{"report_id":"ed8c21b3-63a7-45ab-b7af-4e9b9ccd395d","version":6,"status":"done","tags":[],"date":"2026-01-08T09:53:13Z","url":{"schema":"http","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":0,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"final":{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"title":"多玩我的世界盒子3.0.2版本下载|多玩我的世界盒子 V3.0.2 安卓版下载_当下软件园","dom":{"size":82836,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (23278)","md5":"f58cd1a6142cd4a3673e357119a7c199","sha1":"00a265b882a6281aa28fda10b89869ac8db9c2a4","sha256":"fb162dfb81dcd3550446ecb9b77dd9483d75587aec8b07f9d6ff073bf4a9ee46","sha512":"e05fd06d8a6557c6c62751ccc09feffd7ecaa9b5e637f0fdd5259995ba4a4a0bde301dc56f18b3cdf1018b90f60520d857d3665dd1c8744888c9f91c75c3aca5","ssdeep":"1536:TbAu5oyMGcRKGpeYIBsUhUeyAyCxKxNgFgKIpFN/k5UW032cRKGpeYLs7os5N3Mr:IwoyMGCzQG4tThErmV82CzQPsqNI","tlshash":"8583181609fb0456e5233454abcb2a593d789643ee92cf18ba6cbb945f80c274163ff8","dom_hash":"domhashab2f50097008f0390668bcb604278b80","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":0,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-12T09:53:13Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"api.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"hm.baidu.com","ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2026-01-05T01:27:37.424479Z","alert_count":0,"request_count":6,"received_data":93024,"sent_data":4169,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"eclick.baidu.com","ip":{"addr":"110.242.68.137","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":382785,"first_seen":"2012-07-19T18:16:58Z","last_seen":"2026-01-02T19:21:49.039943Z","alert_count":0,"request_count":3,"received_data":885,"sent_data":1527,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cpro.baidustatic.com","ip":{"addr":"112.82.180.38","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2012-03-28","domain_rank":335584,"first_seen":"2012-08-26T15:55:02Z","last_seen":"2026-01-02T09:45:26.642389Z","alert_count":0,"request_count":1,"received_data":117852,"sent_data":422,"comment":"","tags":null,"fingerprints":null},{"fqdn":"wn.pos.baidu.com","ip":{"addr":"182.61.200.11","port":443,"asn":38365,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":219334,"first_seen":"2013-07-30T20:38:27Z","last_seen":"2026-01-02T19:21:49.448727Z","alert_count":0,"request_count":2,"received_data":844,"sent_data":2010,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"pic.downxia.com","ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"domain_registered":"2005-08-29","domain_rank":7168535,"first_seen":"2024-04-25T05:58:55Z","last_seen":"2025-10-20T17:56:15.899766Z","alert_count":54,"request_count":54,"received_data":963907,"sent_data":26028,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.downxia.com","ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"domain_registered":"2005-08-29","domain_rank":4891003,"first_seen":"2012-06-21T06:58:33Z","last_seen":"2025-10-20T17:56:15.859159Z","alert_count":55,"request_count":55,"received_data":652106,"sent_data":26229,"comment":"","tags":null,"fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"xbymb.downxing.com","ip":{"addr":"119.188.9.131","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2023-05-06","domain_rank":0,"first_seen":"2025-08-16T03:47:18.002003Z","last_seen":"2025-10-20T17:56:15.730556Z","alert_count":0,"request_count":2,"received_data":12981,"sent_data":865,"comment":"","tags":null,"fingerprints":null},{"fqdn":"lupic.cdn.bcebos.com","ip":{"addr":"171.109.97.35","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"2014-08-28","domain_rank":340547,"first_seen":"2019-09-06T07:22:33Z","last_seen":"2026-01-02T19:21:49.133046Z","alert_count":0,"request_count":4,"received_data":181480,"sent_data":1813,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"api.downxia.com","ip":{"addr":"138.113.181.188","port":443,"asn":54994,"as":"ML-1432-54994","country":"Sweden","country_code":"SE"},"domain_registered":"2005-08-29","domain_rank":0,"first_seen":"2025-06-09T05:29:12.011611Z","last_seen":"2025-08-25T20:34:11.41049Z","alert_count":1,"request_count":1,"received_data":367,"sent_data":567,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pos.baidu.com","ip":{"addr":"103.235.46.94","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"1999-10-11","domain_rank":155213,"first_seen":"2012-05-24T21:17:49Z","last_seen":"2026-01-02T09:45:26.662835Z","alert_count":0,"request_count":2,"received_data":61962,"sent_data":3858,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.downxia.com/statics/js/uaredirect.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"a2b8d1f604c569b1e001eb520c8a853f","sha1":"a57b1a042290fa42501368ee46bd112289b2cdd9","sha256":"81cbd7692ae8a9ec6597fe5c8f64dde6ddc700524a159b7cbc52c4e0f2ad4480","sha512":"87400445979f78356d373f87ec555d8449b5ddd058a1f03b58fa66bc5927751531c063966dc77f2bfa067d0a5f00f03ea8d24f2964f54f65faca48e0d0cfbfcc","ssdeep":"","tlshash":"8d11c2c7218156621ee22c25f1bf63929977d8d71d0dd069c154d861302598fed37f48","size":974,"data":"","first_seen":"2024-05-20T23:08:36Z","last_seen":"2026-03-26T10:00:03.832455Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"eval","is_inline":false,"md5":"959070919e112d9228146e25359d2954","sha1":"4bc0439452f94ca3c7b1eca378f92fe8e46ef40a","sha256":"05c85b879965b268c1c95c18453c4a3c3a509cb7ce36b24ce344cba166d19494","sha512":"f9a20459fa29c9af0ecfa9572c6dfe2c07c6d29c1017b01d6a78d9428e0e237926776674cf45c448d3f302f664ddf07c684878a01cc46e0cbc9095b9176385b1","ssdeep":"","tlshash":"3750000000003000003000f000f000300000000000300000cc03c00300c00c03000000","size":10,"data":"","first_seen":"2023-03-26T07:56:35Z","last_seen":"2026-04-16T01:23:17.061136Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pos.baidu.com/ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1","fqdn":"pos.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"103.235.46.94","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"62d9be129608e83fe36e6495da1b416b","sha1":"2433fe96cf478c31a4a04c7aed67634f0178a587","sha256":"c1812e501f78f11a1816e851932411c6fca598abe521c6be2c888ae36da96b0a","sha512":"1c68d51752a73f985028dde8992cbcdedd3c0e0b9ff20ab534d712b43c1e05009055e1d535953a0f4c43934b769632edc64ba3a079215108ef3601b7936cc10f","ssdeep":"","tlshash":"f261bd154cb960302a7d805c8805290cf765f9bbcb5616d1b6ef033e9bf4b7b0379a65","size":3387,"data":"","first_seen":"2023-04-20T10:54:36Z","last_seen":"2026-05-02T10:12:40.843945Z","times_seen":319,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-05-02T15:32:32.710989Z","times_seen":109703,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"44ce2698c0583e47aed2a89a3b5476f2","sha1":"21b35dea32c1df379ed0ad1ccc670a04f8dd4bf6","sha256":"2098efeaddc3022911661852fface67509712e2766f0b3970ac37441bba629e2","sha512":"5eedd95bb7501380def521f370e1b840526ffd6aadd7f0fd2fd5a58b392b1239f9fb99e1135a2d7700c238a642eda848071723e6de34129c3437d53e10cbea8b","ssdeep":"","tlshash":"a4f046ce9742d4883cd37dfc3a5bb61c314c0e686c995920ec14a15a12e856314d21df","size":581,"data":"","first_seen":"2026-01-08T09:53:39.418438Z","last_seen":"2026-01-08T09:53:39.418438Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"5283dd9ddecd6fb0d6290e58d8e3214b","sha1":"e22a200ed43c36619c5d5b2ba1a6ea40550cf036","sha256":"26a8f1390e1882d0e3309e71e4f1ce648e142a9d15ded6bad6df29d44ab820a4","sha512":"a965aff68bcabb0b7cf7152450a60477e02256151b767162df0063ee9375cc78c4108d04b36a130bf3f784516efb57ac2050426e8fc22327b74ed9d3b1aa2e6b","ssdeep":"","tlshash":"889002a3a4c0959a1a44528d40465244b5836a26048cc8add0682b297f619624814606","size":57,"data":"","first_seen":"2026-01-08T09:53:39.419478Z","last_seen":"2026-01-08T09:53:39.419478Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"b1962a0f6bd6ba2199219098b9d5079a","sha1":"695ba3592a8a5288e991b3f1365011bd3f93e810","sha256":"a3039e2039441197f2cd2b142d32ff4b50a3ef869593c01a45bda3ed3dacd49b","sha512":"09d970b503e56cb04d39cadea88665a5006e1eb592ec2c9096a6a9b4ce2be8248c676e46af15016a5259a64a6778c6484e337a27de97df02022383c2b80fc7e4","ssdeep":"","tlshash":"0ad0226600f1c13c80297c40e10cf00c28a011f20002e0c85408e0c43de2b12a273eff","size":207,"data":"","first_seen":"2026-01-08T09:53:39.421777Z","last_seen":"2026-01-08T09:53:39.421777Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"acc167ee4146eead05c6f9b477049d79","sha1":"eda9f4f66d97c131e8ff43793d436ac074435951","sha256":"ac951b1a396387127a22e73285de4658c198629d76d474f6b5f8a87cbb299450","sha512":"9637f5031b9d6e7195cc62fe57fa43a5386783397eb3684b54d17b53e7f88ad22bb64dcb85f71de6e13e9f0890395c9766a72df476465d66bbd6dc1f68fffa1b","ssdeep":"","tlshash":"9bd0920bf0e1226000b335ab4f7be84cad2a944fac0c84047e6c1ac10f5010aa022a2c","size":242,"data":"","first_seen":"2026-01-08T09:53:39.423152Z","last_seen":"2026-03-17T07:48:49.27927Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pos.baidu.com/ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1","fqdn":"pos.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"103.235.46.94","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"f2a3816a519e9b647f39851bd709da24","sha1":"3844e1a72e765bbbe1ba3748d3f252766a5a42bc","sha256":"e6400ed58a0a32912bdae90bc21d02ba6f1e7c3dccf3ab439815ffaa78bbaef5","sha512":"8c5163130a5a0d13199ebde4355d337b49f275e26e2838ab659802d16b756a6aa7526075cd8ea879cb8d66dfb7466a0d9b970cc4ece277006bb8c01c36308b64","ssdeep":"","tlshash":"b19002c0632623815101b04c5c25bd01b5e46e19e604e648112096211d0d112a410a84","size":52,"data":"","first_seen":"2023-03-07T12:24:52Z","last_seen":"2026-05-02T10:12:40.830043Z","times_seen":382,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/common_comment.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"ab4e2ac20317e1a8e7bf2ba6435ee13a","sha1":"3b2fb25d47977b9a4eb716d1b23f86abc614a882","sha256":"208eb3b63c9031af5791b166d9ca889a0af1487039954242d4b8831ba59a35bb","sha512":"7a21e9403cca73587dc666bb515b1591da2fdd48928fccccfcfc2d1b0451815be59624529026812c77207640bb4f930e6d8ef158927dd58f9e30d74429966d9a","ssdeep":"","tlshash":"d811eb8dc2a20d0099f2015e0b6795d877231f50542297cfbdaff8e82710e18a873bac","size":973,"data":"","first_seen":"2026-01-08T09:53:39.396954Z","last_seen":"2026-03-17T07:48:49.221373Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/jquery.jscrollpane.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"871a605730dc5f4b4ac122fbb27b2fdd","sha1":"54f10586b475c2ab499de02883a566c7ec7ff0a1","sha256":"6050eb2215d72ecc2151adf098a9c0aebc0102af7b0825dcd7bd95564946b0da","sha512":"1a5b4714cc8ea8675e7660b7595c4c3ce6054f7fe3450ec1754d4e77b50b863052238640c5fef6f1dd71b326b787cdfe4665c005fa6a3cce1fdba3c2e0b23bad","ssdeep":"768:gBF4fI5Ekf4G6GPxjGaUIS5OjGix0nRAdGzeJf7LHsJJk:DfI0G6GBS5OjGi+nsyeJEJJk","tlshash":"b4237694e79c317f46ad211ac51f23cc9b3c90b31a129cf27c5aed6825d1dbc036ada9","size":46300,"data":"","first_seen":"2025-10-20T16:53:46.691017Z","last_seen":"2026-03-17T07:48:49.085538Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/dxcommon.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"f69ef4b369e701941201128863d574db","sha1":"de31cae9fd1524475d2d0b30481f8cbd1f42735e","sha256":"2eb3d888949f84bab74f259f99d9f91a58ccddb70aa2c414acbec7549ab10bfd","sha512":"6b7977c91c8fdee0b7d5315a0d2270e4d8a4f5aa2cf2d1f6fb3537e7a2cfd2649ab4c8e479028bec24f7341d4b20b77511593d0c80c64c5e62ce302b1dbf4122","ssdeep":"768:z4TfhOObsvb3RHYtH4jPonRgoILYxrTxOJUD8/mwxhR:sbhOObYRQnyoILYPv8/mwbR","tlshash":"b343ea0af2484e5a62f221635b3f1502fd2b447745128b44fc7c49ad3ff0628b966eaf","size":57675,"data":"","first_seen":"2026-01-08T09:53:39.427373Z","last_seen":"2026-03-17T07:48:49.315877Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-05-02T15:32:32.710989Z","times_seen":109703,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?7df4e92a4f5f9f13779b08e96680a342","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"ef27548480c4ac9b03891524b9634daa","sha1":"8caa33d92c0817f4eb214c87311ddebc85986e7a","sha256":"7cd1b4a0ebdcf89ccdf0e3d183e240544893b2652ceb15153ca269be4d9bf243","sha512":"2281053a0e6de340627b55b9a2fdb72b63359f30e2c79e10a5fff9de1eced24a11b3d31e5890a52b844ff5849228874c45247be6a327c8b6b67fcd102b5b89cb","ssdeep":"384:DNJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:DN4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"45d2c9e9b282713293a324a5153f324af17b5a54bd4968a4f11894c07d38fbb027bfdd","size":29902,"data":"","first_seen":"2026-01-08T09:53:39.399404Z","last_seen":"2026-01-08T09:53:39.399404Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/downfunction.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"86a7f3e3815fca6de583b5d685960dac","sha1":"bb207bce67af3d67fd82493ad0892da67ef36de2","sha256":"e57fdfdc26626e5c3191d5fc51fe5331801ebf8465d5b426c720a6cb5f0c98c0","sha512":"64ed4b97453d6287948eb100bf4a5962df9f2afa83ae13964b231be85a5a4f99f12d7e2e076dc667d22c0230557bcce562537b69cd92c9f859bf7f08cef0c6fc","ssdeep":"96:WF+bgX+wf+534eHr8dTJJW2m3gN7HDGj08XmHm5tLVpYk/IMRcB:WX7f+EV82mw2p5ZVpRItB","tlshash":"36021166b69a2a5c84ff20b3073e7044df0e90671240cfa4f5bd5da52ff52887622d6e","size":8394,"data":"","first_seen":"2026-01-08T09:53:39.390172Z","last_seen":"2026-03-17T07:48:49.115248Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"eval","is_inline":false,"md5":"f454f15ce212c5b14fb0cee7f419e2b0","sha1":"ec9f45c2df78bd43a26e55f6ef7a3dfda5c84378","sha256":"f54f93d242ff63e3e35889487a6738e07977a23296d7b42a1616156df9256141","sha512":"06a3d37393f465165995a8cde2881d8927ac0506772b8cbe17526cf9d12090c2d9f783040d67072dbeea183b5d3ea05308b1dc318aae6438056ae68d8ae837b7","ssdeep":"","tlshash":"f1500000c0000000003000300030033000300000003000000003000000c00c0303000c","size":10,"data":"","first_seen":"2025-09-26T18:27:37.028713Z","last_seen":"2026-03-17T07:48:49.326574Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/dxinfo.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"0bf4a8e59d1f20b9f094e8b968dc22a5","sha1":"eedc5c0f1484ddf792300455d8fbb30ac604aaf6","sha256":"11cd3f662a7724c5cd9047de9641c5b263cdb80196adf345e5d56dfabdb72887","sha512":"73f98b5e45b57a1634d560d5990dbc64ee672a75f97d4a21952d9bbf03a34bbef536cb19c2049191436da568ece747d4ce1b9a53669c54de0ed70a9559328e87","ssdeep":"","tlshash":"0021974fad199965023b44bd427ee85ceda5c7af503c78423a6dc904bfb0cc045afa88","size":1348,"data":"","first_seen":"2026-01-08T09:53:39.318396Z","last_seen":"2026-03-26T10:00:03.953713Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"868ab3230e1b308056d47d9647361e0f","sha1":"708fa764acf9611ef0ab692bfc993f1ba6e8be54","sha256":"7b1fd51dd4207466509f7a795854e9141d81eba611c89699745889bde845a61f","sha512":"5f573a9efa0d65d217e40eadd6499906104eff658850204bd4c4bcae26bebe690e0739ace33a1cd28c58634371647e58a7aa13a1d09c79d1560fbb10f1d71177","ssdeep":"","tlshash":"32d0a74011a173bd043458d89ea90a1358e627133714844c7fd99c5c0556e3b6f76a6c","size":230,"data":"","first_seen":"2026-01-08T09:53:39.43093Z","last_seen":"2026-01-08T09:53:39.43093Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-05-02T15:32:32.710989Z","times_seen":109703,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pos.baidu.com/ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1","fqdn":"pos.