf57adc4554d8730a62c8c89251dba1f","sha1":"9ac49ffb4a8a042d3b43d7354f4f155a7e65e954","sha256":"6a43765568efc19769608593cb77fc887a7ac52c0502d61d1eeb971878cfc875","sha512":"313566298eaf8afb4bea6379f27dba0e08e296e2721332ae8630270511711be4d5f44849fb94ee8eebcf27213dfd0d77ce66805801877bb1d37d13245159b366","ssdeep":"","tlshash":"c541e887a2d04442f3eacbc55cfe1923e5224a808291e07564dfe4075ca41ba3b7e2cb","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.569714Z","times_seen":15,"resource_available":false,"data":null}},"time_used":796,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":796,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0911/20250911041424956.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.998Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0911/20250911041424956.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 40744\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Sep 2025 08:14:24 GMT\r\nAccept-Ranges: bytes\r\nETag: \"166ae915f422dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i17891_c6956, i2475937_c28821, i1940269_c22409, i1935945_c22759\r\nX-Cache: HIT from i1935945_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40744,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"2a29252db97b509cabfb02b7dc30db43","sha1":"78dec8e2c788dd772f9bc8b6a0e82e6d97ea3445","sha256":"05f253f05b7574b9dab39200fb01ae24e5c6236f8aad744ce83ad1af29229613","sha512":"e0a8616bf3be5c4854c16953f2d630f06503b7278067be47405c74ef8c5fce4f3455816fccdc044aa71ccdb3d0af92aab2541968614a371640f427dba7a5b74a","ssdeep":"768:pAlbBAyVn0/cw/BxHntC+7LbRsNh98tXHIvdulmgcYIWEpGdrOkJreKHXgNgr4xG:I6gadntINUt7EbF+NreKHXAG47xd0","tlshash":"b903f1338cce8ed6cf91d85a1313909768ee9e441de52c893de96dff0a42f594e05b18","first_seen":"2025-10-06T14:54:36.928398Z","last_seen":"2025-10-06T14:54:36.928398Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5596,"timings":{"blocked":5566,"dns":0,"connect":0,"send":0,"wait":24,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0330/20230330023313972.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0330/20230330023313972.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 12363\r\nConnection: keep-alive\r\nLast-Modified: Thu, 30 Mar 2023 06:33:13 GMT\r\nAccept-Ranges: bytes\r\nETag: \"4eb32681d162d91:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 31799\r\nX-Ser: i31243_c6956, i2475919_c28821, i1940269_c22409, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12363,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"a1c0e70a93c538678aa129391ece51f9","sha1":"21f60084f0bd79f1a878b28d415f95ad0275d73a","sha256":"a162a3ff3b53c84ae74bde1d6f0d21b7f5fc9852580543d6e454913539c343c8","sha512":"9271f65adb46c599a56519a92bc9b2c2363dae574d818dabe6667ff1034000ab672a61be3d5adfc5ee8aa7151160e0f2239108f0800431dfda7986d53a3ff19e","ssdeep":"384:V7BVkJECHNmae4p4p/9x/Uscuqg9PcAk15o:V6Nw4p+78brgJcvvo","tlshash":"8442bf5cdd8e329a853f846a609664bae79dd449a3165901d014230823f84cebedfb78","first_seen":"2025-10-06T14:54:36.930943Z","last_seen":"2025-10-06T14:54:36.930943Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5652,"timings":{"blocked":5628,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/0126/20190126032243243.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.007Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/0126/20190126032243243.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 7515\r\nConnection: keep-alive\r\nLast-Modified: Sat, 26 Jan 2019 07:22:43 GMT\r\nAccept-Ranges: bytes\r\nETag: \"c779f0ed47b5d41:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i37654_c26321, i2475937_c28821, i1940263_c22409, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7515,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"a50e55d804c33ed0f0a156a2692f4af7","sha1":"7c872971d1b0d7e33e14851137a6849c3e1e0f7d","sha256":"c3109fffc12f6f45062fcdcdf66970134b13d451c8a42f772c2fde310c37f6c7","sha512":"b7691d627cc6f8157fb0f572329c3f362a5380cebae3cec32638e286fb2125509febe0b18a7d7143d7ef5e2e60860c68d2c071bafe6b3041ec3afff0b17334a8","ssdeep":"192:u3qQ9eXth9q4oNUA433CH7VSNiQz14a6TjIn:c9QtmNUA4n27EiQZ4a6X4","tlshash":"1cf19e8d6f2cc85ee98a43374bb6e2094ca9205dfd617d82e63bc1d31c671a590dec68","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-04-16T01:23:16.967821Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5037,"timings":{"blocked":5015,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2018/1102/20181102034212382.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2018/1102/20181102034212382.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 7535\r\nConnection: keep-alive\r\nLast-Modified: Fri, 02 Nov 2018 07:42:12 GMT\r\nAccept-Ranges: bytes\r\nETag: \"8a1f76917f72d41:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i24687_c6956, i2103121_c28197, i1940237_c22409, i1935945_c22759\r\nX-Cache: HIT from i1935945_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7535,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8cb7232bfddebf01f90af8f1cb4edede","sha1":"ebca65a5de5797f87f8228bb70191f1c34448e08","sha256":"21f12c9beb372f1410959817f9e05a2acb5542a3914ba30612c39e6ce5c3dffa","sha512":"f42c6684cee805c1968f904b7d553f17a311aed66b2048788fd4e292abe1777dc20b5e33b5883ab374c6288e94202f55f75868314df7cc5279090d8d6e7d1871","ssdeep":"192:PkPWpB3u+Pmd5mbKr6LWOHMT+jeNM7o32J:PeW7e8wytsT+j+M7o32J","tlshash":"3cf1a05030bdb61c9f92f796ad0e55413760787dec1d66ff6a7e90854031267027b278","first_seen":"2025-01-03T05:17:31.430424Z","last_seen":"2026-03-04T05:46:55.390842Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5082,"timings":{"blocked":5061,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/0708/20190708051207900.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.016Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/0708/20190708051207900.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 42424\r\nConnection: keep-alive\r\nLast-Modified: Mon, 08 Jul 2019 09:12:07 GMT\r\nAccept-Ranges: bytes\r\nETag: \"e1456c376d35d51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i91578_c21603, i2103119_c25795, i58862_c11118, i1940273_c22701, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42424,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"6ddf9e7c5ea2bdd211a586da8c689886","sha1":"b3aca7eb2f5ec6193b7e2d8c49578dfd3e50ee5d","sha256":"c75bb01ef3f723e7f353465a976ffd874691c319d0c2dc62d46e7839f7bc5877","sha512":"244dc82ea16ee96a6638268fa04349d21c2a6175c951b6eda314c2f24fa164a6a81b3cc8ebe7c1c4af2148834d1308acd2599cfc8eff907fc066ba60ca240c7c","ssdeep":"768:QBt1nqVbivdhZk5IEoswwRIEozOXZNhlXlBnyOFJAcaxrHR6LH6GEY:2tLdWIEXZoAf5XnyLcaZHRsaGEY","tlshash":"eb13f17f3ebf6b0c05a589b5b13730892d09d47815a1d55ef760eb8b09ba8b64f14831","first_seen":"2025-01-03T05:17:31.619548Z","last_seen":"2026-03-04T05:46:55.46071Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5756,"timings":{"blocked":5730,"dns":0,"connect":0,"send":0,"wait":22,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/rank-abg.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/rank-abg.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/lib.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 20 May 2015 05:00:02 GMT\r\naccept-ranges: bytes\r\netag: \"0f52bd4b992d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 1387\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1387,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 31x5, components 3","md5":"d59854b2227631c03f706d5f9190903f","sha1":"1d06852590b891f50c702c8f4d2740070cc0fc40","sha256":"ee54e03deb7893cb22a4c725a3f9207a75a7cc34bd05ffb55dc99ed72a71cec3","sha512":"d9c158fe4b94d3c73562ae4c77ea5a69de90bae128cb10b571ca4cb1acaaf004cafe52344186dfea9a4ccd42407d718a8e70346a1e42b771dd275e9e2f8d1470","ssdeep":"","tlshash":"7a216509f8132440d468e8b218f2612f95743bc4d9c3d82678e5cc15dd322b30b591df","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-21T21:38:54.167321Z","times_seen":20,"resource_available":false,"data":null}},"time_used":340,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":340,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/0603/20240603105242956.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/0603/20240603105242956.