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"103.235.46.94","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"245d4babbd1beb6e8d9825eebf21a944","sha1":"d6a0e15bde9d543bf2cf790c62116db6d5ee92d9","sha256":"0f20f0b295af53cad4007283310501f115cd26723948edd222f25d202f962b44","sha512":"213c620813aa9df25e18d2072542981cda09951ebdab2d77ebf717b7bc0c1974d8d348125d7b844318bf6a5aa75b2daf7a8c1849cc8b2f13d90c71b72596a036","ssdeep":"","tlshash":"51511216b0668dee173e74f8708f006e62f4ef241bed0174d780baaa693106e4771ee5","size":3087,"data":"","first_seen":"2023-03-07T12:24:52Z","last_seen":"2026-05-02T10:12:40.830558Z","times_seen":378,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/down_load_address.js?2022","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"0dd6c7d0380d8a8c58595c094df522fa","sha1":"296f5fa156f551a4ca4d4ee639ab72bd0e1cfa87","sha256":"b47ac469b6e1351d8afbb442376fa8a1270128df9ab72131ca9cf0bd5503c424","sha512":"3881c80a97ec1fa9b284d4a5fade0e5135a10d475fdbfc1f4749caed4be84c741e8c458e9578305c866aec5e7719f6a2cc1f795fc56edeb8a310d83a9068a809","ssdeep":"","tlshash":"1b61d199a788850d59f272778f3d0714d91fc02701418f64be5c85152fbe41a862eefe","size":3204,"data":"","first_seen":"2026-01-08T09:53:39.213134Z","last_seen":"2026-03-17T07:48:49.150447Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/cui.js?1","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"43a560ac53ace0805b7652a20cf07492","sha1":"08f68a3fbfc3edf2e709d43a6c52f72aec1e422b","sha256":"1dc81993059aff51337b54d00ce5cd945bc384338bd6e92dd9e1dcb84bbf2335","sha512":"55ec9ac2946e74d80216f5b4757db95a7719c68fb10d1ec13833801e51b1f529bf25645e2f4824e146399e2abb0390214cfe8690b15149464f90a9f96559e9d1","ssdeep":"192:H/lWcbKvtjuJ7H4zxzxxzxxxzxxxxFxxxxxFxxxxx+4x4xx4xxx4xxxx4xxxxxK3:H/lWRFck0WI","tlshash":"c242341cb22c1eb452bf15ae6b2dd4d4dd1a0427524cb703f4bd096a2ff4448ba369eb","size":11999,"data":"","first_seen":"2025-01-03T05:17:31.731952Z","last_seen":"2026-04-16T01:23:16.763369Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"eval","is_inline":false,"md5":"d2fb88908a167e5f9f472d4fdca0da25","sha1":"9c57495aeac026e3f5752f9c114b1abdc660b916","sha256":"28ff94d68abcdeb230c81acf7a6780f423202bc5729e78c61bb6743499d8b5d2","sha512":"a4f98ae8eb6241fdecfb7b73fbc1d104ae0c3a5faefb72a969ca4ccf7951b8d1e99aa93a9573d4ae886ec7af3a2d6c1dce5d1851ed81e23d7221f6629542b3ba","ssdeep":"","tlshash":"1550000000000000003000300030003003000003003000300003000000c00c03000000","size":10,"data":"","first_seen":"2025-09-26T18:27:37.023589Z","last_seen":"2026-03-17T07:48:49.284118Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"625df047f0e32e83a4a096785e8715d4","sha1":"2fb20519deae5a0b1bddd54daaa6cbb4e27b5e2c","sha256":"85862996c246a46fb4377f55382b5a0be13b2091a4c98b1108f749f521626dab","sha512":"9d190b8dd210668ffad9400cb187a8177662a236c199ad05dc6c05ffa6852b18aa28eb932c750cceae3c043bee1d71ddb3c8e5f359b923ee16f6d78a3c6927e5","ssdeep":"","tlshash":"a850000033c300000000ccc0030c0c000000c0330000c0030000000c00c3000c000030","size":10,"data":"","first_seen":"2023-03-26T07:56:35Z","last_seen":"2026-04-16T01:23:17.093516Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-05-02T15:32:32.710989Z","times_seen":109703,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?00526ff88a0f942f7aba7a59e0e7b53b","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"6073ffe1a1a5f7ef624710474d537267","sha1":"31a97e908fadc6855cbb7c427f2c7c965fcf974b","sha256":"3aac419ede9d9bb0cbdae1c3c675d159ab0195c27d59e37373023cfbe4fe0150","sha512":"ad69447c4164ae3452c93dcced61935585467f15b4c0f4eac67d6b8bdb683832146a12cc81ab6c1375cac2203a9047671bc6525d95041d2bac2755d9aa655ed7","ssdeep":"384:ZJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:Z4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"13d2d9e9b182713293a324a5157f320af07b6e54bd4968a4f11894c07d78fab027bfdd","size":30266,"data":"","first_seen":"2026-01-08T09:53:39.216673Z","last_seen":"2026-01-08T09:53:39.216673Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/tongjig.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"f05eb463dc1f52d11ed5225e684f68f8","sha1":"fe8c53faf81f8fb6c3f4214fae61c9b754341308","sha256":"8275d8c2954d9d57a2eea26eb4070ae6ed83c36a2a45f020dfa4bf15d056c1fa","sha512":"c484187cd18d10615cc42df81756a947d4e266bc3189e3a109d0c57175eeffdf803864f70c7867e2e0c26c1d6bfcc934495da9f3215e503c8969b5a1eb9ff2f5","ssdeep":"","tlshash":"4b21fd6f280468382b9218b942bfe64cf9b7206c552bc007e4ddc88a2c78fc5083a7cc","size":1331,"data":"","first_seen":"2024-05-20T23:08:36Z","last_seen":"2026-04-16T01:23:17.048626Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/lib.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"60f67ef5a7e43d9b2b32f6b47f7052bd","sha1":"c0124d98f17cf4aaae7767f6d4be4ea7825426f6","sha256":"1a25a979aff7d1df4887bd2dd4877847e6aa8926d027fd624a05328b95c4e1eb","sha512":"2236d32e8c894d2b4927c4438203609d3f31a914df69ca2df3f07c07fd66965fef9a2b729ade6f08cf6553f9b882fcbbdb1f0c501ce1da10ce6f1ae2b6bfdeb2","ssdeep":"","tlshash":"ca31ac6afb4c5e5a40e331ea013b9404ededa5158d1646a0f4be04f52fe54486f3bced","size":1740,"data":"","first_seen":"2024-05-20T23:08:36Z","last_seen":"2026-04-16T01:23:16.903551Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/jquery.mousewheel.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"426ff44fdde60c9e548a11806e5e9681","sha1":"dd5ff92e7c87c430d12afde96d2910c32b632a06","sha256":"51dc8aab107d8f37e1bc87dbfc4913deb3b33519ee0bad8e1331629048b40bc7","sha512":"e1818da2f26b97a424f7c6910bb0d3871589b7eefec0322a57695d6c86e343f58e60e69822716e4bc5389e2493c852fe4fc80fba2a19e4e3b0458e3de6850f5b","ssdeep":"192:fixbp3vy1evQNNvmYriuXaY93O9esNrz5b/1YQGiqRC3:qxbFmevIXA9ew5bNYQHqRC3","tlshash":"4202320553d621a65597bb3af78ba043733c80970029f973785e1f841f859a463f2bde","size":8279,"data":"","first_seen":"2023-03-10T14:39:44Z","last_seen":"2026-03-17T07:48:49.258885Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/dgjs/down_common.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"5261265ef2e43398e2cb202ac1cf792a","sha1":"f1ae52832fe2c437c7058e01120f3b85393ed7f4","sha256":"a9319e9ec253b1e49b7db657b355e1830a2429e7ff417a78cb2eba7784958094","sha512":"5a2b066990dd0422609b96a08428d8d82c985c54a7ec9ddf2e22b99f9aace43055cd39d983aae89a4a4dc6452cb7075c22031534a7eb0992042deb3e94b3d5c4","ssdeep":"","tlshash":"b83184142da9d73704a242966b77816cb68804779992ce48b1edcd9c3fb0edce917548","size":1860,"data":"","first_seen":"2026-01-08T09:53:39.242373Z","last_seen":"2026-03-17T07:48:49.229877Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-05-02T15:32:32.710989Z","times_seen":109703,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.downxia.com/vif/html_vif_az.php","fqdn":"api.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"dcf339848d95a15e86554d4161606354","sha1":"4458083fa98f30368d3d051595b67648d5a73c9c","sha256":"3dea5d27c4a1e0010ce055211ff7fcc5ec2127e0a8b0edb92bf797cbb489e495","sha512":"2aa13a81783364fdbf43e9f8732679c6c1e7a1e6f5dcf10bfa841281e485ec931ad35229385f877139a2ce7d87e9bb297fe8d8164cf41bd2ea3d0738932c5a01","ssdeep":"","tlshash":"121129f8f58d8e0d63c631e30c7f7515a62f141299762fedb86c8c6118d8648207576a","size":1049,"data":"","first_seen":"2026-01-08T09:53:39.440394Z","last_seen":"2026-01-08T09:53:39.440394Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pos.baidu.com/ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1","fqdn":"pos.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"103.235.46.94","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"6baefc344e525cdaf9135ff4340966ea","sha1":"4bac5cfeb1a306d252c11ae9998b6976a1e22b80","sha256":"b1cbcbb78abfe64441ca4ace28ebe699bd9e1c9340f0127673d96aa247bdb1e9","sha512":"2eec45ae08a7e078e151d62505c8289798a0d528619befca46b60f503fd18d10c9f24f3bc1d8ee6b61aa8c7e0e87fcfa7b6aea0ac9a6307f70570cabd4c5b499","ssdeep":"96:tPEd9mAnBarqeTnFjmPtV2muiIFeeFjmPyP322smosDuaneUcFjmPz/1OmZW9SXn:JC9NBwqcnFotV2gexFo43GGDuI7cFoJT","tlshash":"02c1a54f48b988d7ab0639d6d6876c655aec3f23ccd8d611eb2dfd582a54803131bcc8","size":5825,"data":"","first_seen":"2026-01-08T09:53:39.44167Z","last_seen":"2026-01-08T09:53:39.44167Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/dgjs/download_az.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"00b7592bf0e4d255fcd6dff723b1b5ab","sha1":"b354d9234097f4b84d2010e65869536dee941fe9","sha256":"68e3041feab883074f827c2aff86b07947d4826f976617129f31cace93a22703","sha512":"2afa82c3b1af174acf8f0de48e1e44102199f4f44da7e8ab42a788373caa725a208258c624028710db06e6c0970cfd122ded91f337fdcdd78eb92fd66e5e6afc","ssdeep":"96:2Fy1nrNHfA+FKjsjhsuV8MdzNoymHBKISO80KHhKnQVAah75kKQVAXAJlU0PZK4X:51nrN4+FssdsuSMfb0InPpBKQVAdRVAS","tlshash":"b0b1c586bc124769f36032b01a3f8019b8b646732c65c944b97c58c47fb1ebd28f9d9e","size":5482,"data":"","first_seen":"2026-01-08T09:53:39.405305Z","last_seen":"2026-03-17T07:48:49.165353Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/hd.js?v=1","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"f2cf06d451e0939dbdccf3fc7d44eaac","sha1":"aa06e563d187de2ada523406a16bcfae80b6bcf7","sha256":"00e49ac5968efaa172d86b5f5ed20a8f90543318dc89905ee4af8f636d641d19","sha512":"295fdc60149b4e98c09081b182122cd6e2f40f6a61cd6ebc4da6b9f57e9512ce058244207cd4cae74aaebda93267b3a343f398de27d6dab2a4f73c3273c9b078","ssdeep":"1536:ckUmpuWPBo29pmPUXw8enTd2n0Qj/k8TA:empu8CUXw8enTG0QrkN","tlshash":"46c3514d6afa1565926730a40f8f62146338c41b3909cd58bd7c83d8afa5e2885feff4","size":124411,"data":"","first_seen":"2023-09-19T12:08:01Z","last_seen":"2026-05-02T04:43:32.704544Z","times_seen":34,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-05-02T15:32:32.710989Z","times_seen":109703,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3361b14e5b8257c93e48c1aad4aa09e","sha1":"295516e181432dcb96dbaf1342c270f765f7598a","sha256":"86325a7789616952fee5e4c0c2727f5c37a88bbf1ed0e7dce903ea93bb0fea62","sha512":"5696257daa4c807623db3bce0fa76613af2d1076fd4e9fd876bc500789b75021cc9d48449691fd31d5114116f2c422128179d3104f5a03d5555400408bbeab83","ssdeep":"","tlshash":"ab11121ae20f8e75b030bcf923c53b5e3874010be8c42c304bb45910b056c1b4da84f6","size":860,"data":"","first_seen":"2026-01-08T09:53:39.442724Z","last_seen":"2026-01-08T09:53:39.442724Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?77831d4595ecb5575b38027b27ca83e2","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"35ca27f63101b8eb683d4862e961f213","sha1":"3f94ae05d19e515d8b16ac6532dff5098f3afc65","sha256":"9145351545e0691a241fcda496a274f769b4fefdb50d40106896e214dcb51d51","sha512":"13b97066a53fd81bb22176e306780c13d191fa0c87d801e508cbb645435954826c10d2279dd5ed52ddbc19a3ac87a62493b19eb3f8f89eac069194db1f0aa252","ssdeep":"384:tjvJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:tjv4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"bcd2d9a9b282713293a324a5153f324af07b5a54bd4968a4f11894c07d38fbb027bfdd","size":29910,"data":"","first_seen":"2026-01-08T09:53:39.236844Z","last_seen":"2026-01-08T09:53:39.236844Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"60cf70a1f45c609ec4cd6e95b8d83dbc","sha1":"bc4d02eb3c85b62e812b47d18eeb5f6ea8a60b5b","sha256":"67232e232b3dbb2672566036b88c676f21f159c856105791c467f160f5b0f1c7","sha512":"82b065cb529a744087de6413d89b720aaf95dae9c9cbfb05cf852c1b75794f02a4c555bee29cd9accde3050dbe506ac6a6ac6e560e38c2d82f11b3c762a75aed","ssdeep":"","tlshash":"8af046cea742d98838d37dfc7a1bb60c318c0e28ac585870ec25a09603d846314c20cf","size":581,"data":"","first_seen":"2026-01-08T09:53:39.445201Z","last_seen":"2026-01-08T09:53:39.445201Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cpro.baidustatic.com/cpro/ui/cm.js","fqdn":"cpro.baidustatic.com","domain":"baidustatic.com","tld":"com"},"ip":{"addr":"112.82.180.38","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"b543dbe074718c21f7f5e7cbf1aff034","sha1":"99ef1caf9c69e99a60c2f0ee33720cb40cdf1cc8","sha256":"b6a34b928d00909e40ec7edfadd89ac0cfa1fcc5892bdf3168b60b28a5bfe1f6","sha512":"56d74637e8023b8983c240ec595528c56ed7d84f461fd4a1e16d329906a2dbfd023a8d519a68b1458a48f9cd19176df60dc099102640f0c3589c3bddd69221b7","ssdeep":"3072:GpOyaTRXqCpCOjwlfbitfD9mxf1W4OwYsRQD+fgpNCpIdlw:GpBApCO0fyfDcTQD+fgXRdlw","tlshash":"f4b3e899f6d2742546a220a4162f2609b2375548748b8480f67ee8d1fdbcf4f607bfbc","size":117379,"data":"","first_seen":"2025-06-30T07:43:55.721259Z","last_seen":"2026-05-02T10:12:40.790281Z","times_seen":883,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pos.baidu.com/ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1","fqdn":"pos.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"103.235.46.94","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"a96017a6b766d7734d89a8e34046d0ce","sha1":"8940c8b01cba1a5acebc27deee3dcbce3dd37d65","sha256":"15a41f2202bb5f58fec885c10f5078ef3fa48c47765cca5d8138e7dca57419ad","sha512":"6ddf83860e4a4574b2fe3844bfab2a77940178cc0eeca72b29449a1a5535cf96989e3154f3dc219d409403022a7d8f1da6a99d9e1eeae8d1442a51a48511c723","ssdeep":"","tlshash":"73311145f9119c577151e40628973a0a90ffbf673e4028e4e27dcf2e3b0d8276276b82","size":1667,"data":"","first_seen":"2026-01-08T09:53:39.446491Z","last_seen":"2026-01-08T09:53:39.446491Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pos.baidu.com/ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1","fqdn":"pos.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"103.235.46.94","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"5d4e296cd06cfa9d1deb88320747bea4","sha1":"77fef758e53794ff3faaca75b72a87069d24bcf9","sha256":"490946c119b2dcf7fed28b85345b61a41acfea2b0db35a4c089ef633d73fc6bf","sha512":"270583afb176f2e6ffbdf3eac05e6203b1f599e20348807714edb9d48a33ed7e71998974aca0344ad4d099f99d194fbd7aabbc011411555d275b419f400f5dc6","ssdeep":"192:5+FNhH13ZZC65sd12RKubCE+uIaSCxjQMUL2C5QMJWMHCCOCwCNprkcILTlU8aSS:5aX5sd16IpLxN/k5UjK0R2I","tlshash":"94521f5a2bef0473e45b342d8f4f01047a35968f9e4acd187d6da1c48f60a3891b6fb8","size":14476,"data":"","first_seen":"2023-03-07T12:24:52Z","last_seen":"2026-05-02T10:12:40.835306Z","times_seen":318,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pos.baidu.com/ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1","fqdn":"pos.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"103.235.46.94","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"61b903833923c118ae407fa9537ffa8b","sha1":"65cbfb7d7117e3ec15a5abde8538b3b7ddf18412","sha256":"f598ea42ddae9878925f9ee26b54c11784ccdecc01832a22ce1276a336c65780","sha512":"0c887bf28a86abf1cca0806a0d73e863273c08258e6937d41676b6e5fcdd57ac079a31a6fa66726b101cb929a6e1a981a5b00b67669557b7065be4048945642f","ssdeep":"96:HPEd9mAnBarqeTnFjmPtV2muiIFeeFjmPyP322smosDuaneUcFjmPz/1OmZW9SXD:vC9NBwqcnFotV2gexFo43GGDuI7cFoJX","tlshash":"5eb1d68f44add4ca6e1739d5e2c76c75ade83f22ccd8e660c729fd642454827122bcc8","size":5418,"data":"","first_seen":"2026-01-08T09:53:39.447999Z","last_seen":"2026-01-08T09:53:39.447999Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/comment_api.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"f6e79d8abf21a10d20e6552e5bafb09b","sha1":"db9193b53b479ac9c59e1f4b2f71d5bb9c78641a","sha256":"b1504dbec2a194379e837d858c718e3a627406652705ec4abaf3570552d4648b","sha512":"d2d9b95c83ac723e9b7efd2c60479175ba51bd4c4bbc86a302e63f7226400e36baf35cf227532608cfe7e876fc2a80815b3286a5286bb5db30ae8a764d14f4b5","ssdeep":"","tlshash":"b851875e0c2a52108eb273ea9a6f4b60f87a613f5511c1457c6cdea0bf34e28065ff5e","size":3077,"data":"","first_seen":"2025-10-13T03:08:21.20465Z","last_seen":"2026-03-17T07:48:49.125839Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"eval","is_inline":false,"md5":"9ad6bee99d115a40de264eb44dcbde7e","sha1":"8de49d2f89f6c455d2c7d01d8a860ce698ceb4d8","sha256":"787ecf33890e423fa4481e683bac15c71a8ff5a5a0bcc0cbeee9fafa7ccb6966","sha512":"be08be9662d56e7e12a0a6a7509c19df4c7e5ba05cc5dfa87e50072b929737ddd4ce09561fafcfc2c653a0ee46d89504de4e52faa51753b4edc808bf0116b617","ssdeep":"","tlshash":"ee500000000000000030003000300030000f0003003030000003000c00f0cc03000030","size":10,"data":"","first_seen":"2025-09-26T18:27:37.02098Z","last_seen":"2026-03-17T07:48:49.292939Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"6d75824efad5c6192315352f114a3b65","sha1":"d3a2f2716027453012a72983d07bd92e1e6070fd","sha256":"6117c81c3cd6dae96235ddaf117980a2c25bf8e77e98c3e06dc34be9c13a755f","sha512":"295df4460020f7261df5ef1fea2944c1522abd4a45e90bc7f382a9a1b3e8ef8173edcb13bf09991b5231f849ec9ecb46d4b56512d3b88790c312d2832a13b977","ssdeep":"","tlshash":"0c60000033c30c3000c0c00300300c00000cf0330000c003c000000c00c3000ccc0030","size":14,"data":"","first_seen":"2023-03-26T07:56:35Z","last_seen":"2026-04-16T01:23:17.096109Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"625df047f0e32e83a4a096785e8715d4","sha1":"2fb20519deae5a0b1bddd54daaa6cbb4e27b5e2c","sha256":"85862996c246a46fb4377f55382b5a0be13b2091a4c98b1108f749f521626dab","sha512":"9d190b8dd210668ffad9400cb187a8177662a236c199ad05dc6c05ffa6852b18aa28eb932c750cceae3c043bee1d71ddb3c8e5f359b923ee16f6d78a3c6927e5","ssdeep":"","tlshash":"a850000033c300000000ccc0030c0c000000c0330000c0030000000c00c3000c000030","size":10,"data":"","first_seen":"2023-03-26T07:56:35Z","last_seen":"2026-04-16T01:23:17.093516Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/comment.js?v=1","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"5818dbb185ffba95f1e6d1477db53b4f","sha1":"0e559e327386845717210c2470038a4461c94369","sha256":"96488788264d6133744543f778fcfe40ba683a85723f7df39a7bf3e0a6ed0a65","sha512":"14d87372bef12f0b3b72388de3627c1870bdb563a50c379c60ad7634ed3f9bc2154a782e3f18f21ccc0fe70c3773431c0a28527b7812087ac3a62a8db706d5f8","ssdeep":"384:uqbizUrgbYE4iK4amHLAR4QmvdaHbKyfJojegXmx2DDKqAZ3cj0HreQ1tP8MXESH:hb2UCYEh9rznv+1JojegXmxAWqAaapi2","tlshash":"94a251487cb52a514877317a9bbb0101efbe0b5f8841cb9cbded66802f71a446217fad","size":21376,"data":"","first_seen":"2026-01-08T09:53:39.359041Z","last_seen":"2026-03-17T07:48:49.145743Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pos.baidu.com/ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1","fqdn":"pos.