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 44413\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Jun 2024 02:52:42 GMT\r\nAccept-Ranges: bytes\r\nETag: \"9d98851a61b5da1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 1146\r\nX-Ser: i90844_c28777, i2475923_c28821, i1935859_c23471, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44413,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"4f1def1a04e0d0eb8b6a48c7f755c05e","sha1":"3a1ed4ca8da22ec9f549aad7f772f3181f2a7d80","sha256":"d79eff991c0bcacaafc1a4542be6c13ad20a68b049208d6d5ef9a69082f68398","sha512":"ca66a9422eea02e4afade644de61b60a1b29ca58282911730bb3d4f34c0e94b98bbba2d59a5024fe584f5cace75e3dc3a975d63022a929e879636be62a5b70e9","ssdeep":"768:9LJo8TVKmE4NGOYKqF3RyIlSY7FEFo8PN+DZn7ywoIyMGHSdNUr4:9No85m4cOYKSyg72y8PEDh2eUydGr4","tlshash":"5113f2d6e8845304178a545a52ab791f418076fb32ae3024f0e653379a77f37cdb28ee","first_seen":"2025-10-06T14:54:36.719052Z","last_seen":"2025-10-06T14:54:36.719052Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5531,"timings":{"blocked":5502,"dns":0,"connect":0,"send":0,"wait":23,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0326/20200326090245849.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0326/20200326090245849.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 5813\r\nConnection: keep-alive\r\nLast-Modified: Thu, 26 Mar 2020 01:02:45 GMT\r\nAccept-Ranges: bytes\r\nETag: \"f8d76b42a3d61:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28817\r\nX-Ser: i91096_c23533, i2103141_c28197, i1935851_c23471, i1935945_c22759\r\nX-Cache: HIT from i1935945_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5813,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"5fa1fd8183529145e3199d5d80a7bbe9","sha1":"9c08bff637843d43ea26faa293a7e674ad0fb018","sha256":"3f6d3723d8a919255006abbd6768a377f9138bd60f87407d24be5b639b2bbf0f","sha512":"43986454862e594345544f488c9e60144472610a0e81447fca861825e6fad8168195243296641e785b755ae490cfb2ce859b25dfbe910a8d262a70602e03a841","ssdeep":"96:O6h2o1AJxYTTL+RgLgqM4rz7fr0cba0eILNLWrTfAukm0BL2fk4etbAxbkIuPAOE:Bp1AJ2yRgL5rPT0NWLNeT4bJQct1AxkU","tlshash":"68c17ef3587261de0d034a350a31bced581e71cbba53b5435d076d68a117d8a3150caf","first_seen":"2025-10-06T14:54:36.947562Z","last_seen":"2025-10-06T14:54:36.947562Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5525,"timings":{"blocked":5499,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/jian.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/jian.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/lib.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 20 May 2015 05:00:02 GMT\r\naccept-ranges: bytes\r\netag: \"0f52bd4b992d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 358\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":358,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 15x7, components 3","md5":"b280a8273b59d168efd4326bc3ee0dfe","sha1":"a82a4f3ec236867eda38526158d21faf454ebd2a","sha256":"411947b724387d152d8d4a2cf7c56f62305a81a4435e09dcb135828c6ebc31ea","sha512":"f225015afdf78fbf9730e520faf5e0ec7e9a7d2766afa4bc84f6bf0f3135080d23ca7074d54b054992c72cea117037d68c329253a1141b9d3ea929fa1b56070f","ssdeep":"","tlshash":"25e022cb2c2516e1dd330b7c0ba00335930b0e0eba228b8e09aea040dda84c32a90208","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:55.305935Z","times_seen":16,"resource_available":false,"data":null}},"time_used":346,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":346,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0830/20230830024105578.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0830/20230830024105578.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 44393\r\nConnection: keep-alive\r\nLast-Modified: Wed, 30 Aug 2023 06:41:05 GMT\r\nAccept-Ranges: bytes\r\nETag: \"6c63a0f3cdbd91:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28818\r\nX-Ser: i51288_c26321, i27883_c26309, i58866_c11118, i1940229_c22701, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44393,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"43dad6505d7b03f1ce610d86fd475592","sha1":"0177b879183d296236f705fc67ad36dec4f82e52","sha256":"301f9599d64d848c8122804a0bf0ca4a70b19b1eb260ee724211820909d47e2c","sha512":"17e5908bcabb0403a05f5c32e90c18dfb000478f47be21820e735753f09e00c92f1ca8993f6e39cb3ba01d7ec90a2c14d126e732f0c54d027c12eb3430f00d9b","ssdeep":"768:RzRlUGLD1eHsG32JkbD2g4Gx6odermse92oJWOC6CgOHmOwX+G/3I46wOq:SoDpG32Jkv286e7J92pL6MV+79","tlshash":"8313f1667d6f4a092210aa356cd709d29a370b6a9c8f069dd1735bcf08f542471e1db3","first_seen":"2024-05-20T23:08:39Z","last_seen":"2025-10-06T14:54:36.220754Z","times_seen":14,"resource_available":false,"data":null}},"time_used":5133,"timings":{"blocked":5091,"dns":0,"connect":0,"send":0,"wait":27,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012022746328.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012022746328.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:27:46 GMT\r\naccept-ranges: bytes\r\netag: \"05d244532bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2562\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2562,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"8633084ab9945a8c2b65321a819a38af","sha1":"083d5c870aa239dd7b20ea5e518b79ffee9f8384","sha256":"0493c3271cb0fd9cf6de0b64e64028493d7412495ac1a5c6c04af38f7deee700","sha512":"a263d947ad0de7b45cf9103ffe2cc3b52560359c1bdfa2ba998d25368e53ad72e4f183e4fcde2dd28c806e4e454a2bdad81d6ae1fa1ea84f2c96790c66b4c54d","ssdeep":"","tlshash":"99511a4a9bd03600d228f68d4ce1c0378e260dc8a2d4a5fb39e7c50db9718f54c6c9eb","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.143427Z","times_seen":15,"resource_available":false,"data":null}},"time_used":584,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":584,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/0412/202404120943364046325.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/0412/202404120943364046325.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nReferer: https://www.downxia.com/\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 4734\r\nConnection: keep-alive\r\nLast-Modified: Fri, 12 Apr 2024 01:43:36 GMT\r\nAccept-Ranges: bytes\r\nETag: \"c3ecf0d57a8cda1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28820\r\nX-Ser: i33599_c26321, i2260981_c27847, i1940233_c22701, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4734,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGB, non-interlaced","md5":"7ff7d32d2f83acb53125b9bf0ae1e951","sha1":"d60248197844b5fe6f9ca79ad2f659e3c6bcebd0","sha256":"649fafa07b97f65b9e729db243e30585508c315b00ebb12c051e9219cef424f2","sha512":"ccdc922447ebc2e69454c7c16a3ddb87ccb5b1cb5fabdb73b1a4f8ba4380c0bcb018f55213234c1e127f2700b2660f47a7a8a118c94896a395aad1e54b63c9ba","ssdeep":"96:oWk35Aq+Flg1KIXPHcIV5StBDVdxk9787W8FGhMX9PoX9VCYtpYWGh2SFOQ:oW45TKI/bSrDVvEQ7WMGya+gphk","tlshash":"28a16ecaf71040e6c43c52a3b9d990e8c92ba2b9a6019833b84e73925275d303d775f3","first_seen":"2025-10-06T14:54:36.956395Z","last_seen":"2026-04-16T01:23:16.760504Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5732,"timings":{"blocked":5711,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117110904385.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.894Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117110904385.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 03:09:04 GMT\r\naccept-ranges: bytes\r\netag: \"04825954fbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2442\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2442,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"5912c45168ca3677d2d9de2b5e7b4ac4","sha1":"6d45cd29b8e8aeba855b845d9b307a8fea48e5ba","sha256":"024b4e5c6a0d37bf34ff5a8fe2a4aec133c167905856246584a5457d8d5070a0","sha512":"7587c242552e8746c59a5fffa2d5042badb06f34e8564414e6041b0e39ebba87174a939548f03ed5c19bc168f109e035ea846cdbfe3d4a1b53470f0e8b928b87","ssdeep":"","tlshash":"8b51f98eab457c0297baeea26cf640377e764c80caf0d07238ced51645741b9a94f8e5","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.457973Z","times_seen":15,"resource_available":false,"data":null}},"time_used":968,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":968,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117015806895.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117015806895.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 05:58:06 GMT\r\naccept-ranges: bytes\r\netag: \"0ab3f3267bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3307\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3307,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced","md5":"8da7abde0156a65b3617691925ba2e72","sha1":"f50478844db6310318a7b81637305aa0e3228439","sha256":"1530e9731b4c9114b2d7447e46719880cad790270e0f6e9dbbaf251ed65c07fb","sha512":"fc2df3b82eac4545b87e613ee334a4008cfe40c2f98c680b6e9c464634852bb265fbea968d90233b9e94c3625477a404214d90db3ba23fa2904bcb3ef6f2f6e4","ssdeep":"","tlshash":"03613c4aef412c594588b0c214ee30a5de238b20dda0f21765ce9c9cec75371aa99def","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.240052Z","times_seen":15,"resource_available":false,"data":null}},"time_used":960,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":960,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117015821801.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117015821801.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 05:58:21 GMT\r\naccept-ranges: bytes\r\netag: \"807c303b67bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2552\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2552,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"b625d8026c549a8f3d6fcd71ffb6b528","sha1":"f4eaf26fa53ffbeb2f2cae0e07fa250a6e0c42b2","sha256":"c55aaf294619b4a5b3e3d7b1503f0756ec00dd72f8357791bc2ac6551a479f1b","sha512":"2343887414638cb45a8ea673a2890ca9d1f1c480e9dd54ab231c2be293a0f064b7af05a31cda3b557316053e05c1eae4585954532a14be28992739d783d3d69b","ssdeep":"","tlshash":"ee511984760475e0db20e49020f71213fa624842cce5617df9cfd467a9bd0f2906e5df","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:55.301065Z","times_seen":15,"resource_available":false,"data":null}},"time_used":808,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":808,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117030734879.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.944Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117030734879.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 07:07:34 GMT\r\naccept-ranges: bytes\r\netag: \"0ff91e670bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2417\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2417,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"594c2ae816781f3f98c8ba2db3012e61","sha1":"3ee34f23b582865a958b568cc0edc46b6ab9f69a","sha256":"57956b66b15d02c2f8ab4f70dd288ee6c16436d6f7245db3258862a348c8ed09","sha512":"1752b3a91c1c4b88f0aa374bf20653aecab9e700321aff6194f9463bf2d2449e943e5fb573539100168bff5740327f10420c02f9a70d38ffc0d58110493813e4","ssdeep":"","tlshash":"9b41088efed59812b146b80668fb5157cc630411c742b2c5bacfc70ad8264f2649eaff","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-03-04T05:46:55.282705Z","times_seen":15,"resource_available":false,"data":null}},"time_used":837,"timings":{"blocked":262,"dns":0,"connect":0,"send":0,"wait":575,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/1025/20231025025718378.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/1025/20231025025718378.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 6166\r\nConnection: keep-alive\r\nLast-Modified: Wed, 25 Oct 2023 06:57:18 GMT\r\nAccept-Ranges: bytes\r\nETag: \"f548b87e107da1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: BC147_dx-lt-yd-hunan-loudi-17-cache-9, BC202_lt-obgp-fujian-xiamen-33-cache-2, BC132_IT-Lombardia-Milan-1-cache-1, i1940265_c22701, i1940231_c22759\r\nX-Cache: HIT from i1940231_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6166,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"aee3700fecddbd1cd1a811397f2ba227","sha1":"fa1ec3a7685343f5e7abd26c3300d6aece5b135d","sha256":"1e87dd6689bc6541349b70a4395db9a17dc3d467433f40ff77797ef256ee8076","sha512":"ce11b8c00b36ca619034f709307cc9eb2b16924ae25f5c457160244ed41764353c529a3602cd251ca5a8835d618c865868e5bb9442615e4764f17a47d224747b","ssdeep":"192:Yq1xD5HQPbY0EoYWGEfeJ78e6eQ2bv2gvs:YqTVAb2BEWJY+lTRs","tlshash":"5ed1afe8187611f839d9dd2e482201477eff1d4ce0e685a81860ddb4de5d69ec024a7c","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-04-16T01:23:16.782501Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5029,"timings":{"blocked":5008,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012034627387.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.853Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012034627387.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:46:27 GMT\r\naccept-ranges: bytes\r\netag: \"80cb13433dbfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3093\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3093,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"1a9e8f51412046de7a105d2b4825defb","sha1":"304b4795fee9c2ab28f81610c393fc1384234d52","sha256":"30c499dbb473ce06d8acb15065357cfedf97afb4fb123ac274bd363cd4591290","sha512":"c06d590d14accefa45bad81859b682e5b3adb6edcf935a755e282a767575e14d2058af3374818be332cd5aa6d2dbc2431f2131f85d23d15f7e04854ffd492bc3","ssdeep":"","tlshash":"e1512b0ca4ebf080caedd88625e2b503893b5d8410f4f6ddbec9c22336652a0085bcdb","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-04T05:46:54.861596Z","times_seen":15,"resource_available":false,"data":null}},"time_used":838,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":838,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117032737760.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117032737760.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 07:27:37 GMT\r\naccept-ranges: bytes\r\netag: \"803a9db373bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 2822\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2822,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"d8be3330b8ebc81fb7dddda000672df8","sha1":"a9ea37ad52fc5383fb015bb3b9138d038cc4aa6d","sha256":"9662d2afcb5cd16867526dd64a9aaa9273731febac0056704f216df128296ccc","sha512":"de81b77fd6774f52e922cd46667cd3cbaef163bb5b2f4890a62d355bef08e1ff642b0c723a9a2263aca4256a024f0648c465dd191dca3435254296ddff5a13ab","ssdeep":"","tlshash":"d6513bccdfd0e551d7e8b2d718e39553a4634d08a8e0d89639c8ca331e780b9256d9cf","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.261982Z","times_seen":15,"resource_available":false,"data":null}},"time_used":840,"timings":{"blocked":370,"dns":0,"connect":0,"send":0,"wait":470,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0306/20220306100841414.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0306/20220306100841414.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 11893\r\nConnection: keep-alive\r\nLast-Modified: Sun, 06 Mar 2022 02:08:41 GMT\r\nAccept-Ranges: bytes\r\nETag: \"611f8919ff30d81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i63598_c22643, i2475937_c28821, i1940259_c22701, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11893,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"f280e5e29404478f7806931cbe3a7261","sha1":"60e03be491201d18cca0919d155fea8b14accf1a","sha256":"16b83d821be9fe486d9b6728d8129e152c98539732d048fd04e502b7cd2d7ae5","sha512":"665870662a8dd2fa4424e1566fdcd9fba49184df2a208cffec79657e010a40d709430426e8813594f1af70ca08ec4a54ea1b9d84a221638d0a2b0ec30d15b05b","ssdeep":"192:wJlL1ZtFFk2PEdnDORAcbggYBY0dncbTI0xbKWwqmyhdKB1JUt2KP1QJQekI+TY:ON1jI2PEdnYAcUd7ST3xOTqmyhdKBvUY","tlshash":"2e32c0f49e7364b5d504b2eb188077d7cb11a98e258036be34aec881711f3846d579ca","first_seen":"2025-10-06T14:54:36.9728Z","last_seen":"2025-10-06T14:54:36.9728Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5023,"timings":{"blocked":5001,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/ipx.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/ipx.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/lib.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 20 May 2015 05:00:02 GMT\r\naccept-ranges: bytes\r\netag: \"0f52bd4b992d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 283\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":283,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 3x1, components 3","md5":"cacfd31eda571c277abdca253d9703b6","sha1":"581701ab62fc0eacd6f2c9b1c7199fe97c3cb633","sha256":"f834f8d721497b56708947eeae5003ec9244e6d61106e7b298f090ae7bf97765","sha512":"a3b8c4202e6cdc67e5254f9a8a3118aaae342543569535bf5030f64e519030e1d146611cffc998352e1e30c7025d7247dfa209d3ae91e63ef0d6c31c63ff2acb","ssdeep":"","tlshash":"ded092d33d0150d0dc370f380b50c71963072f0ea6104b0d00ab2440ecee2cb2651213","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-04-16T01:23:16.739092Z","times_seen":21,"resource_available":false,"data":null}},"time_used":349,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":349,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/logo2.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/logo2.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 22 May 2015 15:14:24 GMT\r\naccept-ranges: bytes\r\netag: \"04876fca194d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 5410\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5410,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 143x37, components 3","md5":"c5d3362d478fa037c76cc42af6303fd1","sha1":"a56ab83a5d669e7e5ad528622ac7f670efa5d006","sha256":"54b634e8e6012a31157b81edf2d4bc87536b99f768efe4e89d7ba64a32ab694d","sha512":"6859b01b73a23e0253f3c7152f17b616b82b408a7a6576d92571426d1265ef0955b3ef750cefcfcf16d08e313545b06e7c97a0bc6dde8308e00992fc610bb2d1","ssdeep":"96:5+eyAnjXYPQPHgkNByUHGf9g4c3sehDZkE:5+eZjXYP3MBn40sehDZv","tlshash":"54b17d3904f95adb9db2a67a7f23a9c2b2cb3dd73ab91a5042e36034e00a04c1675647","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.459638Z","times_seen":16,"resource_available":false,"data":null}},"time_used":912,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":912,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0706/20250706021018122.