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"103.235.46.94","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"333d0a528d5a49b9172ab72ee2f7eec8","sha1":"75f771f2f112ce84cd4d1cea2273de4824c89edd","sha256":"0e45242c4bc23b8f926d3b154f2fee0092f84533ab699324cff5a162708db99b","sha512":"a185fabab837a7e3c2d5d5d8d30986fe16ecba7f596b6b42715edb19db4acf5add8946a586f4a88ddfe7fe692b362747b17cd75e8c1ef846b3334d5bdcca72fe","ssdeep":"","tlshash":"f2112129f78478fa9251757c979fe313712a30932d448e247415eca1b838ca209b386c","size":989,"data":"","first_seen":"2023-03-07T12:24:52Z","last_seen":"2026-05-02T10:12:40.836647Z","times_seen":315,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/jquery.SuperSlide.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"7ea11fbb848cdb739af15e147a37c765","sha1":"69fd9147cb1bf62e87f9d691f465bc7b2b317cd6","sha256":"b83518398431f34d291551fc041d1a628d46a21e9cfdcde946911e03b8332148","sha512":"e8f0c9e5d6c9c66eb058bc2243bc2e0dca62644fe5fd1df8fe9651d3978d177209915501d364ce6f09d6a9f84a3506a5a786908e2cfe65bd2619064a99901c05","ssdeep":"192:YZK3bYHfc2gahQVoViSItpluMCuXGV+1tT1l50FH5oYyskaHwmIuTNSaXHZe2HNE:YcYc2gdWhMZWClnHhlwyT1Xh3","tlshash":"c232d65fb5b675ce4597b3f0107f940d222b5569fc8a8ca0b07082c4aeb9918243bfec","size":11214,"data":"","first_seen":"2023-04-07T05:01:53Z","last_seen":"2026-05-02T02:17:22.789865Z","times_seen":267,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pos.baidu.com/ccom?di=u2218020\u0026uuid=e4785453e018f19c\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=SSP_JSONP\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975","fqdn":"pos.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"103.235.46.94","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"d6086c79484f2b3a815b90343e3112bf","sha1":"d54f5c94c782b693efd9d10e63a5c71e35f10552","sha256":"5822176644c252c3cb48573768f59156163df68877cfdd1aecb05e56d9ef4fd6","sha512":"f2c024a3bda787726fbd3a6dde3ab0a359d188b24c5d33d5a577216c9dbaf7fb56a7d328f3a24c010987c5e174805c80285f57f3e1e3ee7c1035b32dce559cad","ssdeep":"","tlshash":"8921c945fa05ada7b292e05628ea3a4a40fbbf517a8045d1817dcf39630c81332a6a83","size":1359,"data":"","first_seen":"2026-01-08T09:53:39.217506Z","last_seen":"2026-01-08T09:53:39.217506Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pos.baidu.com/ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1","fqdn":"pos.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"103.235.46.94","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"e5684e203bdfea37cea61462feb1fe8c","sha1":"c5ba725d038e14c32850e324a098033e3e846cf5","sha256":"54e135268c5b3e50e64e2747c1b55ebdb81d0c11f10d24810e2d66da4e8dcebd","sha512":"996a44a82bff26f46a851eaa87a39748629621f7eb1cb735b2b497d863607e5bf7bdd961df4b8bab35050cc447c7a44dbe9ef14bfe327134f2b27cc04eb165c5","ssdeep":"","tlshash":"693156ed7c24882f617625715deb1a04f0a96033e4789d507192eef4d15c6c7011ff17","size":1626,"data":"","first_seen":"2026-01-08T09:53:39.450972Z","last_seen":"2026-01-08T09:53:39.450972Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"6d75824efad5c6192315352f114a3b65","sha1":"d3a2f2716027453012a72983d07bd92e1e6070fd","sha256":"6117c81c3cd6dae96235ddaf117980a2c25bf8e77e98c3e06dc34be9c13a755f","sha512":"295df4460020f7261df5ef1fea2944c1522abd4a45e90bc7f382a9a1b3e8ef8173edcb13bf09991b5231f849ec9ecb46d4b56512d3b88790c312d2832a13b977","ssdeep":"","tlshash":"0c60000033c30c3000c0c00300300c00000cf0330000c003c000000c00c3000ccc0030","size":14,"data":"","first_seen":"2023-03-26T07:56:35Z","last_seen":"2026-04-16T01:23:17.096109Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"625df047f0e32e83a4a096785e8715d4","sha1":"2fb20519deae5a0b1bddd54daaa6cbb4e27b5e2c","sha256":"85862996c246a46fb4377f55382b5a0be13b2091a4c98b1108f749f521626dab","sha512":"9d190b8dd210668ffad9400cb187a8177662a236c199ad05dc6c05ffa6852b18aa28eb932c750cceae3c043bee1d71ddb3c8e5f359b923ee16f6d78a3c6927e5","ssdeep":"","tlshash":"a850000033c300000000ccc0030c0c000000c0330000c0030000000c00c3000c000030","size":10,"data":"","first_seen":"2023-03-26T07:56:35Z","last_seen":"2026-04-16T01:23:17.093516Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"eval","is_inline":false,"md5":"702312f8535e1eae9780d7d0bee0440b","sha1":"9cb5cbabd037cca3b5cf5b3c4a745c424dfad619","sha256":"32b3ee0bcf3de91cf233bc6b3f4d80c6e1e6268a85952db39f5da0d26f5ac240","sha512":"43ffd4b67c5837d412d40d18916507c56249ab61ee91b587710ed79f207b5b1989e9c7e7b29fc9cfeb3226e7695020d93bfcc709c93c60db8e48456ad4b7c2a6","ssdeep":"","tlshash":"d9314c09faff2140a47fb35a2b2f99091671411b191dfe063e2c4fcb4f49628b096758","size":1861,"data":"","first_seen":"2025-10-20T16:53:46.554156Z","last_seen":"2026-03-17T07:48:49.152365Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"1001caa1d095611667022a4be7bf99c0","sha1":"a94c7b2204716dd0cfb200927da0bf41342024ce","sha256":"79689f9e07ee663d6ca43709fc3cde2d16540b6e7ad052aab22ea6650e05984a","sha512":"df05f3b726384573372471fcbee61a4293dba821a2b2c05258983de6d77f2f1fa4f75330e96dff688cb7b1a5ffb00dbdd324f4dbf43dc21fdf791e912b034c26","ssdeep":"","tlshash":"25f046cea742d8883cd369fc391bb61c314c0e29ac986960ec14a15606e882314c20cf","size":580,"data":"","first_seen":"2026-01-08T09:53:39.452946Z","last_seen":"2026-01-08T09:53:39.452946Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xbymb.downxing.com/js/logo/js/logo.js","fqdn":"xbymb.downxing.com","domain":"downxing.com","tld":"com"},"ip":{"addr":"119.188.9.131","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"8b5e08871e305d7e5a1ca11fe3cdd24f","sha1":"799c2474dc053a40d1c2d3b230e0a012e4546b09","sha256":"81ca845c7a7ad5c9b166d37e60590125d1e76c83c2dcdb71d0fddfab1309cef0","sha512":"11b9232dd5a49ff0c43e32343455191ebab2d1bb0238430af052a36ad62b2b271385884d0a588e74d5a1434b17bc368246856f5e257881b8e2356a822018388a","ssdeep":"192:p1Q97FnMytGBE7qLtgsfoM0lOLiJTslMe3ZtIt3NgBnV7wsQ+JkCTUTUyoRys+JK:D2MwGm7qLtJjc3MZt2NgBnRlAIyoRytK","tlshash":"8e226e6f3484293e97fb41d8725b3b4e3435658dda060c54c5a1ccd9a7fac4bb371290","size":10053,"data":"","first_seen":"2023-11-29T11:37:30Z","last_seen":"2026-05-02T10:12:40.79422Z","times_seen":950,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pos.baidu.com/ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1","fqdn":"pos.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"103.235.46.94","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"dac37ac31bd0120512e608d03ec2075b","sha1":"61f8703dfde7c1c82c0ce081d95c34ffa9011794","sha256":"891f285404ac26038f242ea8d0157fa2ec8da1cb13b370abfe9f63cf505968cc","sha512":"14be3896be0b2b546661e55c2523380652e836522ac29b02c8ba5e25b21ddd3d11cb8f746eba7e5aca426a0c5cb71b7dec51636bcaf5c5d568c373894300f04e","ssdeep":"192:6iRFi1i7aFiUmixiBidiniia1QFiUmilFiUmi9ikinipFiUmi3i11JmiqimiQ0iL:nRkU7akUjAQMin1QkUjlkUjstipkUjyS","tlshash":"c6220224c9b99230567e5168edc6470ca3a5c8730f9304667bed077d4be19bf037aa92","size":10496,"data":"","first_seen":"2023-04-05T05:14:30Z","last_seen":"2026-05-02T10:12:40.846644Z","times_seen":318,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pos.baidu.com/ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1","fqdn":"pos.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"103.235.46.94","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"be7f95f4b660c9e9ef9929a532315ea2","sha1":"2dadcf96b7674ad775c7ae79d2edabbd040d5052","sha256":"2b37ab63fdc70ede05e9ea1ab287c7654bf8a51ff184af48b43360f09e84a514","sha512":"1476dddcb65c0b8b0c98a164e6a8ee60999da66aa4996e8baa90ffa7b5570a93f25e95680fed0379a75f5451c14c65efd7811d4c8a2050eab3b0f45774ee6f51","ssdeep":"","tlshash":"ebf0282bb31a67334ab0095e925ed7423e51d6e3eb82b4524268f810f683f13c80ed34","size":603,"data":"","first_seen":"2023-03-07T12:24:52Z","last_seen":"2026-05-02T10:12:40.83803Z","times_seen":609,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pos.baidu.com/ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1","fqdn":"pos.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"103.235.46.94","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"2249362d326da34b993e5960118cdb36","sha1":"a4c9de5784ae5aebf9493ccde43fe3359384beff","sha256":"1999e22ccecce48965c246bfb777d81c7d37116272e200f0dbbb4ba73b63e8b0","sha512":"00bba0e6a0483dbaec0c216ece8e0a9964f159b23437cab8fce505d537f2a052a15e79205fc7525fb31785c5a9b38d4e67b30ca4a4c3673af29ba0af2260fa55","ssdeep":"","tlshash":"8361e345aaf7085eae9730963e4f29487c3c00534e48ef04fdacb3551f94b665ab8b8c","size":3363,"data":"","first_seen":"2023-03-07T12:24:52Z","last_seen":"2026-05-02T10:12:40.847194Z","times_seen":314,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/jquery.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"3576a6e73c9dccdbbc4a2cf8ff544ad7","sha1":"06e872300088b9ba8a08427d28ed0efcdf9c6ff5","sha256":"61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf","sha512":"27d41f6cfb8596a183d8261509aeb39fcffb3c48199c6a4ce6ab45381660c2e8e30e71b9c39163c78e98ceabc887f391b2d723ee5b92b6fbc81e48ac422e522b","ssdeep":"1536:s6IzxETpavYSGaW4snuHEk/yosnSFngC/VEEG0vd0KO4emAp2LSEMBoviR+I1z5T:O+vIklosn/BLXjxzMhsSQ","tlshash":"b393f8ed73c6717243ab30ae40af610ef1365869280d8410f129e8f9bc79a499277f7d","size":93636,"data":"","first_seen":"2023-03-07T01:02:53Z","last_seen":"2026-05-02T15:23:55.043495Z","times_seen":32596,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"6d75824efad5c6192315352f114a3b65","sha1":"d3a2f2716027453012a72983d07bd92e1e6070fd","sha256":"6117c81c3cd6dae96235ddaf117980a2c25bf8e77e98c3e06dc34be9c13a755f","sha512":"295df4460020f7261df5ef1fea2944c1522abd4a45e90bc7f382a9a1b3e8ef8173edcb13bf09991b5231f849ec9ecb46d4b56512d3b88790c312d2832a13b977","ssdeep":"","tlshash":"0c60000033c30c3000c0c00300300c00000cf0330000c003c000000c00c3000ccc0030","size":14,"data":"","first_seen":"2023-03-26T07:56:35Z","last_seen":"2026-04-16T01:23:17.096109Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"625df047f0e32e83a4a096785e8715d4","sha1":"2fb20519deae5a0b1bddd54daaa6cbb4e27b5e2c","sha256":"85862996c246a46fb4377f55382b5a0be13b2091a4c98b1108f749f521626dab","sha512":"9d190b8dd210668ffad9400cb187a8177662a236c199ad05dc6c05ffa6852b18aa28eb932c750cceae3c043bee1d71ddb3c8e5f359b923ee16f6d78a3c6927e5","ssdeep":"","tlshash":"a850000033c300000000ccc0030c0c000000c0330000c0030000000c00c3000c000030","size":10,"data":"","first_seen":"2023-03-26T07:56:35Z","last_seen":"2026-04-16T01:23:17.093516Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pos.baidu.com/ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1","fqdn":"pos.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"103.235.46.94","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"f2a3816a519e9b647f39851bd709da24","sha1":"3844e1a72e765bbbe1ba3748d3f252766a5a42bc","sha256":"e6400ed58a0a32912bdae90bc21d02ba6f1e7c3dccf3ab439815ffaa78bbaef5","sha512":"8c5163130a5a0d13199ebde4355d337b49f275e26e2838ab659802d16b756a6aa7526075cd8ea879cb8d66dfb7466a0d9b970cc4ece277006bb8c01c36308b64","ssdeep":"","tlshash":"b19002c0632623815101b04c5c25bd01b5e46e19e604e648112096211d0d112a410a84","size":52,"data":"","first_seen":"2023-03-07T12:24:52Z","last_seen":"2026-05-02T10:12:40.830043Z","times_seen":382,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"6d75824efad5c6192315352f114a3b65","sha1":"d3a2f2716027453012a72983d07bd92e1e6070fd","sha256":"6117c81c3cd6dae96235ddaf117980a2c25bf8e77e98c3e06dc34be9c13a755f","sha512":"295df4460020f7261df5ef1fea2944c1522abd4a45e90bc7f382a9a1b3e8ef8173edcb13bf09991b5231f849ec9ecb46d4b56512d3b88790c312d2832a13b977","ssdeep":"","tlshash":"0c60000033c30c3000c0c00300300c00000cf0330000c003c000000c00c3000ccc0030","size":14,"data":"","first_seen":"2023-03-26T07:56:35Z","last_seen":"2026-04-16T01:23:17.096109Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/common.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"043a512d415fe741ef7ec356132d3a30","sha1":"53070533e4bc97e7e5518b98e8e767713f2b57f6","sha256":"f7c163cb0ed738bfc92db29cf8ebbae9abe3c0fa89d00abcc99e9f333d661822","sha512":"bcb2440fb588618f6335d90711204dc1ecaeacb7996b8bc37b22e546abaeffa127fc4440e75cf05c02ce0811e852c7335ee6d3b7d4c7392b771b48bfab14fe6b","ssdeep":"96:cme/3tfiXUGqELj1X/DknNxDSDKho7hBZIOhbjp4Lr7LUBzI:O3tfi5qKX/eNxOtNBZ5h6Lr7IBs","tlshash":"d8e1ce09b7bc0f9291f7238a173951c1ee2a481766558342f8f846b93fb590ca623d7b","size":7323,"data":"","first_seen":"2025-01-03T05:17:31.246562Z","last_seen":"2026-04-16T01:23:16.974685Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"39f345a38e6805a58f5e743983b61ef1","sha1":"90492bf089ce3ef13d1e17092a5d26981b8293e5","sha256":"0eb98ed642a1829397544d5f4113147cbd3c4de6aadd6b8a3fd777b08206b585","sha512":"e0975a95d0380c496e12d79bab5af01f1055637ba97f8acc03eb07d926e96a9b38ad563d43e229d9df8a17c7961652ba30253deb3497ec6230e5c67a60443fac","ssdeep":"","tlshash":"7fa022833c0082c802202cc820b0f30c82abec300ea0c0fe80fe2200bf20efe0800f20","size":73,"data":"","first_seen":"2026-01-08T09:53:39.457264Z","last_seen":"2026-03-17T07:48:49.331347Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c573d8a99a011b0ab3b64b75f9620551","sha1":"268fc03941acc3da21ebc0d38e32b34b206c59ff","sha256":"f9019783ddec34d8c687699e7eeb68e3a6de63b78cadfa84b259ba36fb37287a","sha512":"f59b8f034d74063b1431855addc92bcf50ee418748616fec9151ddeba07f8d4726e8d8ebc3ce3869b163b73f271360014a776e3ea92f958f407c305390722ca4","ssdeep":"","tlshash":"90900400d01c1504c00054404dd57f1330d00d07d7043705c51cd13c510f040141d445","size":40,"data":"","first_seen":"2023-03-26T07:56:35Z","last_seen":"2026-04-16T01:23:17.097853Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c69beaef5754f6ae5636984909dcb101","sha1":"7460410433c137c8124a7681126863dcc0172caa","sha256":"411fdb22d8d9298e5d32f2cdcc7e865f8f3bf55c5ad15133b18e1b86bb7a2499","sha512":"a818311919fc148e40131f9dd2808f9dcb609103a1c6c0b643d179451885d66bf8202703a5905c435db4282ee90d5bee73d338a3b46db7895f2bb8f146b8ae0d","ssdeep":"","tlshash":"16400000000300000030c0000000000000c00000c0000000030c000000c00003000000","size":7,"data":"","first_seen":"2023-03-07T12:06:19Z","last_seen":"2026-05-01T08:30:43.1097Z","times_seen":488,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"f07610eec393109a375e97ceb5d56349","sha1":"7292f9a5df24f14d75c67627d237815a38078c3a","sha256":"803e59dc9e7826bc6b04317b762baee2a87572d9cf9e38631f3d7d6569f6093f","sha512":"60200e99e9fc742f4cc25089b8173c70e2aa9e5bbe25a099259c240659335fa198b41c71287ebc3b2e5650ffed15e075c455b5bc5ee2181b2098f96639fd5ca1","ssdeep":"","tlshash":"ee900400d0151500c00050414df57f1130d00d07d7041505cd1cd13c510f0401014445","size":40,"data":"","first_seen":"2025-09-26T18:27:37.111228Z","last_seen":"2026-03-17T07:48:49.342135Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"a47ce079d9b6bfc825c7d6d801fadf91","sha1":"6c0c91f0ca6147fcf0e06090a592a35db7d35c7d","sha256":"956c106ad447677ba3329cd2a2399e96eb5a412b68dc62ba04816e85bfce7dd3","sha512":"103573873516aba27b29f551dd2962d5a64f3ea962d294cf2bef207521c5b76dc563a5fce8692da6a9f6e87b85b05ebd1ce75387496b834d11bb1cc884028759","ssdeep":"","tlshash":"82900400d01c1504c00070c04dd57f3330d00d07d7045505c51cf53c510f0401014145","size":40,"data":"","first_seen":"2025-09-26T18:27:37.100207Z","last_seen":"2026-03-17T07:48:49.344653Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"8f51ffc109def5b1c39474de8ac63201","sha1":"1403d33603cb04edb285b05e172bbae315b46328","sha256":"368712ddb3fcc7baf3a984474dfdd91b50c16cfaf8da446afffefe651fec108b","sha512":"cb06c81171634db2825c1c227af092ab39b566c477fd7c0dd41301cb8ba50c9872fe9bcb1fd54b1deda6ccdfe1acd8e36ade81ca1cb2f59f0c09ae9bc0771842","ssdeep":"","tlshash":"8be0c2871d0bca6da92068d4f362ff0ea81a51268d90cc2243e84590b584eaf4d0c494","size":293,"data":"","first_seen":"2026-01-08T09:53:39.462519Z","last_seen":"2026-03-17T07:48:49.348008Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"cd6d890d675fd81d74734221cea59cc9","sha1":"d69a68a8123f99e068ce16c11efcfc7c69ccec95","sha256":"62858d2a88e63d38e72a5be84ac91c4d21d1353bb38c60421683106433f84a69","sha512":"cfadba2b5fd70a9b9002e90104d59357e53d42dd241dbf2afd3ea71937576af513e23ac1a70c3eb5cdb68b6a5b0db08a05163e99aff1474d19e21fdba2be077d","ssdeep":"","tlshash":"24900400d0145500c00050404dd57f1130d00d0fd7041d05c51cd13d710f1401014145","size":40,"data":"","first_seen":"2025-09-26T18:27:37.115806Z","last_seen":"2026-03-17T07:48:49.329852Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"pos.baidu.com/ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1","fqdn":"pos.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"103.235.46.94","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:57.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1 HTTP/1.1\r\nHost: pos.