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0706/20250706021018122.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 36101\r\nConnection: keep-alive\r\nLast-Modified: Sun, 06 Jul 2025 06:10:18 GMT\r\nAccept-Ranges: bytes\r\nETag: \"927a3a53ceedb1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28817\r\nX-Ser: i64208_c23533, i2103119_c28197, i1940229_c22701, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36101,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 251 x 65, 8-bit/color RGB, non-interlaced","md5":"33228ef3b8e0a0bf7d3497eed1a5cfee","sha1":"1c3cf45bbb54cbfd28645f5566defd8de54a0f6f","sha256":"6aba0f210e9843afd78dfad802418d02e7810366b82d53c3cf85d8f9a1a64fa4","sha512":"671c8abded82b3481b0925bd6523fd1640ba8cd31e05b2fde003a95a3d6c62a869bca3ea402d990586e2ad4b28be049dc788cc5affec221e35856da8f61f3ba5","ssdeep":"768:4lOekiwTmXeOYl2VtLWybij1SaXtNh0lT8CxvMAGvbCkCrl5:40ekiwxNl2LWT5RdNoLxtGCkCP","tlshash":"4ef2f1b93bd4ce12f0f9658364d350a99e1323c864e8d6aba868d522022de651432b8e","first_seen":"2025-10-06T14:54:36.979812Z","last_seen":"2025-10-06T14:54:36.979812Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5230,"timings":{"blocked":5202,"dns":0,"connect":0,"send":0,"wait":23,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0517/20220517034446473.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0517/20220517034446473.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 17 May 2022 07:44:46 GMT\r\naccept-ranges: bytes\r\netag: \"02b84fac169d81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 3132\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3132,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"1f6300c70191aacc9d34a6f6b29b60ea","sha1":"14c64b318db9c89dd8a8304874512c899e08c65e","sha256":"61a5d56e7e9b733cff016ea90fa83d08aabd9ca0889973ecb53b11a8d04f421e","sha512":"078dacfbe017126fd22f853e6f0774cedbde1d791d7fb4697639c5da7bc3869c1e3b7760185f750ee44b49efadff5c85d6bec1379b12adb729c0f28ac5c1d586","ssdeep":"","tlshash":"94514ccdebb2628013e1d0e650f700b76b136e4594d2d462b5cce8054af80798d0abdf","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.489452Z","times_seen":15,"resource_available":false,"data":null}},"time_used":827,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":827,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2018/0918/20180918045939503.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2018/0918/20180918045939503.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 13150\r\nConnection: keep-alive\r\nLast-Modified: Tue, 18 Sep 2018 08:59:39 GMT\r\nAccept-Ranges: bytes\r\nETag: \"ee5f46ee2d4fd41:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 697990\r\nX-Ser: i91626_c21609, i2475911_c28821, i1940269_c22409, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13150,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"97df76d3dbddbc66b1769aa65236ed14","sha1":"4aedb93d1b3f165da9390cd8060e0c0ef20ded50","sha256":"97c6c5fe4e9b0a199a1bd8634e353da9c01d7bc04bb020107864da5e931af62a","sha512":"8116967aae385dd1e7cda5acfced87d7c2a02216eca7c0a88105ae04c3518f8c8c30415ed1e804afc6b6f4b4c171e9f0129185699e645f06d74ecc57d6b7acff","ssdeep":"192:Hn/zmtTcJ58IHmMkuAO1o37kbQSxXUPDWMj9v8kV64frJ+P0GNYOmM35q027j+9W:LEqGM5a25Xyyg9hlTG0rOJ35j27quifE","tlshash":"9742c067b633a1ecca654c73c384406ada21e2f84456c9d63f8d4453d8c256a25d6b2e","first_seen":"2025-10-06T14:54:36.984382Z","last_seen":"2025-10-06T14:54:36.984382Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5503,"timings":{"blocked":5474,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0714/20200714050217289.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0714/20200714050217289.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 11332\r\nConnection: keep-alive\r\nLast-Modified: Tue, 14 Jul 2020 09:02:17 GMT\r\nAccept-Ranges: bytes\r\nETag: \"63d54979bd59d61:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 31799\r\nX-Ser: i64294_c23533, i2260981_c27847, i1940273_c22701, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11332,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"83e93d363681e3fd193cd28eb8acdc0c","sha1":"514290861e8e70927beef0dafac01665a4ef07e2","sha256":"a33f74f7368a343ca511d4e0d85f86686f6c0309932fb04289ca889c322ed7bf","sha512":"12b8810b21b5d6fa472d71723bc4c988b9ddec2eac712e96fa9dde305c86b66bee890dea549364c61144a63ff1b4eecda3c182813d6d57cd966bc523d8034ff3","ssdeep":"192:TSTPOfA8oGP0yjgYdb23Hhijzs4fpgYRr4TaXm3NabDuR/lA/mrN:TSTz8r1gfZ4fpg2r4GXm3NaXuJlA8N","tlshash":"2e32c08021654118250fa47c7bce8025eeff77c222dc7d2b49f16eea231397865e51af","first_seen":"2025-10-06T14:54:36.987031Z","last_seen":"2025-10-06T14:54:36.987031Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4974,"timings":{"blocked":4952,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0509/20220509112719643.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0509/20220509112719643.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 7672\r\nConnection: keep-alive\r\nLast-Modified: Mon, 09 May 2022 03:27:19 GMT\r\nAccept-Ranges: bytes\r\nETag: \"3898b05463d81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i32021_c12732, i2475911_c28821, i1935885_c23471, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7672,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"4270d1f248208244df84c7d3f9535bf6","sha1":"216d17e972a5c4d8a838faa8bcc730a6596ff17b","sha256":"a91a84120c92c3995a3063a7565fcbbcdfdfde850a84490105ba3b736e927b34","sha512":"9e77594461cf0b998a6b730f30a75a1b67d63d4da872717b39762279368e420fbf7c9a2cb1cf1f6760552409f643ad557f2bef45bbbaf8fbaea6d4d0c3cda309","ssdeep":"192:wV1m4jWNj7tIQKgaZs+osOrm0lXNk65ITWMM7smJXm:wV1djC1raZs+osOrm0JjQWMM7syW","tlshash":"eaf1bf1aaef912f1df58903eaac7197167d8a1f29c097021e423d735ac4d9e2d232d4c","first_seen":"2025-10-06T14:54:36.989561Z","last_seen":"2025-10-06T14:54:36.989561Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4977,"timings":{"blocked":4956,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/bg-li.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/bg-li.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/index.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 19 May 2015 02:27:49 GMT\r\naccept-ranges: bytes\r\netag: \"8001166db91d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 1344\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1344,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 9x4, components 3","md5":"c079336d26c9a71c9bca93a73924e0e0","sha1":"2d55240039a0e8d8a1da2cf7b92b5a8b06e149e0","sha256":"6d3d004d15a8a2dac1ab4366aa44a08a332f18b5b891b622a62d971f8bbb2b8f","sha512":"e243d583d1c53b5e5abef5977c27e5caf5756bc38e9f6fd80bd16f5da833c80bb104566f9eb1cddaf103be822c892a707ec40de58870367de693fc079708bb91","ssdeep":"","tlshash":"2a21324ef6426702d89c9eb239f3a11b595644c0b8c5ea96bcfadc1b18750f9081e1cb","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.466637Z","times_seen":16,"resource_available":false,"data":null}},"time_used":338,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":338,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2016/0312/20160312090209797.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2016/0312/20160312090209797.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 9981\r\nConnection: keep-alive\r\nLast-Modified: Sat, 12 Mar 2016 01:02:09 GMT\r\nAccept-Ranges: bytes\r\nETag: \"2d9c2cdfa7bd11:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28821\r\nX-Ser: i91654_c21609, i2103121_c28197, i1940269_c22409, i1940231_c22759\r\nX-Cache: HIT from i1940231_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9981,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"9004b33e0d0a6f5e495edf5c01716f89","sha1":"c35c7e192a848fc340051a5b4c94b813ba48e4e0","sha256":"c2822495bbead010e5a6407e043b9939d5807b840b9741cd3063b4aa605fc817","sha512":"838b2f141f47ebe459f5acb3991585477de94acec43ccb9e6386d4158c1055c455c576173a9ea5c31b5f9ff3a664066395e8a28039bac0e3cb7c644594956ca8","ssdeep":"192:kmTZa6q5y/wlGdPPmTtguwvIkXmmvtg4+q5FdKBXZL5AL4ow6ISvTAkb6n:1TZQ2GTKuevC4OR5ALY6IScTn","tlshash":"d822cf845620ec2670f96ff8f95661ce149b4bd61a7c0cd5cf10842a954bbff95d7810","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.29383Z","times_seen":15,"resource_available":false,"data":null}},"time_used":10165,"timings":{"blocked":5050,"dns":5031,"connect":19,"send":0,"wait":23,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0919/20250919082801406.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0919/20250919082801406.