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: post-check=0, pre-check=0\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nContent-Length: 13332\r\nContent-Type: text/html;charset=UTF-8\r\nDate: Thu, 08 Jan 2026 09:52:57 GMT\r\nExpires: Mon, 26 Jul 1997 05:00:00 GMT\r\nLast-Modified: Thu Jan  8 17:52:57 2026\r\nP3p: CP=\" OTI DSP COR IVA OUR IND COM \", CP=\" OTI DSP COR IVA OUR IND COM \"\r\nPragma: no-cache\r\nServer: nginx\r\nSet-Cookie: BAIDUID=E77F66FFB97404C3C2E14C4BA17F8E37:FG=1; expires=Fri, 08-Jan-57 09:52:57 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1\r\nX-Xss-Protection: 0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":59448,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4933)","md5":"6be1b36a8eb2d93d973e00a42e94865e","sha1":"1f1f5cf79c01e13429e969868ff8692e23411432","sha256":"0b762f56a6dcf058f968ca4d00b0d3de5dc6eafdf3f494b28e0be444a2794401","sha512":"263202a7c0ff4f2a604e4f1de0857227d1a0ea4a060cbda298fbeb52d7f39b9a205a5f7a0657b85dde7846c74406ca03bb5c83c6da3ac11d4d88fdc48c10b387","ssdeep":"1536:1bAu5oyMGcRKGpeYuBSIpFN/k5UW032cRKGpeYLs7os5N3MqiMLyMq+:KwoyMGCzQk82CzQPsqNT","tlshash":"3543f7065afb0466f9273068afcf16043c789643ce85ce18be6cba945f5096b4177fe8","first_seen":"2026-01-08T09:53:39.201537Z","last_seen":"2026-01-08T09:53:39.201537Z","times_seen":1,"resource_available":false,"data":null}},"time_used":347,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":346,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0604/20200604103103206.jpg","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0604/20200604103103206.jpg HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 43806\r\nlast-modified: Thu, 04 Jun 2020 02:31:03 GMT\r\naccept-ranges: bytes\r\netag: \"8ce37731183ad61:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i91504_c21609, i2475927_c28821, i2315675_c28337, i1935949_c22759\r\nx-cache: HIT from i2475927_c28821(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43806,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 340x195, components 3","md5":"b745110cacbe901d3faf6665231a9953","sha1":"973259ace3ce6463086b772a5819796b4255212b","sha256":"76ba7f70d41c44d71e43e720b39a4b51e7b6093c052c484c6002bb154aa59a8e","sha512":"d0d260e1bc05b7e4653e2c4a5a06ad88fe9b28f189bb502702d839d8e8210ce8ca272abf5f160bae7bd6e1d503028a26cd786662e1cb8f019b9d6b4467e27701","ssdeep":"768:gxfMA+no5TlAc+D6ncQD26pBiw1nQ2x+X9Ln/wum+CnWx:OfNKOAbcpEMx0pBCq","tlshash":"9613f10709f0ded1b1d92acc3879b469b9250df23091cd4a1ebdc0d46762afa3b3268c","first_seen":"2026-01-08T09:53:39.202498Z","last_seen":"2026-01-08T09:53:39.202498Z","times_seen":1,"resource_available":false,"data":null}},"time_used":577,"timings":{"blocked":296,"dns":0,"connect":0,"send":0,"wait":279,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0921/20220921104940650.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0921/20220921104940650.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 11567\r\nlast-modified: Wed, 21 Sep 2022 02:49:40 GMT\r\naccept-ranges: bytes\r\netag: \"1f13bdcb64cdd81:0\"\r\nx-frame-options: SAMEORIGIN\r\nage: 223579\r\nx-ser: i18967_c6956, i2103121_c28197, i2315497_c28337, i1935945_c22759\r\nx-cache: HIT from i1935945_c22759(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11567,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"074e661f39f4dfc4ffa7754e9ef54632","sha1":"9252dbfea9b66cfdf0c59251d7ef7663d70bc73a","sha256":"105b9b5fa3915d6c53b21d1be96e42a4ec4a200f11bb44ce958f426aeb81b84c","sha512":"94eb54d71d816ab3fc03c12bc6ddcc65fb961aa2ca1c4c9e71a774d6935fab54613135bb5eaa4496655de5514fea2ec2aa74727b1982c80b869834e21715a8cc","ssdeep":"192:R8RuZaVsvbwv8buSAHcInUKl/OjJphLjqrrS2xzN4VQ5/eI2ClZaW2KF1F3clzes:R8keR0buSNKwlpVOHS2FN4VQscYWNezn","tlshash":"9532bfa9e9bc9ae682c50577608dc8652dbe7f08fccb30a81a9f611c2d4fc5e7492451","first_seen":"2025-12-02T22:33:25.420389Z","last_seen":"2026-01-08T09:53:39.203438Z","times_seen":2,"resource_available":false,"data":null}},"time_used":384,"timings":{"blocked":281,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/jquery.mousewheel.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/jquery.mousewheel.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Fri, 19 Jun 2015 08:30:04 GMT\r\naccept-ranges: bytes\r\netag: \"0ef1236aaad01:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 2574\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8279,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"426ff44fdde60c9e548a11806e5e9681","sha1":"dd5ff92e7c87c430d12afde96d2910c32b632a06","sha256":"51dc8aab107d8f37e1bc87dbfc4913deb3b33519ee0bad8e1331629048b40bc7","sha512":"e1818da2f26b97a424f7c6910bb0d3871589b7eefec0322a57695d6c86e343f58e60e69822716e4bc5389e2493c852fe4fc80fba2a19e4e3b0458e3de6850f5b","ssdeep":"192:fixbp3vy1evQNNvmYriuXaY93O9esNrz5b/1YQGiqRC3:qxbFmevIXA9ew5bNYQHqRC3","tlshash":"4202320553d621a65597bb3af78ba043733c80970029f973785e1f841f859a463f2bde","first_seen":"2023-03-10T14:39:44Z","last_seen":"2026-03-17T07:48:49.258885Z","times_seen":20,"resource_available":true,"data":null}},"time_used":767,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":767,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/l1.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/l1.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/lib.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 20 May 2015 05:00:02 GMT\r\naccept-ranges: bytes\r\netag: \"0f52bd4b992d01:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 700\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":700,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 8x21, components 3","md5":"7ff70c7da8f7fd4f5671be4fded755e9","sha1":"3fadf2b6fb20931fb544b260e90d569af0317efb","sha256":"ec07a740d7f10292164322bd6992bb74043c1198d877c9abb96f775b25e3af55","sha512":"9daef69968ee73dd5d98f65767ec8f3a9e5cb29542113edec8bab7a05f528e67670876d4dbc2a8b30947a8bc84477538869f837eca767d5b7c92cd76c1679415","ssdeep":"","tlshash":"0e01e1450d084ef9cc291b30db641a10e6df5a7e8129924ca7b60201dc2b5d32862381","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-21T21:38:54.255497Z","times_seen":21,"resource_available":false,"data":null}},"time_used":589,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":589,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/css/lib.css","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/css/lib.css HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 11 Dec 2024 07:52:41 GMT\r\naccept-ranges: bytes\r\netag: \"80aa86a7a14bdb1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 4836\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18393,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"38461355c4bb4bafad6c3222e8e4430f","sha1":"19921c721f287fad3216f29575619a40033c03ae","sha256":"396b42930327678f1286a7e75520ef30ca4b2b092a8a1cee64f319acb00f4bc1","sha512":"ef4334a558bfede5fecdbaddc95c3ec6d9b585f13f7041cce1af2c98a6cf62ce6a51e5e882657b1ba5c8dfe8e3c007f8e661e8baac1aa0fbf7eb88f83ef909cb","ssdeep":"192:58YdR6cQRmnom6q8e8ZWXZtlUYA6pUkPQqRmLU+HowlLZPL/X43wUicVcrsUC:5HdHQRmnV18e8Z6bGY5wo8stiU","tlshash":"8b827478db17204bf237dadabb225b53ef09505396060278ffe43614ea890592572fcd","first_seen":"2025-01-03T05:17:31.235963Z","last_seen":"2026-04-16T01:23:16.747637Z","times_seen":12,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/css/pc.css","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/css/pc.css HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 12 Dec 2024 00:46:25 GMT\r\naccept-ranges: bytes\r\netag: \"808674452f4cdb1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 4573\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20309,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (1559), with CRLF line terminators","md5":"c7680c2a31b0cc575767ec64c1724200","sha1":"a27b4361bed5face40679661a34e04ab5334ef44","sha256":"f96d2aaec639be8bd63cd09e9b0974fafd2d064ecb88b4def381fc4dfcc19be9","sha512":"1bdfdc58a7c917bf0002fc9f5e394a24f31f9c0e691296a5044cf625c68d3ab2c3f7cd22b6d812130daaecf8e50020d254cd4962a601e07c0db99c705f73d498","ssdeep":"384:56zmvOTV7Jq+pVccJi/Vc5sFeuJOJXOKbu4PzhbY2JvkJzsJOgMWgxlU:56SvOTZJq+p+cJi/25sFdJOJXOKbu4PN","tlshash":"2292a969eb59614fb31795fdbb729b476f4880139a0f0368f9f43764e2860a839323c5","first_seen":"2026-01-08T09:53:39.208514Z","last_seen":"2026-04-16T01:23:16.893015Z","times_seen":5,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0506/20220506043634612.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0506/20220506043634612.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 13949\r\nlast-modified: Fri, 06 May 2022 08:36:34 GMT\r\naccept-ranges: bytes\r\netag: \"3deddd642461d81:0\"\r\nx-frame-options: SAMEORIGIN\r\nage: 130824\r\nx-ser: i19049_c6956, i2475941_c28821, i1940269_c22409, i1940231_c22759\r\nx-cache: HIT from i1940231_c22759(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13949,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"e838bfec829d070a2e9ef19d4f56cb9f","sha1":"08fe5ebbbc374895d82660f4c1adef80700a5c11","sha256":"1b2e4c14d0a824c0278fb129b43632936ddaad8e0e9cb54684da52d502a501b2","sha512":"5fd6329d81940c97bbb351bc3ebe1ca8a69eb4a8292395388037e61db0c5c4dac9aa05b924f4d14a771a0533e46e565bd8fc86d79cb15fd93e141428988594a2","ssdeep":"384:5dc4lN6S5VzL5ExkmHzUnLvVLyIlGHf+eS06WK+:+SLzVExXmFGHf+evd7","tlshash":"2352d1edd305adda626c7480e5e8fe338f70bc515e5f368a8252e8924dc75c27188453","first_seen":"2026-01-08T09:53:39.209487Z","last_seen":"2026-01-08T09:53:39.209487Z","times_seen":1,"resource_available":false,"data":null}},"time_used":376,"timings":{"blocked":295,"dns":0,"connect":0,"send":0,"wait":81,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2016/0511/20160511035536512.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2016/0511/20160511035536512.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 6878\r\nlast-modified: Wed, 11 May 2016 07:55:36 GMT\r\naccept-ranges: bytes\r\netag: \"1b5cfc805aabd11:0\"\r\nx-frame-options: SAMEORIGIN\r\nage: 43391\r\nx-ser: i37634_c26321, i2103123_c28197, i1935955_c23471, i1935921_c22759\r\nx-cache: HIT from i1935921_c22759(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6878,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit colormap, non-interlaced","md5":"ab8558b61518e9addeb3079c6c37d124","sha1":"649d6a75bde337e5f46ad4af6f6259f13ae87666","sha256":"ac29b9919ddab071d431c7bcc69d0ff92be6764cb0197322486c30691ab438b5","sha512":"b55aff98d7fab1c68364c08166789c7f81b11ed1076c188c24700642ed52a9873c7b60eeafa424ea49767740edcd3ab614cc8103608e13d28f4ba3685a4c6b70","ssdeep":"192:gSHIIHUCD4waocnldrxok1cswQ4LjA3hI/iA:H50w5cPrOk1czzI3A","tlshash":"59e18ec5925438ee3805841e3ad7ed06472336f0719b2f19a87f534c93b0c567e7169b","first_seen":"2026-01-08T09:53:39.211767Z","last_seen":"2026-03-04T05:46:55.343377Z","times_seen":3,"resource_available":false,"data":null}},"time_used":382,"timings":{"blocked":290,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/down_load_address.js?2022","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/down_load_address.js?2022 HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Mon, 13 Oct 2025 08:20:04 GMT\r\naccept-ranges: bytes\r\netag: \"0123c2d1a3cdc1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 1309\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3207,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"0dd6c7d0380d8a8c58595c094df522fa","sha1":"296f5fa156f551a4ca4d4ee639ab72bd0e1cfa87","sha256":"b47ac469b6e1351d8afbb442376fa8a1270128df9ab72131ca9cf0bd5503c424","sha512":"3881c80a97ec1fa9b284d4a5fade0e5135a10d475fdbfc1f4749caed4be84c741e8c458e9578305c866aec5e7719f6a2cc1f795fc56edeb8a310d83a9068a809","ssdeep":"","tlshash":"1b61d199a788850d59f272778f3d0714d91fc02701418f64be5c85152fbe41a862eefe","first_seen":"2026-01-08T09:53:39.213134Z","last_seen":"2026-03-17T07:48:49.150447Z","times_seen":2,"resource_available":true,"data":null}},"time_used":547,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":547,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/comment_api.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/comment_api.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Tue, 19 Sep 2023 08:56:38 GMT\r\naccept-ranges: bytes\r\netag: \"0a71433d7ead91:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 820\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3077,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"f6e79d8abf21a10d20e6552e5bafb09b","sha1":"db9193b53b479ac9c59e1f4b2f71d5bb9c78641a","sha256":"b1504dbec2a194379e837d858c718e3a627406652705ec4abaf3570552d4648b","sha512":"d2d9b95c83ac723e9b7efd2c60479175ba51bd4c4bbc86a302e63f7226400e36baf35cf227532608cfe7e876fc2a80815b3286a5286bb5db30ae8a764d14f4b5","ssdeep":"","tlshash":"b851875e0c2a52108eb273ea9a6f4b60f87a613f5511c1457c6cdea0bf34e28065ff5e","first_seen":"2025-10-13T03:08:21.20465Z","last_seen":"2026-03-17T07:48:49.125839Z","times_seen":26,"resource_available":true,"data":null}},"time_used":536,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":536,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/mo-abg1.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/mo-abg1.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/mobile.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Wed, 20 May 2015 06:48:11 GMT\r\naccept-ranges: bytes\r\netag: \"80c7eaefc892d01:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 1181\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1181,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced","md5":"bb6a33bbbd8d4a7b148f77e3332ab699","sha1":"73176e3d637b57e64c0f1ba2b81e63a04fac70a8","sha256":"fc312dee4e2be219fd6cf3e242828a0d83850a8f5ceeefbb84aa9b504ee7c973","sha512":"c506bf8c8b273439fc73d2fa2d75b3e00b1a0d89b8e9c9a311d48e5919330e0d547d221df5f5e0f5edca073bb0e32c4bc4f7f0a9dfac3100e78b5f9de896774c","ssdeep":"","tlshash":"19214489e990ac02929bc78954fe90375212485099e0e90df9cec95a19282f9d57d6cb","first_seen":"2026-01-08T09:53:39.21554Z","last_seen":"2026-03-17T07:48:49.092444Z","times_seen":2,"resource_available":false,"data":null}},"time_used":593,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":593,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?00526ff88a0f942f7aba7a59e0e7b53b","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?00526ff88a0f942f7aba7a59e0e7b53b HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11660\r\nContent-Type: application/javascript\r\nDate: Thu, 08 Jan 2026 09:52:53 GMT\r\nEtag: 05d94fe68eed76c7ccb7529b5befd717\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=C9CC544BEF29F06B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":30266,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (990)","md5":"6073ffe1a1a5f7ef624710474d537267","sha1":"31a97e908fadc6855cbb7c427f2c7c965fcf974b","sha256":"3aac419ede9d9bb0cbdae1c3c675d159ab0195c27d59e37373023cfbe4fe0150","sha512":"ad69447c4164ae3452c93dcced61935585467f15b4c0f4eac67d6b8bdb683832146a12cc81ab6c1375cac2203a9047671bc6525d95041d2bac2755d9aa655ed7","ssdeep":"384:ZJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:Z4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"13d2d9e9b182713293a324a5157f320af07b6e54bd4968a4f11894c07d78fab027bfdd","first_seen":"2026-01-08T09:53:39.216673Z","last_seen":"2026-01-08T09:53:39.216673Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2300,"timings":{"blocked":991,"dns":1,"connect":499,"send":0,"wait":312,"receive":1,"ssl":494},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pos.baidu.com/ccom?di=u2218020\u0026uuid=e4785453e018f19c\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=SSP_JSONP\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975","fqdn":"pos.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"103.235.46.94","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:55.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /ccom?di=u2218020\u0026uuid=e4785453e018f19c\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=SSP_JSONP\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975 HTTP/1.1\r\nHost: pos.