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 16082\r\nConnection: keep-alive\r\nLast-Modified: Fri, 19 Sep 2025 00:28:01 GMT\r\nAccept-Ranges: bytes\r\nETag: \"7c32e641fc28dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28818\r\nX-Ser: i37198_c28455, i2103141_c28197, i1940233_c22701, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16082,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"09332ecf88e492d612383421d20bccca","sha1":"219b68db45da0dc6fb12463de067d69e1b504c36","sha256":"026014a9f68a7a1ead9f145210c9025895d202cf36e35078d95ba4c19bd0a8b9","sha512":"ba2328e019f7b6d6ac7c57cee3f9c55aadab305c25b19f6f2a57ea6ada22036a0cfd0597b3b9a40d28d558ebc22a11208417d709c078c2067f0673c2c5a8f880","ssdeep":"384:Ro4d0UcFv9jsn3nByeGDxbo5k9uRyVk2/wrpKOygg:2dJIXTGDuMjwrsOy3","tlshash":"9672d0eb3f5084a4f661760672b26687ac6715ca4380d13b34fdf09fb3ca297509d92e","first_seen":"2025-10-06T14:54:36.997948Z","last_seen":"2025-10-06T14:54:36.997948Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5555,"timings":{"blocked":5532,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0321/20220321015244880.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0321/20220321015244880.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 3736\r\nConnection: keep-alive\r\nLast-Modified: Mon, 21 Mar 2022 05:52:44 GMT\r\nAccept-Ranges: bytes\r\nETag: \"e48face2e73cd81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 1144\r\nX-Ser: i32019_c12732, i2475923_c28821, i1940269_c22409, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3736,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"b5973adee98f065f32115a7ad37ff2ca","sha1":"fbaf89e6a20307b56948cdbfa44c176d269ef1d4","sha256":"d70638301f196aab956f07c7b63f4f2ceb22f98e6f06fa812a22008c9ef21b9d","sha512":"c78e1fec69f856ee5f1e1c4d7cdbb61de0d6752909f9ca8059e2df5b63fd227fc183489fe49aa66a1762a43087207ab7cafdb5ba5f4748ed0c0da69b2dcb06f2","ssdeep":"","tlshash":"ec717d411d7a01bacb658c306a8f41bda5ab25b295c25880346a77754204ad39cc46ed","first_seen":"2025-10-06T14:54:37.00061Z","last_seen":"2026-03-04T05:46:55.565297Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5239,"timings":{"blocked":5219,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0925/20250925021409917.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0925/20250925021409917.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 8844\r\nConnection: keep-alive\r\nLast-Modified: Thu, 25 Sep 2025 06:14:09 GMT\r\nAccept-Ranges: bytes\r\nETag: \"d8922c9be32ddc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28820\r\nX-Ser: i91106_c23533, i2103141_c28197, i1935851_c23471, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8844,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8cf66d98e3d98eefab1ef69ae1332d08","sha1":"9e921414d254aa3a2f98674d60386adde9cd22a9","sha256":"834473220ebab69b6b0b36d845f3aa307539d909e6575c81ceb57acf4cf3b194","sha512":"7fed3ab53a15e3afbfdc8e644cc7f77fd5ffbdff9fc9f9fc36f19ff4e0164815c381aeb7ed7960a7c491909fc05a52b5cafa1dab5b73ac9c5e55c265d95d62c3","ssdeep":"192:eRBenaKjt35RCHUP4od9PtmYeOUD55u3TL1ntzNYSEW8pE/rR6DWw6vJY:eRBenaKjzyUPpkYeOUHu3PzNYS3/rR6d","tlshash":"e102b0caddfa2baf4da34364f5188872ec3205b2db015875dd28ac461937d1738a533d","first_seen":"2025-10-06T14:54:37.003131Z","last_seen":"2026-04-16T01:23:16.693701Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5703,"timings":{"blocked":5682,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0718/20250718052700625.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0718/20250718052700625.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 34545\r\nConnection: keep-alive\r\nLast-Modified: Fri, 18 Jul 2025 09:27:00 GMT\r\nAccept-Ranges: bytes\r\nETag: \"6bba1e1dc6f7db1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28817\r\nX-Ser: i64294_c23533, i2475923_c28821, i1935953_c23471, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34545,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"b9611c49b10c4241a25695cfe204c0e2","sha1":"5b5c9059096a4a5a6d45de21fe4a6b9cdbc4de7d","sha256":"01f5cb4e8ee9a618c9dec980888c2dae7462e9e1af37f6f51343e963072d680f","sha512":"1c2bdd9e40f564583c4beda6ee4512d331fe16b4a23ce2de684238c98cd5d6daad0fadbc20cf13394e678ca0b6127c3f213c6a4266729e6c206643933fc2b90f","ssdeep":"768:MtzKjQAf09dwHBAR6W/+oKWvTUdwu+pe9H5Wrff7:MM/6wH+R/Adb+pSIj","tlshash":"fff2f1c8ad6358860b39f61529c5647df4d2af9e6941db7533bcf02864a8e870372902","first_seen":"2025-10-06T14:54:37.005963Z","last_seen":"2026-04-16T01:23:16.929889Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5741,"timings":{"blocked":5706,"dns":0,"connect":0,"send":0,"wait":30,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012035859299.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.866Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012035859299.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:58:59 GMT\r\naccept-ranges: bytes\r\netag: \"80e34d33fbfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2190\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2190,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"339be9bdcb2702ab824186ebfd875150","sha1":"aa4a33ad0c5e0d098bf9eb2d34e8e8edea2177ff","sha256":"ae6692026475b63611d53480ebfda90888b04feed9e82f054182997d1af62275","sha512":"9abee10b0d5266bb190f9b7abcf48d76c8177e0ded94fc0dd081c05c1579e9b0dd2c55a217a66abc4c83137ed257d821fada964819903f527d01de471adb85e1","ssdeep":"","tlshash":"28410acfe9916862461a90465cfe312678a24480e6f2f57cf98bc8ab08343fd590c8cf","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.624359Z","times_seen":15,"resource_available":false,"data":null}},"time_used":828,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":828,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117032725335.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117032725335.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 07:27:25 GMT\r\naccept-ranges: bytes\r\netag: \"802c76ac73bd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:49 GMT\r\ncontent-length: 3402\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3402,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"15c812611faad9b093f932e6b93efd89","sha1":"abb414036a6522f43c2d180e0811a463e4a14091","sha256":"1d3319b8098c1552a8b73b620cf9ac86294b88b17795b3c5b62bb6b9f5ea6ed0","sha512":"3ef247730947793d9c6df7114b55dacaf40c9b871816213296904fe4e4ee474aada27505439bd6a52942ed65090eb9c579ddfa94985c66e58795a74de1dc3ba3","ssdeep":"","tlshash":"fb613bc6f384bb829e4de442cafa8177dd324d80c1c4da89745af84307702e94a597df","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.416877Z","times_seen":15,"resource_available":false,"data":null}},"time_used":850,"timings":{"blocked":371,"dns":0,"connect":0,"send":0,"wait":479,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/1213/20191213010856144.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/1213/20191213010856144.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 31481\r\nConnection: keep-alive\r\nLast-Modified: Fri, 13 Dec 2019 05:08:56 GMT\r\nAccept-Ranges: bytes\r\nETag: \"d2a786c73b1d51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i37214_c28455, i2103125_c28197, i1940277_c22409, i1935945_c22759\r\nX-Cache: HIT from i1935945_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31481,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"ef4d2544ba0086a6405d8b1b1887854f","sha1":"d87644971e1313333abf0b0bf86e06d5121d969e","sha256":"3265073b34d86e65e190b6fc835ef0cf0be106dad3459930a89f22a18806f12f","sha512":"b3f8beafa6477ba357b639240cc982ea5a66b3e6f386c4521937c175f0abdeb3234dfa4af6f946fdba416f7612925fd9154f4c237122e4298f55a3d99038e1f2","ssdeep":"768:cLS+nhSmYSpuRKR9LWDFdYa7IVE8i1TvVFfco5sbXbhFb:cL/hSypuRKDWZd/CERr1P5Ahh","tlshash":"3be2f1b987e4646cf4011b303a3c1db81671999f9e7c903827bce498b5f4759aeb01bb","first_seen":"2025-10-06T14:54:37.011402Z","last_seen":"2025-10-06T14:54:37.011402Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4982,"timings":{"blocked":4952,"dns":0,"connect":0,"send":0,"wait":25,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0103/20200103022637811.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0103/20200103022637811.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 42811\r\nConnection: keep-alive\r\nLast-Modified: Fri, 03 Jan 2020 06:26:37 GMT\r\nAccept-Ranges: bytes\r\nETag: \"79c4b6c0fec1d51:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28820\r\nX-Ser: i93066_c22643, i2103121_c28197, i1940263_c22409, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42811,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"c81e2519dd1fed57e4e6689ae05ad9b5","sha1":"33d2a52d7150f0d4fd531f7ad5568bf5bc6b5e34","sha256":"bf8ea04d3b5d38708bfda51ae7fe0fe3b9158b9ff3f7e78e59fc1353e6d1cb79","sha512":"549e80a5d4272168c64add2bccabc695e14f021dd02c56aff5177d70f578ce03874a9e5ee13da3d0a44f8b20878411630d898ac5b6dbc23603eb97ee8f011898","ssdeep":"768:EHU+5xq61CzcQhSypRMPq4u9LCF3ptbv5/WDsgyPL+a+r5u1sFx:Eh59C4xGtl+FzRdgY+a+9u1Ex","tlshash":"c713f1d18603a077d225ed33c8f7a22fa3122818312c946937cbc77ab91a76dd66157b","first_seen":"2025-10-06T14:54:37.014182Z","last_seen":"2026-04-16T01:23:16.654519Z","times_seen":3,"resource_available":false,"data":null}},"time_used":5732,"timings":{"blocked":5703,"dns":0,"connect":0,"send":0,"wait":23,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012023300574.