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: post-check=0, pre-check=0\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nContent-Length: 750\r\nContent-Type: application/javascript;charset=UTF-8\r\nDate: Thu, 08 Jan 2026 09:52:56 GMT\r\nExpires: Mon, 26 Jul 1997 05:00:00 GMT\r\nLast-Modified: Thu Jan  8 17:52:56 2026\r\nP3p: CP=\" OTI DSP COR IVA OUR IND COM \", CP=\" OTI DSP COR IVA OUR IND COM \"\r\nPragma: no-cache\r\nServer: nginx\r\nSet-Cookie: BAIDUID=6DB07965E4D3FF9B4EE196641A0F3F2E:FG=1; expires=Fri, 08-Jan-57 09:52:56 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1\r\nX-Xss-Protection: 0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1359,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (1156)","md5":"d6086c79484f2b3a815b90343e3112bf","sha1":"d54f5c94c782b693efd9d10e63a5c71e35f10552","sha256":"5822176644c252c3cb48573768f59156163df68877cfdd1aecb05e56d9ef4fd6","sha512":"f2c024a3bda787726fbd3a6dde3ab0a359d188b24c5d33d5a577216c9dbaf7fb56a7d328f3a24c010987c5e174805c80285f57f3e1e3ee7c1035b32dce559cad","ssdeep":"","tlshash":"8921c945fa05ada7b292e05628ea3a4a40fbbf517a8045d1817dcf39630c81332a6a83","first_seen":"2026-01-08T09:53:39.217506Z","last_seen":"2026-01-08T09:53:39.217506Z","times_seen":1,"resource_available":true,"data":null}},"time_used":3478,"timings":{"blocked":1595,"dns":793,"connect":263,"send":0,"wait":287,"receive":1,"ssl":536},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0103/20200103042846452.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0103/20200103042846452.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 8917\r\nlast-modified: Fri, 03 Jan 2020 08:28:46 GMT\r\naccept-ranges: bytes\r\netag: \"26664cd1fc2d51:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i33595_c26321, i2103119_c28197, i1935955_c23471, i1935845_c22759\r\nx-cache: HIT from i2103119_c28197(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8917,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"01481cdb6769c6a214b5c3e9d053b5dc","sha1":"02e75667b22c9f40c4f5403103dcb4c22423196d","sha256":"7d6f7d917e14bd04e0ee6e32a7cacdf24792f3dc400b7ad0d202f5a29e55068e","sha512":"7c37bffbaa99c7f0cd4e83501af8bdc498f5427912ced5fd4dd4c4d87a92e611b2500d0b3802385f7bb80080bfcef3f3099ef9b3d44bc158ed58c3c805a5df74","ssdeep":"192:VMb3lHeX1KVyLzqUE8k5O+pcIimvb84Xjlslm4SyThw5ns5xs:Al+X1mD82WXmv4IlIQ5ns5xs","tlshash":"4402b0d25ea18648b60ecea9fb1eb8548ce607970bd6a3074917a192f403334916fdf7","first_seen":"2026-01-08T09:53:39.219023Z","last_seen":"2026-01-08T09:53:39.219023Z","times_seen":1,"resource_available":false,"data":null}},"time_used":623,"timings":{"blocked":287,"dns":0,"connect":0,"send":0,"wait":336,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2016/0808/20160808090740902.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2016/0808/20160808090740902.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 9254\r\nlast-modified: Mon, 08 Aug 2016 01:07:40 GMT\r\naccept-ranges: bytes\r\netag: \"fcd0794211f1d11:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i25513_c14934, i2475911_c28821, i1935955_c23471, i1935949_c22759\r\nx-cache: HIT from i2475911_c28821(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9254,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"2f91b6111bd7d37b2f65799dcaee1b56","sha1":"88cbdd00ba2e06d80d908d52107870c844d9643e","sha256":"bc4aad1d4ad2e396eb0cfc3e17b8c8193e5e6784ef348fadae379e9cd7c25553","sha512":"e6427f0060c1dce6eac1b453fd8206de84f5101792c4cd80fdd7ac4ab805545d31784875e19c76c8a8386815d310a9dedfd3da3270957221449d15feaccace5c","ssdeep":"192:v+7bMZBv5+XL3Eot3zdT1u9rSjkM04dOY/uvH7g2ifxB:ab0Bx+jj3zdT1bjFFOs2Ov","tlshash":"4312d17545c415760f1b4acb530cf405a92dbff16114e59176aca2e40cb3f72225fd29","first_seen":"2025-10-06T14:54:36.50605Z","last_seen":"2026-03-04T05:46:55.563627Z","times_seen":3,"resource_available":false,"data":null}},"time_used":533,"timings":{"blocked":278,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/cui.js?1","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/cui.js?1 HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 11 Dec 2024 08:30:19 GMT\r\naccept-ranges: bytes\r\netag: \"801f66e9a64bdb1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 2845\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12052,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"43a560ac53ace0805b7652a20cf07492","sha1":"08f68a3fbfc3edf2e709d43a6c52f72aec1e422b","sha256":"1dc81993059aff51337b54d00ce5cd945bc384338bd6e92dd9e1dcb84bbf2335","sha512":"55ec9ac2946e74d80216f5b4757db95a7719c68fb10d1ec13833801e51b1f529bf25645e2f4824e146399e2abb0390214cfe8690b15149464f90a9f96559e9d1","ssdeep":"192:H/lWcbKvtjuJ7H4zxzxxzxxxzxxxxFxxxxxFxxxxx+4x4xx4xxx4xxxx4xxxxxK3:H/lWRFck0WI","tlshash":"c242341cb22c1eb452bf15ae6b2dd4d4dd1a0427524cb703f4bd096a2ff4448ba369eb","first_seen":"2025-01-03T05:17:31.731952Z","last_seen":"2026-04-16T01:23:16.763369Z","times_seen":12,"resource_available":true,"data":null}},"time_used":559,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":559,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0705/20200705082922205.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0705/20200705082922205.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 13182\r\nlast-modified: Sun, 05 Jul 2020 00:29:22 GMT\r\naccept-ranges: bytes\r\netag: \"05d16546352d61:0\"\r\nx-ser: i33607_c26321, i2103143_c28197, i2315539_c28337, i1935949_c22759\r\nx-cache: HIT from i2103143_c28197(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13182,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"b8b8d007b24833f87a466a9f2f614578","sha1":"6cc16e72d78cf5ea1cbcfe7ecac9e53073c59cf6","sha256":"81bb09ef9fa6aa7232dc913a0b743518da5bd7c33d329ffbd1106e716cafaff3","sha512":"475cbb31fe2a3fcd2aa8e1a91685e1b267eeedee5eb005f82ee8b86211a4eb9b3b6f5b1fad72d65ba6e277c58f863c4397630e7951eccb6e4c6dbf4a6b73d246","ssdeep":"384:CNf/tkITH0yyP2BsWfIIhzXu59l8Lc8Sbwq+JbIM:UqlPJuFhz+3+LqPY0M","tlshash":"0f42d06a44320e42657104a3fee1f479f792cb71d1b93ca61f7b8845528aa47eab8b01","first_seen":"2026-01-08T09:53:39.222311Z","last_seen":"2026-01-08T09:53:39.222311Z","times_seen":1,"resource_available":false,"data":null}},"time_used":959,"timings":{"blocked":326,"dns":317,"connect":24,"send":0,"wait":236,"receive":1,"ssl":52},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/0818/20210818100812905.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.524Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/0818/20210818100812905.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 16329\r\nlast-modified: Wed, 18 Aug 2021 02:08:12 GMT\r\naccept-ranges: bytes\r\netag: \"04e98e5d593d71:0\"\r\nx-ser: i64572_c23633, i2475941_c28821, i1935953_c23471, i1935893_c22759\r\nx-cache: HIT from i2475941_c28821(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16329,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"af7c63448eccae276b4d2a8489c41187","sha1":"cd29667b77efa85dc1372e888353baed5c8e7fdb","sha256":"9efb67a4a4d280166a3e9f1cabe2139cc8888522806c760b94d2885d53226b1f","sha512":"901463a8e9e14fe266de12e2dae8388074e2878a59dc265a077562ab033ca57b82c05a11d0f25b891fcfd21dba4620e7e222a953cea112f71070bf2e55a9bbdd","ssdeep":"384:UD34GVH/NkTh1LCMs/qRLDjdih+WMrU8F/2Q5RbKvvuqI00aha1r55:UDIGp/23uMs/6nhih+1/uQ7bKvGqIehW","tlshash":"6172d0434e6aace20641322e3a1b77fd28b931f93561f4dd1440daf92d497fe6911091","first_seen":"2026-01-08T09:53:39.223474Z","last_seen":"2026-01-08T09:53:39.223474Z","times_seen":1,"resource_available":false,"data":null}},"time_used":546,"timings":{"blocked":309,"dns":0,"connect":0,"send":0,"wait":237,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0124/20250124013842865.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0124/20250124013842865.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 17015\r\nlast-modified: Fri, 24 Jan 2025 05:38:42 GMT\r\naccept-ranges: bytes\r\netag: \"72ec803a226edb1:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i91594_c21609, i2475911_c28821, i1940245_c22409, i1935921_c22759\r\nx-cache: HIT from i1940245_c22409(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17015,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"ccb40fca47030dd1e5aed23c20130af7","sha1":"18b4149e0e16ccc48c14a21af77c6621ca18f38d","sha256":"29f698bd42ea3bf7753be1c48f2bf8abefa4acc14c2d1c1c9becca6b5541afd9","sha512":"271077c159c6152b5d0395d6999ef4b021c4ae205204032f3b2d5fe0ffa2704ac1df7a54311ef8dc9f95f802714a1ef1bacf1830e3cdd1667625fdcd302292f1","ssdeep":"384:LJKDkPSDIJM02DGvTZQYaEG95qFxUnaHeO91Wu4UvHXuxnX6TXwKsJdf:LJM6aAgeUnaHeOPl4U4XkJCd","tlshash":"9a72e180434d5ff527221b02fa9a465280cacad1bd7d3c5d7a25788f4c6719fc9887b7","first_seen":"2026-01-08T09:53:39.224614Z","last_seen":"2026-01-08T09:53:39.224614Z","times_seen":1,"resource_available":false,"data":null}},"time_used":394,"timings":{"blocked":282,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0331/20200331045116418.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0331/20200331045116418.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 12552\r\nlast-modified: Tue, 31 Mar 2020 08:51:16 GMT\r\naccept-ranges: bytes\r\netag: \"8044a8a397d61:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i17891_c6956, i2103129_c28197, i2315501_c28337, i1935893_c22759\r\nx-cache: HIT from i2103129_c28197(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12552,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"0ac10e9f33ee426900bd831b7c1f56aa","sha1":"158378dc2e95d9d56f9d360d9bf04aba84a24abe","sha256":"750046a8a02709d7044c663e3706718ed1b9df360d6e574c781d0e4d9a961eec","sha512":"08745f0e8f30d655ef7cda223be769df86f3d53fb7c1c0968869022cf13e221be6feed2fcb91a8eee6158d833abe8d55f720dec9fd1a8fa0047e573545afa43f","ssdeep":"384:54CvLYuGP1FF2KIAyfhhvqiCpy4GRJDNRW:OCsuGNFn1ShvPr5w","tlshash":"a142a0d09a0e45691d144959093c1d2df48cfbcef95f623b2c20f66453c639ba1e92e8","first_seen":"2026-01-08T09:53:39.225595Z","last_seen":"2026-01-08T09:53:39.225595Z","times_seen":1,"resource_available":false,"data":null}},"time_used":565,"timings":{"blocked":274,"dns":0,"connect":0,"send":0,"wait":290,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"eclick.baidu.com/se.jpg?type=tc\u0026di=u2218020\u0026t1=1890\u0026t2=2718\u0026ft=pc\u0026af=0\u0026dis=0\u0026fs=1\u0026ver=0620\u0026rdm=1767865979780","fqdn":"eclick.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"110.242.68.137","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:59.787Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /se.jpg?type=tc\u0026di=u2218020\u0026t1=1890\u0026t2=2718\u0026ft=pc\u0026af=0\u0026dis=0\u0026fs=1\u0026ver=0620\u0026rdm=1767865979780 HTTP/1.1\r\nHost: eclick.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0\r\nConnection: keep-alive\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Thu, 08 Jan 2026 09:53:01 GMT\r\nExpires: Thu, 08 Jan 2026 09:53:01 GMT\r\nLast-Modified: Mon, 28 Sep 1970 06:00:00 GMT\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-05-02T15:30:39.021409Z","times_seen":344919,"resource_available":true,"data":null}},"time_used":3136,"timings":{"blocked":1445,"dns":743,"connect":231,"send":0,"wait":242,"receive":1,"ssl":470},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-08T09:52:50.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /downinfo/302239.html HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-encoding: gzip\r\nlast-modified: Sun, 16 Nov 2025 19:05:43 GMT\r\naccept-ranges: bytes\r\netag: \"80dd8512c57dc1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 16056\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":76083,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1022), with CRLF line terminators","md5":"fa94ba88993ca2afa1f7f11e0637d578","sha1":"14f8a44fae4dee39ff49eb4c104a105cf15e6dc5","sha256":"025af45cb0806108e63515d1c64b68d5221500e0e7b06ddfefad1af8e970e940","sha512":"a7d7c120b6e7627408a8c21889949bca34347dc13b36de20bfe6d3f114d08179235c19c429ac37f1f6b807e44c16e8088e5be8161bfc83ae122434dd1f317a95","ssdeep":"384:kSr2+pBaCVLTx7QcGxyGqk5LnvKZxY5Izq9WiNBh+CA2oFlEAT7NknxWWeIJzWHj:kSr2+psC59GvqYn3BHA2oFlpuxWWWxsk","tlshash":"82733422a5c598370635c2c54636e328ec536b77d9038ad7f5fd1baf7faae918803085","first_seen":"2026-01-08T09:53:39.227734Z","last_seen":"2026-01-08T09:53:39.227734Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1976,"timings":{"blocked":835,"dns":251,"connect":284,"send":0,"wait":305,"receive":1,"ssl":296},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2018/1024/20181024015008768.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2018/1024/20181024015008768.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 16739\r\nlast-modified: Wed, 24 Oct 2018 05:50:08 GMT\r\naccept-ranges: bytes\r\netag: \"944abb6b5d6bd41:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i37624_c26321, i2103123_c28197, i2315455_c28337, i1935921_c22759\r\nx-cache: HIT from i2103123_c28197(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16739,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"9a4d52260bc21ddd9f7759c3b8831db7","sha1":"752bc2653e3afa26de3bfc4eb5894403d1841248","sha256":"287bbe0b7314a216fc4c5b26ff8f38a72637a3ed2a0d6cdf4c26c086e186f8eb","sha512":"88178480ae88a0c7d7b68c38e273472b8116b4a991cb38348a7366edd1d93f01b9278839604bbde5898436d8c6dc819ab8359a85c891de08c5df1d9e06c642f0","ssdeep":"384:Nm0lSncFJzfrdlTfQf2KUzmegkDDdwdAKLZOSIpJWOFR:NdlSkJrrnQf2yqSJOS6R","tlshash":"7072d1c5750bfc4752bb997c523f8f37b84ba051ba8389247625a09e4482fb58ca74cf","first_seen":"2026-01-08T09:53:39.228934Z","last_seen":"2026-01-08T09:53:39.228934Z","times_seen":1,"resource_available":false,"data":null}},"time_used":552,"timings":{"blocked":285,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/0615/20210615051402907.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/0615/20210615051402907.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 10102\r\nlast-modified: Tue, 15 Jun 2021 09:14:02 GMT\r\naccept-ranges: bytes\r\netag: \"fcee60c8c661d71:0\"\r\nx-frame-options: SAMEORIGIN\r\nage: 130955\r\nx-ser: i37228_c28455, i2103143_c28197, i1940237_c22409, i1935845_c22759\r\nx-cache: HIT from i1935845_c22759(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10102,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"d1e5bc35d89b81c16bec0f607de33742","sha1":"19c4d2421eb39303a7b7aeb04408b22d1e84b1ad","sha256":"8868ef793325d6324fc3c819a67f0935cdbc12f586c5d08b10e4760af42d02d4","sha512":"b9704aa50f857781ff78bf67dc0cc15d2bdd3f4fc52fc09d8cdaeda6718c73ec78e143141961aa0227a1f100590cc410e32e67f85160d916692bc1c9cae9090f","ssdeep":"192:dDiLTDJ/yBiMRNHGS8te40QHA1HcFd3GvRWDEX+dfDNR8QOBQMLfrZ:dIV/PMRNHGShTcscFd3GvUDbbNiQOBQY","tlshash":"1f22aff3ef69ab740d80546dfb8850016f7e16b07a6d2543152e6f5abbc1b3108b52f0","first_seen":"2026-01-08T09:53:39.229917Z","last_seen":"2026-01-08T09:53:39.229917Z","times_seen":1,"resource_available":false,"data":null}},"time_used":387,"timings":{"blocked":283,"dns":0,"connect":0,"send":0,"wait":103,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0929/20200929035324557.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0929/20200929035324557.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 13614\r\nlast-modified: Tue, 29 Sep 2020 07:53:24 GMT\r\naccept-ranges: bytes\r\netag: \"ac86cf9b3596d61:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i37214_c28455, i2103129_c28197, i2315539_c28337, i1935893_c22759\r\nx-cache: HIT from i2103129_c28197(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13614,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"fa6fcd1205c80d6b6a92df3267e11e48","sha1":"d686e26cbbce616d402fda18f1b2d403760fcfef","sha256":"b8c0ac15b567dd05fea54a0dfa613d444e7fe68acdb5a1973c3a35d3c60ae273","sha512":"9aecc6ee6200cdcc375f0f53408d97c96553e9dffd547cffaddb77e89c2f6cf739dc30cf96b64c731a65ef4be1e5f0276aa0e3825bdb53ad3ed3d88788f6f8ac","ssdeep":"384:S2t0Cc2PBsUHiwRKYDingddxrA6g5BINoZzX:ruCc22KisKUSusvIqX","tlshash":"2652c0e5d042b02da8798a384e6dc36b746786132ddfbc481b84cd6515f7870f399ce6","first_seen":"2026-01-08T09:53:39.230926Z","last_seen":"2026-01-08T09:53:39.230926Z","times_seen":1,"resource_available":false,"data":null}},"time_used":550,"timings":{"blocked":281,"dns":0,"connect":0,"send":0,"wait":268,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/prev.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/prev.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/mobile.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Wed, 20 May 2015 08:55:28 GMT\r\naccept-ranges: bytes\r\netag: \"080ecb7da92d01:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 1105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1105,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 41, 8-bit/color RGBA, non-interlaced","md5":"bd70c65cad0b665575711510b6278fd4","sha1":"6a80f9141872c4cd187e92e55d6af0e9c2250769","sha256":"8d0dd61dc542df4004532c2254db39200908d848f7dee9bb86f140c9f4bed534","sha512":"35e3dbb25ed526d743d357bd40305306b744686ff810805f41e69e1e135b251ac35ebd964a1c82ab93046aedf9f72673c11d79616f798522583b0feb1cf428de","ssdeep":"","tlshash":"f111160dfe207440c19df55214fe5026853608c5bef0b97bb6cbe84b4e625b684ed5db","first_seen":"2026-01-08T09:53:39.231913Z","last_seen":"2026-03-17T07:48:49.17181Z","times_seen":2,"resource_available":false,"data":null}},"time_used":483,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":483,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/next.