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012023300574.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:33:00 GMT\r\naccept-ranges: bytes\r\netag: \"0f64c033bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2926\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2926,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"683f80909892d793c69f3cc5fd9b4a20","sha1":"dc5616872a14bf814f095cda666e75170ea087ae","sha256":"cc2a4cc50926832b42f32abc7dbe6c88e839773bf3d35b53757719c3bdde1d79","sha512":"7e9b329f1eade9f7099543b9a966b0d61dc9e0086c6785816c10bfeec8ce2bbad5c2840042952bf8a71e7588f3e7f4ed8aca5f8d8c22f31ae07e7c48a93e6709","ssdeep":"","tlshash":"dc516b57bb422912868090123cef1033be19cc949b90a7a9b838c9f35d280b3106e3cb","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.574248Z","times_seen":15,"resource_available":false,"data":null}},"time_used":699,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":699,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012023538603.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012023538603.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:35:38 GMT\r\naccept-ranges: bytes\r\netag: \"0d9795e33bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2944\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2944,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"5e8b9ee922ec0769b8d1c3a6704464f6","sha1":"287bfdfbe45668d35f575707c7a4c35a3d36b216","sha256":"61f4a35a5639163283ce83ea1e44f798f389eff111fe50e3e94c241b33faefd7","sha512":"b34301116ea0b70ba612699484719fe3db641208afe27a120603db6475547b1281d9fe2e320818a6bb34210f8c929a2f74271d1355ec64246e622a6bd827851b","ssdeep":"","tlshash":"ac51e94e98933021e1c6c96234db604bdb735c407ea0b5cc25cbda165934a3e0e9faaf","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.023529Z","times_seen":15,"resource_available":false,"data":null}},"time_used":850,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":850,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/softicons/qdrs.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/softicons/qdrs.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 30 Jun 2015 06:56:14 GMT\r\naccept-ranges: bytes\r\netag: \"07bbeda1b3d01:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 5350\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5350,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"5b660100b4ffcb261db639a890cb39d8","sha1":"d6d8bcdbfc4bf2b9d55555f2989c901bab335029","sha256":"09a9094b2f830a1e88255a41dda8616773cda10ab14d9808ea348f30ae61ef5d","sha512":"44bbda4e2e60d4b7113018c61b42f4aadb0a6630fb847c48000b7e19e270b639c90ace84274e834f145887ac3a3dcb15fce4706c4965a2390806b3d9a2434238","ssdeep":"96:wQsIk6c1HqlhtznnSSNyuUPRQ5tLrbUNG+vdlbF7YveAfsfdDcvEMODKDatg2UGe:wpIZeKlPjSS5WRO60+v3bF8ve1soDKD7","tlshash":"3ab17dc4a2405c9be62d6fb31f3a188490a6b86a775f7c84d683f4683d216c493d6937","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.436911Z","times_seen":15,"resource_available":false,"data":null}},"time_used":760,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":760,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0810/20230810092722939.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0810/20230810092722939.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 27566\r\nConnection: keep-alive\r\nLast-Modified: Tue, 29 Jul 2025 00:26:06 GMT\r\nAccept-Ranges: bytes\r\nETag: \"df187e5f1f0dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i37646_c26321, i2103121_c28197, i1935891_c23471, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27566,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"5f27be86a8aea92c2a842b6517628c66","sha1":"a6995499f028b12538ef41ecee4f77a2694a8c4a","sha256":"7595818c2a6755a31a69526d8a5309706a7491ed32e3b5980c20326e18365936","sha512":"d81bc6be084b06c68da4b3c09edc030eec501a1c9bca3f19a8c71120f3ab058a897440fb24563819113d1721eb7509cdda7c6f21976a61052d9c5c4eff2bb7f8","ssdeep":"384:tkmppflvOAC19gWqvWT66BvaU4QC1mQpUELdoiZnr+5bDynZl+cWZirYPGu:prfYAau6pn4QC8Qplxr+5bDy/SirYeu","tlshash":"05c2e1737311546b7142d54faf8e020ed188ee62736819c56aeb8139e23b601ef356fd","first_seen":"2025-10-06T14:54:37.023786Z","last_seen":"2025-10-06T14:54:37.023786Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5540,"timings":{"blocked":5513,"dns":0,"connect":0,"send":0,"wait":24,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0627/202506271549455027921.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0627/202506271549455027921.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 28587\r\nConnection: keep-alive\r\nLast-Modified: Fri, 27 Jun 2025 07:49:45 GMT\r\nAccept-Ranges: bytes\r\nETag: \"c3b5b7c38e7db1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 112595\r\nX-Ser: i92782_c22643, i2475919_c28821, i1940245_c22409, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28587,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGB, non-interlaced","md5":"ae6df186b78b0122ea499598fd8bc7e8","sha1":"816933591f95f7f21c21dea991d51df64c5929ed","sha256":"8bebfa67e7f7ac835be3a32f5fb008d9046597338df632665cb0c21456b2b82a","sha512":"cf68ba8b894b867673cbf77a5500897333c1c03446671a53853513d35bd2a4295f93c57adad93e80af1da023f2242bd33838f8a8102ab8ab506577ebad258ab9","ssdeep":"768:oGbPUYCCAjrjlginnhjXz+oON9U2A79J6KmCWxmW+e:XZCPDV5XzONo1mCUH1","tlshash":"a2d2f1ec65343609f81d92cab02f4b3ca044d058577afd54edea8b47398aa9ec53178c","first_seen":"2025-10-06T14:54:37.026518Z","last_seen":"2026-03-04T05:46:54.968695Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5557,"timings":{"blocked":5533,"dns":0,"connect":0,"send":0,"wait":22,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2017/0405/20170405101505931.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.005Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2017/0405/20170405101505931.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 34178\r\nConnection: keep-alive\r\nLast-Modified: Wed, 05 Apr 2017 02:15:05 GMT\r\nAccept-Ranges: bytes\r\nETag: \"180e570b2add21:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i37228_c28455, i2103141_c28197, i1940269_c22409, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34178,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"be86b8aea3ab43bea321a1ec6829bba9","sha1":"ba2169d8b3d78a46cec24a63ea5843e4804cc3ab","sha256":"09745f740d5e9e1a85ae22e3ffc6f8c3bdfc206a5864c4305f614d825afd8681","sha512":"ae606b2d0cb9de88b68f87c629a115060fd019abd8dc1d74b7a47136c47db79aab1fdc8ad3fd776d47ab9cb1863a0c1ab9e6e91236683f4728b3c59ad86d394f","ssdeep":"768:ojpWPtxdvzzlaPqXspeqNT67Bv/5ZOGG0ocRNR2r/uJ:ocFzQoqA7lBwGG0oUR2rWJ","tlshash":"cae2e0628e6010f7f009e3ed467efaed43a734014abaf9c11db5564f26262d588c8e77","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-04-16T01:23:16.806252Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5009,"timings":{"blocked":4982,"dns":0,"connect":0,"send":0,"wait":23,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0310/20230310032140864.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0310/20230310032140864.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 44147\r\nConnection: keep-alive\r\nLast-Modified: Fri, 10 Mar 2023 07:21:40 GMT\r\nAccept-Ranges: bytes\r\nETag: \"d03b46f52053d91:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: BC111_dx-lt-yd-hunan-loudi-17-cache-9, BC204_lt-obgp-fujian-xiamen-33-cache-2, BC132_IT-Lombardia-Milan-1-cache-1, i1940229_c22701, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44147,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"d2462d6aff044ea9bfabac8864fb5008","sha1":"b438a263eaa2c617f40f6e214608e5a271b63744","sha256":"40b0288d9d540794744654a8cc5b44a2cdf74e5d21f8875cc32e690427a72177","sha512":"41dbb6337202b7260448590b82f859d3d3ca4c2aa80c97b2e99f02c8b23cbbb21ae0bb26e078b98ed2b8f8f72bf975430e9c9733719e07308db5188044c04b34","ssdeep":"768:qK1IfhUoDtK130/7mMGsfWgSMMy2EMacwBRA288qPD6j4Hay0f/OJVgAoYXTuYSI:q+ehBDtK1k/irs9SxmZBb876yay0Ygdi","tlshash":"7513024e8b55d34132bd05ad0d06ee476f2caa219b1e2629bfcf60f60e65c0f59b5183","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:17.013057Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5722,"timings":{"blocked":5694,"dns":0,"connect":0,"send":0,"wait":23,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0918/20250918081454961.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0918/20250918081454961.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 18223\r\nConnection: keep-alive\r\nLast-Modified: Thu, 18 Sep 2025 00:14:54 GMT\r\nAccept-Ranges: bytes\r\nETag: \"584b4423128dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28818\r\nX-Ser: i90844_c28777, i2103129_c28197, i1935851_c23471, i1935921_c22759\r\nX-Cache: HIT from i1935921_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18223,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"76dacae763b891761de432a295b55717","sha1":"cf313418456285ddcf908ad96149c5565210e541","sha256":"5ff2fd14a0c63e9d18bff6d39bd17b144b1fe01a0592e14b82f96df813d1b12a","sha512":"2748dbda90acf529f29f0eca5acad6fec5912570802eb3a6d35ff28cf404446dfc4d578e2d38b759134631ff244e4c3fef172b1458edb0bb74aa9ef36dd3156f","ssdeep":"384:idG7S8w6DYLYl79jNnwZpbcKdskstiC6Jl4iUN6nqAa3X74fIu:Rfvfwnsk/C6JLRqAasfL","tlshash":"9082d03702db956007f576f62e577b39709f203a205689b640fd74ed1c6ac2f70a7852","first_seen":"2025-10-06T14:54:37.032891Z","last_seen":"2025-10-06T14:54:37.032891Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5570,"timings":{"blocked":5547,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/1203/20211203111814429.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/1203/20211203111814429.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 13377\r\nConnection: keep-alive\r\nLast-Modified: Fri, 03 Dec 2021 03:18:14 GMT\r\nAccept-Ranges: bytes\r\nETag: \"aa49ec68f4e7d71:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 6476\r\nX-Ser: i63566_c22643, i2435183_c27847, i1940233_c22701, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13377,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"27677617e05cf4111ac5984910c81bd0","sha1":"6407f10f4e57bf18b9a46f65b57694d72ece16c6","sha256":"2837ada3d4038efa5602bfadb2d9d4b304174a27124dcd7c8485fb0039aad6e0","sha512":"f678b810747ce4f3fc8643071e5fbcbc3aab4da6bdbfc6aecdae1a9f4bcb775b433b564479d85b16de12b5bf8afee1172963724d8058cc465c3d91141d7d95f2","ssdeep":"192:/CQoQBHZNd9cLGyz4vBZwqGMEdoIh4rQY8XemDoIywY5TA5PQxKpU0dEkZ:nl5z9cL9zijwqGM1n8XT07BS5PQ4Goj","tlshash":"9252bfa82b678ebfcdbd467f1091e28ac173fa5236b517cfa19449184ce228440e2c9c","first_seen":"2025-10-06T14:54:37.035308Z","last_seen":"2025-10-06T14:54:37.035308Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5258,"timings":{"blocked":5235,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/0420/20210420040910648.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/0420/20210420040910648.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 19785\r\nConnection: keep-alive\r\nLast-Modified: Tue, 20 Apr 2021 08:09:10 GMT\r\nAccept-Ranges: bytes\r\nETag: \"b5f14371bc35d71:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 187657\r\nX-Ser: BC134_dx-lt-yd-zhejiang-jinhua-5-cache-18, BC199_lt-obgp-fujian-xiamen-33-cache-1, BC132_IT-Lombardia-Milan-1-cache-1, i1940273_c22701, i1935889_c22759\r\nX-Cache: HIT from i1935889_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19785,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"87be00dd86ccf137edf5e8dbc2f9d8b7","sha1":"b7af2709adac2565f67e85ffdf40d6019c99b719","sha256":"c71f99a7a55f5ff0561fe9b5ec384ea9082973254cf9c1dae99a8d3508a3c0a7","sha512":"e3a893aed7fe1389b76f4218acaf4701f29fddc1c22f40181c351d53176db0c186f24eda3c872a5387a9cc9016b751ab441bd74c238a9519383570404aac12f3","ssdeep":"384:UwTfedpEQeYzvDWb7zUyvE4beUR2GF4RSGZTX5aHEN37nv:PTfedyQezFvEqDiUS5uK3D","tlshash":"6392e1972ca58a4b069dae95f47c99d2cd61fc92f6933b5c0bfed8c4034c625bd4038a","first_seen":"2024-05-20T23:08:39Z","last_seen":"2026-02-14T12:01:24.946846Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5505,"timings":{"blocked":5480,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0912/20250912021142786.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0912/20250912021142786.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 42959\r\nConnection: keep-alive\r\nLast-Modified: Fri, 12 Sep 2025 06:11:42 GMT\r\nAccept-Ranges: bytes\r\nETag: \"85e31d1cac23dc1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i92786_c22643, i2103125_c28197, i1940265_c22701, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42959,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"cefd6b5985849c376c88e77a602cc363","sha1":"e8fb818272d0cdd576a77e4916e3e937bbc0b3a2","sha256":"1fe514fb7f8758cbe04575899186b99eff86d297ae8ef8a23600e121c92ff1ef","sha512":"94f3e51bcae65a07b35f41a5d83f82a0924c33e8a154a5b806398b84980f5d691b19d2ecab36c2dc2fc04ab7f517fc898492e3032cefbb3cff3d4398d112c4a5","ssdeep":"768:SHSMHioKgLycq1Ji/oizqSKvfXYnD/uak7iWzSzRpwUq23rcyqlc8:CSYiAS1woirKvmD/urapRoplc8","tlshash":"9b1301d85884ee74de1e7d00045e42618fee5a4dcc6ac63e5252fcdd16ed6834bf220a","first_seen":"2025-10-06T14:54:37.040094Z","last_seen":"2025-10-06T14:54:37.040094Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5665,"timings":{"blocked":5628,"dns":0,"connect":0,"send":0,"wait":30,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/0924/20210924020645669.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/0924/20210924020645669.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 13207\r\nConnection: keep-alive\r\nLast-Modified: Fri, 24 Sep 2021 06:06:45 GMT\r\nAccept-Ranges: bytes\r\nETag: \"81452c5aab1d71:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i34700_c4672, i2103143_c28197, i1940255_c22409, i1935893_c22759\r\nX-Cache: HIT from i1935893_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13207,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"fe4b7ea3e6364826c52848e88c659be7","sha1":"1398211cf4a31311581cd482d05efed396434b3e","sha256":"f74761900631c5fc71a7211bc0911230259abfd0529fc7f333f526288a38e71e","sha512":"086aa9f050d6532f630186ed538ac01dc8ac6e3881b4ce4902cac1b10bdc7a3c4d3e57c0c92b76b908cbb43af21e148bb8ef001c2b98c7501f866d48c2551fa2","ssdeep":"384:3pVW0b1CZlezhcg+fIwTNOC5s3xFBpBCkUJ:5Vtbg4lcg+fIONOCi3XJCkUJ","tlshash":"8752b02a1d4da9e8f8045c3b73bf97f09d0651b61bb826856e40b0f4ac15d159c3caee","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-04-16T01:23:16.679877Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5786,"timings":{"blocked":5757,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012022852999.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012022852999.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:28:52 GMT\r\naccept-ranges: bytes\r\netag: \"02a7b6c32bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2168\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2168,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"bfcc085c434fc038fd381f27bd49f919","sha1":"e392f436e376885e61ebfadac9152d6fb46538c1","sha256":"e3705062601da7e41d4ed7353c2b1aa0a845825ac01b28684142cf4ccfec5aa2","sha512":"5b22b2fe3967082b518cfdc3b643d4ffa5e02cb0e605610ef3d83e0f399db94a73f69387f89bdd0357bf77a7b7f43e55441c92b76178cb6ae9fd0bcc57d81339","ssdeep":"","tlshash":"6d41eb05a640b985b1de8d870cee1816dc1209c5e7c14cf5668be48a3d24fb5a83e7c6","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.121065Z","times_seen":15,"resource_available":false,"data":null}},"time_used":891,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":891,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012025155819.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012025155819.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 06:51:55 GMT\r\naccept-ranges: bytes\r\netag: \"8037d0a435bfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2972\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2972,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"544197165ce1a3356de2ea6e843a7804","sha1":"f4682595bde928abced4a7eba83d5df9d13b735c","sha256":"9c893e5fe7f1e604a259b6d1deeaf0c5cfedbf7145f2c22dfdd5c445fa578358","sha512":"6a3dc381cab1a1bf4f0a7031c9e2684409a31d730eb66a26edad53e54f213aa74bb94a463086363230d9001dc0c4a0239dae4724c2790fd5bfbb6078f740ceb4","ssdeep":"","tlshash":"e8512c5ff0a07846e649a5221cdb517b5f1118c09f94d8f98dcfce35457b4626f124cb","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:54.889592Z","times_seen":15,"resource_available":false,"data":null}},"time_used":697,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":697,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2022/0117/20220117023626183.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2022/0117/20220117023626183.