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/next.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/mobile.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Wed, 20 May 2015 08:55:50 GMT\r\naccept-ranges: bytes\r\netag: \"06f9c5da92d01:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 1117\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1117,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 41, 8-bit/color RGBA, non-interlaced","md5":"9410b8c78ccdebf2305da091bafb80ed","sha1":"0b630a40c88718517f54ce5d012c358d86c7e857","sha256":"b9816c35df2161c5a00ffa7c272e1ac0a171fc42b41a5bde790bc4fc2b945b94","sha512":"520f25deb7df3f30148cdf44ee87946074a61087716350053a29085acd3d358a4dfe0e79116875c57416890927752fa1ea46229c5262e19ecd78070fffbcdc9f","ssdeep":"","tlshash":"6d21824dfee09850598ee4c109ea801395130a849df1f099f6cbcc062ef17ba86ae4cb","first_seen":"2026-01-08T09:53:39.232912Z","last_seen":"2026-03-17T07:48:49.133477Z","times_seen":2,"resource_available":false,"data":null}},"time_used":481,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":480,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/common.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/common.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 11 Dec 2024 11:01:49 GMT\r\naccept-ranges: bytes\r\netag: \"80c7613bc4bdb1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 2308\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7323,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"043a512d415fe741ef7ec356132d3a30","sha1":"53070533e4bc97e7e5518b98e8e767713f2b57f6","sha256":"f7c163cb0ed738bfc92db29cf8ebbae9abe3c0fa89d00abcc99e9f333d661822","sha512":"bcb2440fb588618f6335d90711204dc1ecaeacb7996b8bc37b22e546abaeffa127fc4440e75cf05c02ce0811e852c7335ee6d3b7d4c7392b771b48bfab14fe6b","ssdeep":"96:cme/3tfiXUGqELj1X/DknNxDSDKho7hBZIOhbjp4Lr7LUBzI:O3tfi5qKX/eNxOtNBZ5h6Lr7IBs","tlshash":"d8e1ce09b7bc0f9291f7238a173951c1ee2a481766558342f8f846b93fb590ca623d7b","first_seen":"2025-01-03T05:17:31.246562Z","last_seen":"2026-04-16T01:23:16.974685Z","times_seen":8,"resource_available":true,"data":null}},"time_used":561,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":561,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0518/20220518031125515.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0518/20220518031125515.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 19425\r\nlast-modified: Wed, 18 May 2022 07:11:25 GMT\r\naccept-ranges: bytes\r\netag: \"39315e7c866ad81:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i37214_c28455, i2475919_c28821, i2315467_c28337, i1935869_c22759\r\nx-cache: HIT from i2475919_c28821(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19425,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"c88c154c55aa30ae4218c95f89ec301c","sha1":"764c4c2c2df55c4d4f53f255e9dee02726fbc3c2","sha256":"4167074c32f83c9de3a801c98ceb96d24dea5547f20b05617dd42a3d101b7b51","sha512":"b4c1ff14e7cb3357f4ce289825e25017a93705235a56886779ceedd22a275e86640b813339b6ee286fe1f38d9b137e4789f0e6c85968fa90ffefb44f37637a92","ssdeep":"384:YHviaBTJ/6CtdsjSveCBZqbDDTgB11Hias7X+5GT8AGXMTqWnGiOIQyl:n4NtoKxDau11Ca2jgM+sU2l","tlshash":"9792e11d18e9e514213d82cf28266290730f39b1df0543daf324d999ceea649beedd35","first_seen":"2026-01-08T09:53:39.234917Z","last_seen":"2026-01-08T09:53:39.234917Z","times_seen":1,"resource_available":false,"data":null}},"time_used":558,"timings":{"blocked":280,"dns":0,"connect":0,"send":0,"wait":277,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/a-bg20.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/a-bg20.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/lib.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Wed, 20 May 2015 03:12:07 GMT\r\naccept-ranges: bytes\r\netag: \"805dc5c0aa92d01:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 1010\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1010,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 9 x 10, 8-bit/color RGBA, non-interlaced","md5":"e63fbbdf4d67f9bb6eeebc7941d49fab","sha1":"edd85e3725a24dc7e0d8d25b0d36ffb663a48779","sha256":"dede6589daa51465fc2d053fd9beecf808e6cbb75e44d460de81a0f68aebf98b","sha512":"78efc00596aaf63ec4c6f0ad9d6e46c7c414a23470d9b36a513f2108787d4228694730a16df0e9b5956f0ffd3e57f2ba5e2e926c4dd996f0d76843cf21b35cb7","ssdeep":"","tlshash":"3c113e4afa507801c3588cd220f690378a2308808ae0b1e6b9dfccab09644f7859d6c7","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-04-16T01:23:16.804481Z","times_seen":21,"resource_available":false,"data":null}},"time_used":473,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":473,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?77831d4595ecb5575b38027b27ca83e2","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?77831d4595ecb5575b38027b27ca83e2 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11304\r\nContent-Type: application/javascript\r\nDate: Thu, 08 Jan 2026 09:52:53 GMT\r\nEtag: 0f73e7944737eeaf062009c29eeb9a0f\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=D751647A27257E33; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":29910,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (634)","md5":"35ca27f63101b8eb683d4862e961f213","sha1":"3f94ae05d19e515d8b16ac6532dff5098f3afc65","sha256":"9145351545e0691a241fcda496a274f769b4fefdb50d40106896e214dcb51d51","sha512":"13b97066a53fd81bb22176e306780c13d191fa0c87d801e508cbb645435954826c10d2279dd5ed52ddbc19a3ac87a62493b19eb3f8f89eac069194db1f0aa252","ssdeep":"384:tjvJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:tjv4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"bcd2d9a9b282713293a324a5153f324af07b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2026-01-08T09:53:39.236844Z","last_seen":"2026-01-08T09:53:39.236844Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1650,"timings":{"blocked":786,"dns":0,"connect":0,"send":0,"wait":327,"receive":1,"ssl":536},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/pc-start2/3.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/pc-start2/3.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 02 Jun 2015 03:25:40 GMT\r\naccept-ranges: bytes\r\netag: \"012bacce39cd01:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 3494\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3494,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 70 x 40, 8-bit/color RGBA, non-interlaced","md5":"40633b8698446cfc6f7cba0ea3ac4945","sha1":"036699fe9da0d9629dbcc48e2a5408d97fb32dc1","sha256":"e3873fee38d313b50b46b06697d3bf32fd2ffbd9d3c5b7c5fb9dac40ca7135b2","sha512":"8af599d72a07eaaac039dc4b2710044c11d622032b36fb95e96f0974ba1decfcf767aecbd2911f6ab36093ef54150ea7036d0f37185c3e711ff3a82ecb48c416","ssdeep":"","tlshash":"19717f8c18508a4d004d06ae347ba7054617f785d3b95e1cddf9438fd920e103c74b2b","first_seen":"2026-01-08T09:53:39.238859Z","last_seen":"2026-01-08T09:53:39.238859Z","times_seen":1,"resource_available":false,"data":null}},"time_used":553,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":553,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2018/1221/20181221091248200.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2018/1221/20181221091248200.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 8214\r\nlast-modified: Fri, 21 Dec 2018 01:12:48 GMT\r\naccept-ranges: bytes\r\netag: \"ff6e9f49ca98d41:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i27247_c14934, i2475937_c28821, i1935955_c23471, i1935893_c22759\r\nx-cache: HIT from i2475937_c28821(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8214,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"53376c8dd2447834d15bed700b3aca9c","sha1":"710026efa2331d126fcb68205d316fbeb3be188a","sha256":"3f3b45b3629367b7d02b7fa712658578446ef74df3bf04800c6db47d3b187788","sha512":"bb0e14c1cd1d1c7a3ba12aa7764c6ad0172b881287a17e6fac149413c964b9f41f98816d516347a475a2df9b19aacae04288e787955a489e5d000bdc6ec70806","ssdeep":"192:aV7ZoI6Dn3UDcOAi4SkA5l9AsGEKgrgR0pBGhbol+/jfuPBK:cZaDwc5iHJfAsGEK8VBGNogLfuPw","tlshash":"0d02af63a468754240effb36c336d482ff9dc66cd51f9908b636e028de3a18b4318d95","first_seen":"2026-01-08T09:53:39.240634Z","last_seen":"2026-01-08T09:53:39.240634Z","times_seen":1,"resource_available":false,"data":null}},"time_used":576,"timings":{"blocked":292,"dns":0,"connect":0,"send":0,"wait":284,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/dgjs/down_common.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /dgjs/down_common.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 16 Mar 2022 01:17:13 GMT\r\naccept-ranges: bytes\r\netag: \"8072991d338d81:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 1260\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1863,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (636), with CRLF line terminators","md5":"5261265ef2e43398e2cb202ac1cf792a","sha1":"f1ae52832fe2c437c7058e01120f3b85393ed7f4","sha256":"a9319e9ec253b1e49b7db657b355e1830a2429e7ff417a78cb2eba7784958094","sha512":"5a2b066990dd0422609b96a08428d8d82c985c54a7ec9ddf2e22b99f9aace43055cd39d983aae89a4a4dc6452cb7075c22031534a7eb0992042deb3e94b3d5c4","ssdeep":"","tlshash":"b83184142da9d73704a242966b77816cb68804779992ce48b1edcd9c3fb0edce917548","first_seen":"2026-01-08T09:53:39.242373Z","last_seen":"2026-03-17T07:48:49.229877Z","times_seen":3,"resource_available":true,"data":null}},"time_used":761,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":761,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xbymb.downxing.com/js/logo/js/logo.js","fqdn":"xbymb.downxing.com","domain":"downxing.com","tld":"com"},"ip":{"addr":"119.188.9.131","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pos.baidu.com/ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1","date":"2026-01-08T09:52:57.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"xbymb.downxing.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 26 Nov 2025 00:00:00 GMT","end":"Mon, 23 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:14:67:B9:46:3A:52:F7:6E:D4:70:8D:02:6D:5A:96:2A:53:D4:68","sha256":"84:71:58:C4:13:A2:E1:E5:BE:39:19:7E:CC:1F:F7:02:FE:D0:1A:74:B4:0D:00:A8:C7:E0:79:D2:8C:16:DE:89"}}},"request":{"raw":"GET /js/logo/js/logo.js HTTP/1.1\r\nHost: xbymb.downxing.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pos.baidu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=14400\r\ncontent-encoding: gzip\r\ncontent-type: application/x-javascript\r\ndate: Thu, 08 Jan 2026 09:52:59 GMT\r\netag: W/\"67e22d05-2745\"\r\nexpires: Thu, 08 Jan 2026 13:52:59 GMT\r\nlast-modified: Tue, 25 Mar 2025 04:11:49 GMT\r\np3p: CP=\" OTI DSP COR IVA OUR IND COM \"\r\nserver: yunjiasu\r\nyjs-cachestatus: HIT\r\nyjs-id: f91149d3ee5c2bc9-112\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10053,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9949), with no line terminators","md5":"8b5e08871e305d7e5a1ca11fe3cdd24f","sha1":"799c2474dc053a40d1c2d3b230e0a012e4546b09","sha256":"81ca845c7a7ad5c9b166d37e60590125d1e76c83c2dcdb71d0fddfab1309cef0","sha512":"11b9232dd5a49ff0c43e32343455191ebab2d1bb0238430af052a36ad62b2b271385884d0a588e74d5a1434b17bc368246856f5e257881b8e2356a822018388a","ssdeep":"192:p1Q97FnMytGBE7qLtgsfoM0lOLiJTslMe3ZtIt3NgBnV7wsQ+JkCTUTUyoRys+JK:D2MwGm7qLtJjc3MZt2NgBnRlAIyoRytK","tlshash":"8e226e6f3484293e97fb41d8725b3b4e3435658dda060c54c5a1ccd9a7fac4bb371290","first_seen":"2023-11-29T11:37:30Z","last_seen":"2026-05-02T10:12:40.79422Z","times_seen":950,"resource_available":true,"data":null}},"time_used":4137,"timings":{"blocked":1933,"dns":1113,"connect":266,"send":0,"wait":268,"receive":0,"ssl":552},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0705/20200705082844143.jpg","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.520Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0705/20200705082844143.jpg HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 41738\r\nlast-modified: Sun, 05 Jul 2020 00:28:44 GMT\r\naccept-ranges: bytes\r\netag: \"06703d6352d61:0\"\r\nx-ser: i25509_c14934, i2475923_c28821, i2315497_c28337, i1935893_c22759\r\nx-cache: HIT from i2475923_c28821(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":41738,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 404x720, components 3","md5":"0f3f3bdf0442652bfdef066ec539922a","sha1":"0542505c51e4bb6a24c4a3fd8caecf8d9b9d70d1","sha256":"abe5c172360c623c69b458a66a22b93fb2b345ef6fa8f38dc9a4df2bece8aa00","sha512":"724fc88c7b8875e319eeb1760e39799029e407747a58903d257842fafcd0843d9dee3e43858130b7cd78c2df13334517a7c0949e1b8635aa4e9c7a0e340b7efe","ssdeep":"768:+pCJP1dxojdWQQkvkNTrpyEnMqaY2dBHqmBcoVsy6jaR3jqhBhWXRuF:eCJP/xXQcN3AdB1p0mk3","tlshash":"5113d017611b75c14c2cc9e47e898bd43d8cb324a36a5ede0817ffdebf856a340492a9","first_seen":"2026-01-08T09:53:39.243926Z","last_seen":"2026-01-08T09:53:39.243926Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1111,"timings":{"blocked":324,"dns":310,"connect":26,"send":0,"wait":376,"receive":11,"ssl":53},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0408/20230408104945524.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0408/20230408104945524.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 5847\r\nlast-modified: Sat, 08 Apr 2023 02:49:45 GMT\r\naccept-ranges: bytes\r\netag: \"f69ea1c6c469d91:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i33595_c26321, i2103141_c28197, i2315469_c28337, i1935845_c22759\r\nx-cache: HIT from i2103141_c28197(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5847,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"4fbb4a9b391ce47c2ee1b0f8862a8dcf","sha1":"48624bd1378c254901331162f6721acdd5a73afe","sha256":"80f88e10dbe59f8dfe1570f0d68b4a2b6f9316c5a6bc9a214fe53aeb0c4764f9","sha512":"787236ac86260234e0f4146e888ba60dccc3f49afc2ef0077c99cf49420df6ba09219b2bb69ba6b67ddad0d4550ecc745d5c067512d61c55b15e92026458ef17","ssdeep":"96:nIJ3Mhe5cLfFJqSvNAkWzXauJr4xvQn4RqfusY6Vv+cvc46wEDzA7duE3if0X4NR:nMMhw4f/OtquJr4xvQPGsY6Icvcrw6Ak","tlshash":"d0c18eba769b44729cd6c34ed22524448d72e06b3f57e7827d36c04c1ebacd09b0a323","first_seen":"2026-01-08T09:53:39.246585Z","last_seen":"2026-01-08T09:53:39.246585Z","times_seen":1,"resource_available":false,"data":null}},"time_used":548,"timings":{"blocked":304,"dns":0,"connect":0,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/1012/20251012024158690.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/1012/20251012024158690.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 14868\r\nlast-modified: Sun, 12 Oct 2025 06:41:58 GMT\r\naccept-ranges: bytes\r\netag: \"68af04e433bdc1:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i91542_c21609, i2475927_c28821, i2315675_c28337, i1935921_c22759\r\nx-cache: HIT from i2315675_c28337(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14868,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"5eaf6b63e7bc8e27e0e949d08ebe1a74","sha1":"359e919361890fb8dbc4dd4775b3f0c41a23ea77","sha256":"8410c702bbfad4fc8d39f134dce6f852b86112361a6d7c70b4779f42546ca925","sha512":"41eb141770950a25ed446e5859bea6e52ce0f9a1812dafc2122c1ddfea3404e1daa667b795397f2c5b412fdf2ffee085b51494afc3710cbf35e4d60f7b01526f","ssdeep":"384:kHyPBbYIYgCGx1YAnV2FLrYdkXoz9VpyuNaHphOim1hYOXba:kHyzqGjESkXA9VDAOf/a","tlshash":"e762c0d700aab0bcf429396edb6490f6762e691b6c9329077d784fb5e10902df548a0f","first_seen":"2026-01-08T09:53:39.247638Z","last_seen":"2026-01-08T09:53:39.247638Z","times_seen":1,"resource_available":false,"data":null}},"time_used":415,"timings":{"blocked":293,"dns":0,"connect":0,"send":0,"wait":121,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/pc-start2/4.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/pc-start2/4.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 02 Jun 2015 03:25:30 GMT\r\naccept-ranges: bytes\r\netag: \"031c4c6e39cd01:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 3494\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3494,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 70 x 40, 8-bit/color RGBA, non-interlaced","md5":"7ab9927c24f212a3b85bf55955b110b0","sha1":"f721510d91829a01880a8d8e655b5b72d35a3422","sha256":"28bd34b722c87a282e65724d3d12e0fffa6ccc3444985856e29c0c70594e4942","sha512":"0e10541fea1ecbe9c795bfae9c4428d0e31ec9f29c74bbdd7f94b72048f6524628afe89b61b49fa18b38418f7dc2617cc6dbf3e2f83d0c2b8dcd67048dbfa451","ssdeep":"","tlshash":"f3716d88c864895e12098ab9651bfc068436fa8592755c1cdeea424f8634cb13cf5be7","first_seen":"2026-01-08T09:53:39.248592Z","last_seen":"2026-01-08T09:53:39.248592Z","times_seen":1,"resource_available":false,"data":null}},"time_used":551,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":551,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/1205/20231205025825956.