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Jan 2022 06:36:26 GMT\r\naccept-ranges: bytes\r\netag: \"0d1278d6cbd81:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2137\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2137,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"40d8356da0ecc359d93e56786a117710","sha1":"28f6dbeb36fb99656c599a27d6b28fa36a20d04f","sha256":"51a54dd71bbf8edc951c702810f7b67a5223859c615fcd910993eaf0cab42fde","sha512":"d071bd982fe96b9f1368919e7f85b10f72f76e3b189b491b05e7e047ff73de055f86223fcde2355b75d9f233738a140c64816836db6e50ceb20b6d73441c9d56","ssdeep":"","tlshash":"4d41090df6562441d2cda54238fad079ac238e4068d0fcf268cdc0a57ab39f6900e1df","first_seen":"2024-05-20T23:08:41Z","last_seen":"2026-03-04T05:46:55.038578Z","times_seen":15,"resource_available":false,"data":null}},"time_used":801,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":801,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0620/20230620033151575.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.971Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0620/20230620033151575.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:53 GMT\r\nContent-Type: image/png\r\nContent-Length: 8985\r\nConnection: keep-alive\r\nLast-Modified: Tue, 20 Jun 2023 07:31:51 GMT\r\nAccept-Ranges: bytes\r\nETag: \"6959a94749a3d91:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 31800\r\nX-Ser: i63598_c22643, i2103143_c28197, i1940237_c22409, i1935949_c22759\r\nX-Cache: HIT from i1935949_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8985,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"c1a0b366159e7f13d52ac0e9b91030aa","sha1":"9e4224e194784f82717d80006906a641cd897f8d","sha256":"d6959528d7c2f05adc7c686d2deb95620086a6118389437f6ccb88e92617e15f","sha512":"e623499d463d3272e327eabd16e64182ccdb8a446d997bf48c9e0a7f1af8036c944642b07ac6891ce880b18814a2dc333ba568112d45c82ce3b6ff8312e399bd","ssdeep":"192:qB7C/fvCla3pz0jPtU8vRmOzL/8ZnoxssmjGciSNTCQjHQyxWuafpZ5Yz:+s3Wuzwp1zL/8Z4ssmjGSJCeVDu5O","tlshash":"83029f302a5af364f2e9d466ee56301a1359367538c7f151e603da7cb42ab0411bb37f","first_seen":"2025-10-06T14:54:37.047973Z","last_seen":"2025-10-06T14:54:37.047973Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4966,"timings":{"blocked":4939,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0530/20230530025905783.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.011Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0530/20230530025905783.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 42948\r\nConnection: keep-alive\r\nLast-Modified: Wed, 09 Jul 2025 03:26:22 GMT\r\nAccept-Ranges: bytes\r\nETag: \"f197c3e81f0db1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i34712_c4672, i2475919_c28821, i1935851_c23471, i1935845_c22759\r\nX-Cache: HIT from i1935845_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42948,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"b0910fd75db6d62e1fc10af5b098b000","sha1":"9d16e55a37ed396ffb0c37196754421cd147a2d8","sha256":"f11b313b7be93ca45d03d9c087ecd6757d57fc319e5db5c4a7cf7ea9cb2a06bb","sha512":"fe4badaab9d13626e94f6002e42f169e3e1f5b73655ad79104aaa7e307ebf9e2059538aa1c5018d3d6feb789f0ca49f2751fb5c0ac4cba03d894a6c2eeb194bc","ssdeep":"768:hxGzUyQGXgAovfx3u+y/wOA3Iv3Htper67hx7jdpgRPchoggIDYQQ6:eDq7y4b3Iv3HdhddpgRPIDY0","tlshash":"98130262144c436ca995ee8c95e3b608308e3cff01c38499554eef8971a1be6ecf235e","first_seen":"2025-10-06T14:54:37.050113Z","last_seen":"2025-10-06T14:54:37.050113Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5684,"timings":{"blocked":5657,"dns":0,"connect":0,"send":0,"wait":22,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/0513/20240513081052142.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/0513/20240513081052142.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 10375\r\nConnection: keep-alive\r\nLast-Modified: Mon, 13 May 2024 00:10:52 GMT\r\nAccept-Ranges: bytes\r\nETag: \"5bdb3a4caa4da1:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 15650\r\nX-Ser: i64274_c23533, i2475941_c28821, i1940275_c22701, i1935839_c22759\r\nX-Cache: HIT from i1935839_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10375,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"bf3c1f9e17734c0739a4cc25834f95c4","sha1":"791ad2ca8d51bbefce300bcc177ae28b2e296283","sha256":"684ad91f1036523aadea3287e8917ba2f7e7219d1ce347ab45fbc708d1be912f","sha512":"908bbe449ed1c0f69d5a3e078023014b2cde582b4470a60d752b3b4ae53b050f5ea5dd55bc2e4c69403996498cf88e6449e9ab69233dd4338149412dc65d4ee9","ssdeep":"192:YtzbkbSkIQmLLVIUgj6c7jDqAmQu5rthLrwwVqhr+B7sAGzIM:8GS5QmGjbzqAtu5rthfwwVQrAwH","tlshash":"ca22c056e0803f0939658a76961f9070f8c253fd41b05bca4872f5f3329672b169bdb5","first_seen":"2025-10-06T14:54:37.05211Z","last_seen":"2025-10-06T14:54:37.05211Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5549,"timings":{"blocked":5527,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/uploadfiles/2021/1012/20211012034448410.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.851Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /uploadfiles/2021/1012/20211012034448410.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 12 Oct 2021 07:44:48 GMT\r\naccept-ranges: bytes\r\netag: \"0981183dbfd71:0\"\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 14:53:48 GMT\r\ncontent-length: 2202\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2202,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"bd9fb3e00bf64c3c6440be9add97c0b5","sha1":"c0474b7aa5a60f484d6b247a54484a688eae67fe","sha256":"4ab406a970853adb07fe875a93ba85f25f3faa52682c5ef8f83b19ffe155f212","sha512":"666950f6f6f88b0b73a042c9be4a5db1bcdf8f3bb1eba8759fbd32ea5d6a0f5f12259ade8f6150d4da62b2d8aaaae03491aa9893de2225801cf8bca17c988b25","ssdeep":"","tlshash":"e6412babec811084c31ed982d8d7f097ea1288c89691f19d3dcec80b8c702f655689ee","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.235734Z","times_seen":15,"resource_available":false,"data":null}},"time_used":839,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":839,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0713/20220713050737232.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:48.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0713/20220713050737232.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 37907\r\nConnection: keep-alive\r\nLast-Modified: Wed, 13 Jul 2022 09:07:37 GMT\r\nAccept-Ranges: bytes\r\nETag: \"be7d83ff9796d81:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28816\r\nX-Ser: i91550_c21609, i58862_c11118, i1940273_c22701, i1935869_c22759\r\nX-Cache: HIT from i1935869_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37907,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"b9b8fe9e2af02f215a11827dd978e3fd","sha1":"525f8e17338f108cfed62adca08e238cde119340","sha256":"9299e48704bd0b155a9b2e03d052b119a04df915a3f1e3ced996ec0cf91ea4ce","sha512":"89272e5185076cb2fcf8f43ad7ab26131119473eed93a8c09033997fbfb479649b8d728359099265767035eff175b8c927446b45c0e7f8f624223f163bfcd10e","ssdeep":"768:gQN6UbsHz2fIcdVaFcPkO7Kp5iVKaiBtN/noITb2c4UVKbhYQ:FAci0kF5iVKxxnoA6crQ","tlshash":"bd03f1788e2c184ae2cf1f16202e59666010b5cb2f61f07b8a5e596bcb4ffc91a11dd7","first_seen":"2025-10-06T14:54:37.056297Z","last_seen":"2025-10-06T14:54:37.056297Z","times_seen":1,"resource_available":false,"data":null}},"time_used":5545,"timings":{"blocked":5517,"dns":0,"connect":0,"send":0,"wait":23,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2015/0919/20150919083754450.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.43","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/","date":"2025-10-06T14:53:49.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2015/0919/20150919083754450.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 06 Oct 2025 14:53:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 5963\r\nConnection: keep-alive\r\nLast-Modified: Sat, 19 Sep 2015 00:37:54 GMT\r\nAccept-Ranges: bytes\r\nETag: \"26881a6c73f2d01:0\"\r\nX-Frame-Options: SAMEORIGIN\r\nAge: 28815\r\nX-Ser: i25513_c12732, i2103129_c28197, i1940245_c22409, i1940231_c22759\r\nX-Cache: HIT from i1940231_c22759(cloudsvr)\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5963,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"b180c46e65b2676de12f62d4c5b624c9","sha1":"71cbca5aab66d90c3b9285094a2c90733875e793","sha256":"57428161bf51b8f77ff4a8949aa91f39cf2846aac585bd29bc5790a616347649","sha512":"c56d7ee8cdec530d0bbc1d32439570a71c00173cba2024b5491efe6d3113e0ef0cbfcc71a900b0495ad1a37135605a2297779a17d97ced07874ae5d73cda79b6","ssdeep":"96:42sauhmpX2IMWwEnhcgRQkizTtfS7ayVkcUc6qd3Y3jOUhxUCs2jPX2v7:K4dwEnh/RQkizbbK6e3MNhxUf2jfm7","tlshash":"fdc19ed71d0317118ad4d2d1e4eaaa63ed440848c6c7f179a4eec41fac3a17a0c3f9ab","first_seen":"2024-05-20T23:08:40Z","last_seen":"2026-03-04T05:46:55.62045Z","times_seen":15,"resource_available":false,"data":null}},"time_used":5828,"timings":{"blocked":5807,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}}]}