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/1205/20231205025825956.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 16446\r\nlast-modified: Tue, 05 Dec 2023 06:58:25 GMT\r\naccept-ranges: bytes\r\netag: \"27128c714827da1:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i33653_c26321, i2475963_c28821, i1935879_c23471, i1935949_c22759\r\nx-cache: HIT from i2475963_c28821(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16446,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"4797aef1d0ec6ddf27749fcdd4f30520","sha1":"2dc510f359487fff22a8bd23da7a9f0871a4912c","sha256":"4028ef09643b91bd739b1cc9f7d3f372af12682a5caa7ac940db2d10e683b389","sha512":"4adddb3c7640a011eb8c95f458ec338f5613cdbfe44c037a2eb4204988b1a24e5f75d2e57e4c703777ca53418a235bd7530cb026eedba77242d7dd25092c8d47","ssdeep":"384:7ajVh1/mJhhR9/9fAQ1W5wxV3ZxQfr3pMBWB1Yvo6eLjP3pLa30:mVnmXhRR9ugeSJbIpq0","tlshash":"0272c0f25636683a4f5bee482dcad2478874b4543c330a1b8e70cd1a922b7a53657c74","first_seen":"2026-01-08T09:53:39.249714Z","last_seen":"2026-01-08T09:53:39.249714Z","times_seen":1,"resource_available":false,"data":null}},"time_used":565,"timings":{"blocked":292,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0511/20230511021958216.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0511/20230511021958216.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 22038\r\nlast-modified: Thu, 11 May 2023 06:19:58 GMT\r\naccept-ranges: bytes\r\netag: \"51f439cd083d91:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i90882_c28777, i2103129_c28197, i1940269_c22409, i1935945_c22759\r\nx-cache: HIT from i2103129_c28197(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22038,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"96a717fb9ada4bc29b9fd41a9802ae20","sha1":"98d1247b12b9d11b5509aec756e159f60dfc1a44","sha256":"ebdc4649a104b55e36c2361c63bd245c44966834c9a5933e6abea0d925fe5b90","sha512":"8d1625c41ef738abb3ba029ab10888f748528e9ff54813f838f7c64fb98b25fd754a972eff0c7ea810fd81abb422c4f3bb5958a4ffcca3478933d6ad2348e214","ssdeep":"384:8VKmPyaOjJ/wK2xBROXGZLtaN1gmMX6J5eqzC6pH7p7:8omP05wKCRO0Ltab2X2pvV7","tlshash":"87a2e1698e8b6568fd93132a3ecd9a1f18f23504416c4fc9702ce024796d49f867cbb5","first_seen":"2026-01-08T09:53:39.25058Z","last_seen":"2026-01-08T09:53:39.25058Z","times_seen":1,"resource_available":false,"data":null}},"time_used":515,"timings":{"blocked":272,"dns":0,"connect":0,"send":0,"wait":242,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/css/fonts/caozha/iconfont.css","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:53.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/css/fonts/caozha/iconfont.css HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/comment_style.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 02 Apr 2022 15:13:08 GMT\r\naccept-ranges: bytes\r\netag: \"0dac428a446d81:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-length: 2353\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3475,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2517)","md5":"c11a1fb4d6824d2218d72f20e6eaf2ba","sha1":"f5b322f16ee071deaa6f55233e89bef7822a4847","sha256":"9e622e099b97f739b1700f8372e596b4a0e32a85f8f3c4641d56f1bf06250403","sha512":"ba0f06617014bd9c32d6c9f162c905d7cb8b8430b5ea4573255cc6921dca90ddc6b342fe691c100006017bf95b9a2ede01d96b3d516e6321d2f5909dbe657400","ssdeep":"","tlshash":"c3612afa6a9c1c111788184594ef2390ef18338f9e1e9c8992193c7d7cfbf00422af98","first_seen":"2024-12-08T22:42:10.905413Z","last_seen":"2026-05-02T04:43:32.882924Z","times_seen":28,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0705/20200705082844229.jpg","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0705/20200705082844229.jpg HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 33621\r\nlast-modified: Sun, 05 Jul 2020 00:28:44 GMT\r\naccept-ranges: bytes\r\netag: \"06703d6352d61:0\"\r\nx-ser: i41044_c28457, i2103143_c28197, i1940255_c22409, i1935845_c22759\r\nx-cache: HIT from i2103143_c28197(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33621,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 404x720, components 3","md5":"0a8ad08108388e44f752e52c1a945c69","sha1":"d95a7d4f2151c97e8a7a9f6a2a698c54113e5903","sha256":"c2e1a72bc2fca0e6a47a08f77e3f3f9a83187e432ee84255476d95208c993205","sha512":"818d0053d15dde987653d290721f8e29f19ece8883a35860d7b90aa1400a1d7e4e95012dd4c2a135c41f8555cdaaf070b770559f60d45a5a248a16177954eb3f","ssdeep":"768:+pkmfyrn5r04E8Vpk7jtrz4wHjBVHsIVwHntVER0:eDIVpkHtrbjBVnVA3I0","tlshash":"2ce2d0235301d7a3896ea5f31f0bce89e3452bd9842d859e26034dffa520471d2b94fd","first_seen":"2026-01-08T09:53:39.258319Z","last_seen":"2026-01-08T09:53:39.258319Z","times_seen":1,"resource_available":false,"data":null}},"time_used":977,"timings":{"blocked":323,"dns":308,"connect":26,"send":0,"wait":254,"receive":1,"ssl":52},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cpro.baidustatic.com/cpro/ui/cm.js","fqdn":"cpro.baidustatic.com","domain":"baidustatic.com","tld":"com"},"ip":{"addr":"112.82.180.38","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /cpro/ui/cm.js HTTP/1.1\r\nHost: cpro.baidustatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: JSP3/2.0.14\r\ndate: Thu, 08 Jan 2026 09:52:54 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-length: 39420\r\nexpires: Thu, 08 Jan 2026 10:17:36 GMT\r\nlast-modified: Fri, 20 Jun 2025 03:28:07 GMT\r\ncache-control: max-age=3600\r\ncontent-encoding: gzip\r\nage: 2118\r\naccept-ranges: bytes\r\nohc-global-saved-time: Thu, 08 Jan 2026 09:17:36 GMT\r\nohc-cache-hit: cz2un60 [2], czix84 [1]\r\nohc-file-size: 39420\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":117379,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65532), with no line terminators","md5":"b543dbe074718c21f7f5e7cbf1aff034","sha1":"99ef1caf9c69e99a60c2f0ee33720cb40cdf1cc8","sha256":"b6a34b928d00909e40ec7edfadd89ac0cfa1fcc5892bdf3168b60b28a5bfe1f6","sha512":"56d74637e8023b8983c240ec595528c56ed7d84f461fd4a1e16d329906a2dbfd023a8d519a68b1458a48f9cd19176df60dc099102640f0c3589c3bddd69221b7","ssdeep":"3072:GpOyaTRXqCpCOjwlfbitfD9mxf1W4OwYsRQD+fgpNCpIdlw:GpBApCO0fyfDcTQD+fgXRdlw","tlshash":"f4b3e899f6d2742546a220a4162f2609b2375548748b8480f67ee8d1fdbcf4f607bfbc","first_seen":"2025-06-30T07:43:55.721259Z","last_seen":"2026-05-02T10:12:40.790281Z","times_seen":883,"resource_available":true,"data":null}},"time_used":4941,"timings":{"blocked":2164,"dns":1552,"connect":303,"send":0,"wait":501,"receive":108,"ssl":309},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/1013/20251013025718483.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/1013/20251013025718483.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 18113\r\nlast-modified: Mon, 13 Oct 2025 06:57:18 GMT\r\naccept-ranges: bytes\r\netag: \"8782cc9de3cdc1:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i32009_c12732, i2103119_c28197, i1940237_c22409, i1935869_c22759\r\nx-cache: HIT from i2103119_c28197(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18113,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"a5e4e4ad4149c582dbd25081df674283","sha1":"12fd9bf7495617fe1215cc598c5d4ba73ff5cee1","sha256":"60923f0695b52ef740cfe5a950456ea9f5b3fcbaca608b8af23996bc9c6de028","sha512":"b44e7f31f900a3a17a3d84e6910956914e2fd95f4f91c88d23c4a9369e9c3ea1d74cb87282c91af7f5aaba98660c3d7fb469c4cf8a894f838f8cd4bf49100ca7","ssdeep":"384:tk9/PpeHilO/QXdd5gnYbvy4ONiubyj9x3sLPklQz+ogV0u2lFKt7+kby0:an5Q/On5gntXNi6yp0sgVgake0","tlshash":"f382d0abf210e5a95aea809cf0d447d89d7c53571835384fa95388d7060f8c4fb71cea","first_seen":"2026-01-08T09:53:39.260572Z","last_seen":"2026-01-08T09:53:39.260572Z","times_seen":1,"resource_available":false,"data":null}},"time_used":525,"timings":{"blocked":307,"dns":0,"connect":0,"send":0,"wait":217,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/jquery.jscrollpane.css","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.574Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/jquery.jscrollpane.css HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\nlast-modified: Mon, 22 Jun 2015 00:57:09 GMT\r\naccept-ranges: bytes\r\netag: \"80609e5d86acd01:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 783\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1554,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e6cacaaf483552358a0964b890595c68","sha1":"456e4fd883fc522722115b888652c691b5fba61e","sha256":"bcb00e8d24f69bed73ea96f06908774d9663cdb2c3af4a8416ef4b2908cdc5ed","sha512":"9acd25556e6a54c312dded8b0108620eee6958def0c4c9c605b7ed4c82bf6e76c1f49c936ec3bf7988b21883c95cb470bed56caa0236023e31aa64d6a2fbd1cb","ssdeep":"","tlshash":"ab31e055167a6884f48ff4fcde2087859a1fc2daafde4d1865497434c2181dc0863eb9","first_seen":"2026-01-08T09:53:39.267385Z","last_seen":"2026-03-17T07:48:49.170765Z","times_seen":2,"resource_available":false,"data":null}},"time_used":770,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":770,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0210/20220210024419475.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.596Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0210/20220210024419475.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 14590\r\nlast-modified: Thu, 10 Feb 2022 06:44:19 GMT\r\naccept-ranges: bytes\r\netag: \"75d05ba1491ed81:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i27261_c14934, i2103141_c28197, i1935955_c23471, i1935889_c22759\r\nx-cache: HIT from i2103141_c28197(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14590,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"738f9459575370c9927b6d4fd53af78f","sha1":"70f8d48ab1c0838aed5005fb3047e524d198bf82","sha256":"015fce02ad6232d2f3bf353f1c748ca9e0d3458d6f8a7a59697abad040271557","sha512":"4f81284f17dab3a30204b538d1448102f43bf26ff8532af0986c291aa821d02cd937c2c3e4a453aa2f2888f9a2f20c0344b9d3eb37bc0dbd06617bb5cca3c5b3","ssdeep":"384:sqtWOk5Ru98HMHOC0p9W4QtPH5c2quGGT5dinzjD1YgBi:V8rxsHOC0pg4Qzc2q+5M3Dig4","tlshash":"a362c0024aad8aa5a9cedd5b32bb49131bd1f5009c430c5edb88257cb70b85fd4e3b47","first_seen":"2026-01-08T09:53:39.268194Z","last_seen":"2026-01-08T09:53:39.268194Z","times_seen":1,"resource_available":false,"data":null}},"time_used":627,"timings":{"blocked":248,"dns":0,"connect":0,"send":0,"wait":378,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/pc-img3.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/pc-img3.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/pc.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 20 May 2015 06:20:08 GMT\r\naccept-ranges: bytes\r\netag: \"05cc54c592d01:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 2189\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2189,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 665x21, components 3","md5":"233297e1641a92e8d903a0e65efbecb7","sha1":"177de9bd4684d068a0c9a780052d7a40f9bffed1","sha256":"0bf8210bbbe0724bc8797b36f5512c793d59dfa91a78c518a41d98e98082b84d","sha512":"9e8d6455864b492ac3af512c21eb8775a108f8c5de238eaf064b5241a423552ba6136e0197cbe51f378927a4a5eaa5f5ad37c92e0bdd808c37f15f525d1d9b17","ssdeep":"","tlshash":"bf410e4bb911e73de957b63e2cf2500a5d73404cb880a55670f68c066c530f11b6a3ca","first_seen":"2026-01-08T09:53:39.270073Z","last_seen":"2026-03-17T07:48:49.142759Z","times_seen":3,"resource_available":false,"data":null}},"time_used":583,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":583,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/hd.js?v=1","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/hd.js?v=1 HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 02 Apr 2022 15:13:08 GMT\r\naccept-ranges: bytes\r\netag: \"0dac428a446d81:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 30776\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":124411,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (8722)","md5":"f2cf06d451e0939dbdccf3fc7d44eaac","sha1":"aa06e563d187de2ada523406a16bcfae80b6bcf7","sha256":"00e49ac5968efaa172d86b5f5ed20a8f90543318dc89905ee4af8f636d641d19","sha512":"295fdc60149b4e98c09081b182122cd6e2f40f6a61cd6ebc4da6b9f57e9512ce058244207cd4cae74aaebda93267b3a343f398de27d6dab2a4f73c3273c9b078","ssdeep":"1536:ckUmpuWPBo29pmPUXw8enTd2n0Qj/k8TA:empu8CUXw8enTG0QrkN","tlshash":"46c3514d6afa1565926730a40f8f62146338c41b3909cd58bd7c83d8afa5e2885feff4","first_seen":"2023-09-19T12:08:01Z","last_seen":"2026-05-02T04:43:32.704544Z","times_seen":34,"resource_available":true,"data":null}},"time_used":289,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":288,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xbymb.downxing.com/js/logo/css/logo-sm.css","fqdn":"xbymb.downxing.com","domain":"downxing.com","tld":"com"},"ip":{"addr":"119.188.9.131","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pos.baidu.com/ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1","date":"2026-01-08T09:52:57.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"xbymb.downxing.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 26 Nov 2025 00:00:00 GMT","end":"Mon, 23 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:14:67:B9:46:3A:52:F7:6E:D4:70:8D:02:6D:5A:96:2A:53:D4:68","sha256":"84:71:58:C4:13:A2:E1:E5:BE:39:19:7E:CC:1F:F7:02:FE:D0:1A:74:B4:0D:00:A8:C7:E0:79:D2:8C:16:DE:89"}}},"request":{"raw":"GET /js/logo/css/logo-sm.css HTTP/1.1\r\nHost: xbymb.downxing.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pos.baidu.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=14400\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Thu, 08 Jan 2026 09:52:59 GMT\r\netag: W/\"67e22d05-850\"\r\nexpires: Thu, 08 Jan 2026 13:52:59 GMT\r\nlast-modified: Tue, 25 Mar 2025 04:11:49 GMT\r\np3p: CP=\" OTI DSP COR IVA OUR IND COM \"\r\nserver: yunjiasu\r\nyjs-cachestatus: HIT\r\nyjs-id: f91149d3f6452bc9-112\r\ncontent-length: 783\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2128,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2128), with no line terminators","md5":"1a332d38883827c74e6ba3dddb9a19b5","sha1":"0f8407d02e55d03540f61867572f490ce2707ebd","sha256":"503aeafa6ff32a486168dec325ef89dc41f381745150e807a911009b5ea422b7","sha512":"1da8a143d51234db79776f08742b3ac57f9572678bafd454ddd0c1988915e25275a96d02ee1670101a0702d5dba0e9aa650e7d6950d30430105399a501c8f09d","ssdeep":"","tlshash":"4a41210982ac1269b2bfe215b5d277db3214a653e1335bbede15d534c2cb9693233304","first_seen":"2023-04-05T05:14:31Z","last_seen":"2026-05-02T10:12:40.807743Z","times_seen":942,"resource_available":false,"data":null}},"time_used":4121,"timings":{"blocked":1924,"dns":1114,"connect":262,"send":0,"wait":270,"receive":1,"ssl":546},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"eclick.baidu.com/se.jpg?type=baiduDomShowMonitor\u0026tuidIndex=u2218020_0\u0026ver=0620\u0026rdm=1767865984194","fqdn":"eclick.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"110.242.68.137","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:53:04.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /se.jpg?type=baiduDomShowMonitor\u0026tuidIndex=u2218020_0\u0026ver=0620\u0026rdm=1767865984194 HTTP/1.1\r\nHost: eclick.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0\r\nConnection: keep-alive\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Thu, 08 Jan 2026 09:53:04 GMT\r\nExpires: Thu, 08 Jan 2026 09:53:04 GMT\r\nLast-Modified: Mon, 28 Sep 1970 06:00:00 GMT\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-05-02T15:30:39.021409Z","times_seen":344919,"resource_available":true,"data":null}},"time_used":242,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":242,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/uaredirect.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/uaredirect.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 23 Mar 2024 05:12:49 GMT\r\naccept-ranges: bytes\r\netag: \"805e9bbfe07cda1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 666\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":974,"size_decoded":0,"mime_type":"application/javascript","magic":"C source, ASCII text, with very long lines (974), with no line terminators","md5":"a2b8d1f604c569b1e001eb520c8a853f","sha1":"a57b1a042290fa42501368ee46bd112289b2cdd9","sha256":"81cbd7692ae8a9ec6597fe5c8f64dde6ddc700524a159b7cbc52c4e0f2ad4480","sha512":"87400445979f78356d373f87ec555d8449b5ddd058a1f03b58fa66bc5927751531c063966dc77f2bfa067d0a5f00f03ea8d24f2964f54f65faca48e0d0cfbfcc","ssdeep":"","tlshash":"8d11c2c7218156621ee22c25f1bf63929977d8d71d0dd069c154d861302598fed37f48","first_seen":"2024-05-20T23:08:36Z","last_seen":"2026-03-26T10:00:03.832455Z","times_seen":20,"resource_available":true,"data":null}},"time_used":559,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":559,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0820/20220820034502266.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0820/20220820034502266.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 14688\r\nlast-modified: Sat, 20 Aug 2022 07:45:02 GMT\r\naccept-ranges: bytes\r\netag: \"4a9fc8c168b4d81:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i37214_c28455, i2103123_c28197, i1935879_c23471, i1935949_c22759\r\nx-cache: HIT from i2103123_c28197(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14688,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"6b0fa093d7b2e6fee874dc68fd183bb4","sha1":"434453429c8ee23696bbb24679deb1986bced3f5","sha256":"8350334ed344fcd464d9b7f2df891023e021554d944d507391dda618a43e3123","sha512":"c459caabe441959901acfdafb454f48670fbd02f255a9c89d4744e8e1da7d885d3224d8f0e520546f259874fb5a811374f830f823b0abd6277ffd347e6dff859","ssdeep":"192:fq2HhC35V3Z4Ctd5HMFPWfmg6EeM/qXxJWCscvMUnXXAmLoIxFQB29q22d5N6:SyKzvMEH8WvFUXXNkIvUd6","tlshash":"7d62d0caca57dae603dbf073633a342bd0f55aa53495602fada6411ba4a7c20492139d","first_seen":"2026-01-08T09:53:39.275029Z","last_seen":"2026-01-08T09:53:39.275029Z","times_seen":1,"resource_available":false,"data":null}},"time_used":622,"timings":{"blocked":276,"dns":0,"connect":0,"send":0,"wait":346,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/favicon.ico","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:54.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: Hm_lvt_7df4e92a4f5f9f13779b08e96680a342=1767865974; Hm_lpvt_7df4e92a4f5f9f13779b08e96680a342=1767865974; HMACCOUNT=597497A30564D2A0; vspublic=b8cbe840ab46007e7e6427e01c0b4849; Hm_lvt_00526ff88a0f942f7aba7a59e0e7b53b=1767865974; Hm_lpvt_00526ff88a0f942f7aba7a59e0e7b53b=1767865974\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/x-icon\r\nlast-modified: Thu, 28 May 2015 08:35:17 GMT\r\naccept-ranges: bytes\r\netag: \"80906a392199d01:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:53 GMT\r\ncontent-length: 4286\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"564f0e8421867388f429e97f724b849d","sha1":"348d72379b174ebb006e1d41933677ca33400437","sha256":"90872c151e71ec8d1752b4439e8597b27c2bc5e7df08336ac230708346392f25","sha512":"feee000e2952549d0c9428ac0563d57adef5e210d0aaaa2da8a2783e235cf24494d7cd0d2f3173ab6cd6a921aec7f6edf38c6b62edca8c7c15c1a4d3d50370e1","ssdeep":"24:suSKtd/K6K4MZ6B6HWkzr8gelQ2XaqcG83DL/C5UjBInR:MKtd/TKr6B62kzrf9WaqX+7C5UiR","tlshash":"d191b801e2e9cda8cbbdfe30c5cfcb0b470d86355a4cd343c1ea88252a498a0a93d0f1","first_seen":"2024-05-20T23:08:36Z","last_seen":"2026-04-16T01:23:16.805578Z","times_seen":24,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=597497A30564D2A0\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1405699896\u0026si=77831d4595ecb5575b38027b27ca83e2\u0026v=1.3.2\u0026lv=1\u0026sn=59349\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026tt=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:53.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=597497A30564D2A0\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1405699896\u0026si=77831d4595ecb5575b38027b27ca83e2\u0026v=1.3.2\u0026lv=1\u0026sn=59349\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026tt=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Thu, 08 Jan 2026 09:52:53 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=5464800254D6B53E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-05-02T15:30:39.021409Z","times_seen":344919,"resource_available":true,"data":null}},"time_used":316,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":316,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wn.pos.baidu.com/adx.php?c=d25pZD1mMmJiNzc4NGVjNTE0NmU4AHM9ZjJiYjc3ODRlYzUxNDZlOAB0PTE3Njc4NjU5NzcAc2U9MQBidT00AHByaWNlPWFWOS1lUUFDODZKN2pFcGdXNUlBOHQ4UUtnbGVfRjM4S0Vta0pBAGNoYXJnZV9wcmljZT0yAHNoYXJpbmdfcHJpY2U9MjAwMAB3aW5fZHNwPTQAY2htZD0xAGJkaWQ9AGNwcm9pZD0Ad2Q9MjUxMjUxMjkwNQB0dT11MjIxODAyMABhZGNsYXNzPTAAc3JjdD0wAHBvcz0wAGxvYz01AGVpZD0wAGNiaWQ9YVY5LWVRQUM4Nko3akVwZ1c1SUE4dDhRS2dsZV9GMzhLRW1rSkEAZXhwaWQ9MABleHBpZF92Mj0wAGFkY3BtX3JhdGlvPTEuMDAwMDAwAHBkX21pbmNwbT0wAHNzPQB1aWQ9MABkZXZpPWE5OWJhOTc1MzJmOTBlNGI3MWM2YTFiNTZjZDc0NDA4OWRlYTllNDNmZWJiMDQwYjA1MDNiYTk0MjZkODk2MGUAbWVkZz0AZGFfdHlwZT0yAGJpZF90eXBlPTAAbWNsdj0wAHJjbD0wAGFjYl90aHI9MAB0X2VjcG09MABwdl90eXBlPTMAYWRfc3JjPTEAbHVfb3JpX2NwbT0wAHVuaW9uX2NwbT0wAHRzX21zPTE3Njc4NjU5NzcwMDAAaXA9OTEuOTAuNDIuMTU0AGN1aWQ9AHBsYWNlaWQ9MTUzMjY5MDAwNzczOABxdWlja2FwcF90Y3RyPTAAcGtnPQBiY2htZD0wAHRtPTExNjU4MTkAdHJhbnNfdHlwZT0wAHY9MQBpPTA3OGM1NzA1","fqdn":"wn.pos.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"182.61.200.11","port":443,"asn":38365,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pos.baidu.com/ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1","date":"2026-01-08T09:52:57.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /adx.php?c=d25pZD1mMmJiNzc4NGVjNTE0NmU4AHM9ZjJiYjc3ODRlYzUxNDZlOAB0PTE3Njc4NjU5NzcAc2U9MQBidT00AHByaWNlPWFWOS1lUUFDODZKN2pFcGdXNUlBOHQ4UUtnbGVfRjM4S0Vta0pBAGNoYXJnZV9wcmljZT0yAHNoYXJpbmdfcHJpY2U9MjAwMAB3aW5fZHNwPTQAY2htZD0xAGJkaWQ9AGNwcm9pZD0Ad2Q9MjUxMjUxMjkwNQB0dT11MjIxODAyMABhZGNsYXNzPTAAc3JjdD0wAHBvcz0wAGxvYz01AGVpZD0wAGNiaWQ9YVY5LWVRQUM4Nko3akVwZ1c1SUE4dDhRS2dsZV9GMzhLRW1rSkEAZXhwaWQ9MABleHBpZF92Mj0wAGFkY3BtX3JhdGlvPTEuMDAwMDAwAHBkX21pbmNwbT0wAHNzPQB1aWQ9MABkZXZpPWE5OWJhOTc1MzJmOTBlNGI3MWM2YTFiNTZjZDc0NDA4OWRlYTllNDNmZWJiMDQwYjA1MDNiYTk0MjZkODk2MGUAbWVkZz0AZGFfdHlwZT0yAGJpZF90eXBlPTAAbWNsdj0wAHJjbD0wAGFjYl90aHI9MAB0X2VjcG09MABwdl90eXBlPTMAYWRfc3JjPTEAbHVfb3JpX2NwbT0wAHVuaW9uX2NwbT0wAHRzX21zPTE3Njc4NjU5NzcwMDAAaXA9OTEuOTAuNDIuMTU0AGN1aWQ9AHBsYWNlaWQ9MTUzMjY5MDAwNzczOABxdWlja2FwcF90Y3RyPTAAcGtnPQBiY2htZD0wAHRtPTExNjU4MTkAdHJhbnNfdHlwZT0wAHY9MQBpPTA3OGM1NzA1 HTTP/1.1\r\nHost: wn.pos.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pos.baidu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nConnection: keep-alive\r\nContent-Length: 49\r\nContent-Type: image/gif\r\nDate: Thu, 08 Jan 2026 09:52:59 GMT\r\nExpires: Mon, 26 Jul 1997 05:00:00 GMT\r\nP3p: CP=\" OTI DSP COR IVA OUR IND COM \"\r\nServer: nginx\r\nSet-Cookie: BAIDUID=2FFC343525FCF0CF3AB09AC3E6C5C3F6:FG=1; expires=Fri, 08-Jan-27 09:52:59 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ed280a0ea3cc38f3cbbc747acfbef47d","sha1":"6bdcb32ee75e957a5085c010f4dfd0c716bfdadc","sha256":"8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5","sha512":"4248e293bb759c3ac0ea71f545e10e85d0c3c7f1237ce8b18c6a3fd00499a11bdc0252c938be87359fa673c8e7a83c7cc6fc5d12718a68844c2615e5dca3527b","ssdeep":"","tlshash":"78900247b580c001c551c0301c0493541290a9604905134f6498336d9d761a10811404","first_seen":"2023-04-05T11:17:29Z","last_seen":"2026-05-02T15:18:32.677742Z","times_seen":3535,"resource_available":true,"data":null}},"time_used":4692,"timings":{"blocked":2190,"dns":700,"connect":249,"send":0,"wait":311,"receive":0,"ssl":504},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wn.pos.baidu.com/s.php?c=d25pZD1mMmJiNzc4NGVjNTE0NmU4AHdpbl9kc3A9NAB0dT11MjIxODAyMABzPWU0Nzg1NDUzZTAxOGYxOWMAdD0xNzY3ODY1OTc5AG9iPTEuMAB3b3JkPWh0dHBzJTNBJTJGJTJGd3d3LmRvd254aWEuY29tJTJGZG93bmluZm8lMkYzMDIyMzkuaHRtbABmdD0xAGlmPTAAYXc9MzAwAGFoPTI1MAB1aWQ9dTIyMTgwMjBfMAB0eXBlPXNob3c=\u0026ver=0620\u0026rdm=1767865979782","fqdn":"wn.pos.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"182.61.200.11","port":443,"asn":38365,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:59.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /s.php?c=d25pZD1mMmJiNzc4NGVjNTE0NmU4AHdpbl9kc3A9NAB0dT11MjIxODAyMABzPWU0Nzg1NDUzZTAxOGYxOWMAdD0xNzY3ODY1OTc5AG9iPTEuMAB3b3JkPWh0dHBzJTNBJTJGJTJGd3d3LmRvd254aWEuY29tJTJGZG93bmluZm8lMkYzMDIyMzkuaHRtbABmdD0xAGlmPTAAYXc9MzAwAGFoPTI1MAB1aWQ9dTIyMTgwMjBfMAB0eXBlPXNob3c=\u0026ver=0620\u0026rdm=1767865979782 HTTP/1.1\r\nHost: wn.pos.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nConnection: keep-alive\r\nContent-Length: 49\r\nContent-Type: image/gif\r\nDate: Thu, 08 Jan 2026 09:53:00 GMT\r\nExpires: Mon, 26 Jul 1997 05:00:00 GMT\r\nP3p: CP=\" OTI DSP COR IVA OUR IND COM \"\r\nServer: nginx\r\nSet-Cookie: BAIDUID=E1B04AAB30BC09CD1BE11DFAE5A70983:FG=1; expires=Fri, 08-Jan-27 09:53:00 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ed280a0ea3cc38f3cbbc747acfbef47d","sha1":"6bdcb32ee75e957a5085c010f4dfd0c716bfdadc","sha256":"8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5","sha512":"4248e293bb759c3ac0ea71f545e10e85d0c3c7f1237ce8b18c6a3fd00499a11bdc0252c938be87359fa673c8e7a83c7cc6fc5d12718a68844c2615e5dca3527b","ssdeep":"","tlshash":"78900247b580c001c551c0301c0493541290a9604905134f6498336d9d761a10811404","first_seen":"2023-04-05T11:17:29Z","last_seen":"2026-05-02T15:18:32.677742Z","times_seen":3535,"resource_available":true,"data":null}},"time_used":512,"timings":{"blocked":198,"dns":0,"connect":0,"send":0,"wait":314,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/stars.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/stars.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 15 May 2015 07:58:53 GMT\r\naccept-ranges: bytes\r\netag: \"80dc47fce48ed01:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 2001\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2001,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 87 x 16, 8-bit/color RGBA, non-interlaced","md5":"4dc95e941067f434dceae80a4790f496","sha1":"1c5a38d455ce0f47f18b107c80396174171fce77","sha256":"dab99667c49c9292c579906d44795c17942c8a6ae8a426502dbc5c02ff294035","sha512":"39232cf619357d15b53ab7de928ed367623345f38c9e499e0fd5342400434b653316bbee48b7f5cdcfbeec2df31d8294808cadea577b03a90f72f39f47dc6271","ssdeep":"","tlshash":"d241c685d9911d20530ca983b8e3803e7e63c1c20dd2fe55ba9fcdb768604b9790e1c7","first_seen":"2026-01-08T09:53:39.280166Z","last_seen":"2026-03-17T07:48:49.23401Z","times_seen":2,"resource_available":false,"data":null}},"time_used":556,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":556,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2024/0402/20240402092125982.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2024/0402/20240402092125982.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 8231\r\nlast-modified: Tue, 02 Apr 2024 01:21:25 GMT\r\naccept-ranges: bytes\r\netag: \"3db3ca149c84da1:0\"\r\nx-frame-options: SAMEORIGIN\r\nage: 74438\r\nx-ser: i31243_c6956, i2475941_c28821, i1935885_c23471, i1935921_c22759\r\nx-cache: HIT from i1935921_c22759(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8231,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"2379f3f4dc9bf165b9f5bfe4438ba431","sha1":"41deb3fcbad92f449af366b8e94fe34554ef9d78","sha256":"7c0a3e546180f9555491ed04d9d0f2626b80a2b72885a73530d85d373ee54ec0","sha512":"810f66d818b7d57929c0a45ff2d6f38f5d2d0c40fffb7afdd5cbe98fccf8f6c560cf6babd94761cbab4b0fecec912ac32c327819038305c865dc06ea033d4d54","ssdeep":"192:t6buoqq7ije+Woo4XxJbf4q35vsf4aNFfDNISZ54DkIR4SaStpil:t6mqmjiAzrLdSfZzOoSHU","tlshash":"5e02af577b76a3e0044a1820005a34b495cc41ef3a98ea855f7ac981dcdfdebb6d3bd8","first_seen":"2026-01-08T09:53:39.281213Z","last_seen":"2026-01-08T09:53:39.281213Z","times_seen":1,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":306,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0830/20220830093504455.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0830/20220830093504455.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 5336\r\nlast-modified: Tue, 30 Aug 2022 01:35:04 GMT\r\naccept-ranges: bytes\r\netag: \"cef9a9ba10bcd81:0\"\r\nx-frame-options: SAMEORIGIN\r\nage: 174384\r\nx-ser: i33657_c26321, i2103141_c28197, i2315747_c28337, i1935839_c22759\r\nx-cache: HIT from i1935839_c22759(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5336,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"93a7d09c33b9ea9e3e4061e9953b73e6","sha1":"1e7b28220abb5d29de53ed6696f77c51e6d49d98","sha256":"452c0c7d3a25384a58d56fb1d2cd89bb1b703d7eca3a698c84d5bbb041ee0b14","sha512":"2c6fbe733160121e42fcd5de8b2f6daac537ae8cc9480a2a52268146797bcdf6672419f3bc6c80f28d2936116431e3bb25765b03fdac0bfb2eac4fe2f9e0aad0","ssdeep":"96:jrWRLjshCDRmVerrQ0N+s13PkG8THFPVn9A35s9cI79kjZleC77n137E9DOJrDI0:Od8DVerrQfs1cTp99A35saI5y1/137sE","tlshash":"11b16ce61fe315f6186e44c927f44e9aa8c39f3b51dd9fb954910cbaf22ac614902870","first_seen":"2026-01-08T09:53:39.282282Z","last_seen":"2026-01-08T09:53:39.282282Z","times_seen":1,"resource_available":false,"data":null}},"time_used":378,"timings":{"blocked":279,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/rank-abg.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/rank-abg.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/lib.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 20 May 2015 05:00:02 GMT\r\naccept-ranges: bytes\r\netag: \"0f52bd4b992d01:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 1387\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1387,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 31x5, components 3","md5":"d59854b2227631c03f706d5f9190903f","sha1":"1d06852590b891f50c702c8f4d2740070cc0fc40","sha256":"ee54e03deb7893cb22a4c725a3f9207a75a7cc34bd05ffb55dc99ed72a71cec3","sha512":"d9c158fe4b94d3c73562ae4c77ea5a69de90bae128cb10b571ca4cb1acaaf004cafe52344186dfea9a4ccd42407d718a8e70346a1e42b771dd275e9e2f8d1470","ssdeep":"","tlshash":"7a216509f8132440d468e8b218f2612f95743bc4d9c3d82678e5cc15dd322b30b591df","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-21T21:38:54.167321Z","times_seen":20,"resource_available":false,"data":null}},"time_used":477,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":477,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/css/style2.css","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/css/style2.css HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\nlast-modified: Mon, 16 Dec 2024 03:19:06 GMT\r\naccept-ranges: bytes\r\netag: \"0317d43694fdb1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 2992\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10061,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"baffa067f74c37096355488362be8c74","sha1":"0df06b0689c393b2cf75652e024090d0e3d9d64d","sha256":"52dea82ac0432ba6e7fc2d2815ea232f47157b0b5964b393f6ea1acd4fedf0f8","sha512":"1726943eedcd9185a6f44e1f592fae7e2b32d9c68ffae538b2bb4b1ece66da4b433736ac82b1a3cd7e33f78ca005ef5b45271096023ab2ef09581cca4228cef6","ssdeep":"192:2Qsjac0MP0r5lqY4MGqrtF7+AtO5f/a4e:2Qsjac0MP0rfqY4VKnrtO5f/a4e","tlshash":"c32242566153346ea2ae4227f5bfa1bf7e1f902bbb2b81c575353e389acb4d70130184","first_seen":"2025-01-03T05:17:31.239254Z","last_seen":"2026-01-08T09:53:39.28444Z","times_seen":5,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/jquery.SuperSlide.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/jquery.SuperSlide.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Sun, 16 Jun 2013 02:52:36 GMT\r\naccept-ranges: bytes\r\netag: \"0b2668e3c6ace1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 3621\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11334,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10922), with CRLF line terminators","md5":"7ea11fbb848cdb739af15e147a37c765","sha1":"69fd9147cb1bf62e87f9d691f465bc7b2b317cd6","sha256":"b83518398431f34d291551fc041d1a628d46a21e9cfdcde946911e03b8332148","sha512":"e8f0c9e5d6c9c66eb058bc2243bc2e0dca62644fe5fd1df8fe9651d3978d177209915501d364ce6f09d6a9f84a3506a5a786908e2cfe65bd2619064a99901c05","ssdeep":"192:YZK3bYHfc2gahQVoViSItpluMCuXGV+1tT1l50FH5oYyskaHwmIuTNSaXHZe2HNE:YcYc2gdWhMZWClnHhlwyT1Xh3","tlshash":"c232d65fb5b675ce4597b3f0107f940d222b5569fc8a8ca0b07082c4aeb9918243bfec","first_seen":"2023-04-07T05:01:53Z","last_seen":"2026-05-02T02:17:22.789865Z","times_seen":267,"resource_available":true,"data":null}},"time_used":560,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":560,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0904/20250904104538416.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.529Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0904/20250904104538416.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 6251\r\nlast-modified: Thu, 04 Sep 2025 02:45:38 GMT\r\naccept-ranges: bytes\r\netag: \"244cfdfe451ddc1:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i27265_c14934, i2475919_c28821, i2315749_c28337, i1935893_c22759\r\nx-cache: HIT from i2475919_c28821(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6251,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"a88f661f2398376c6888c9c88f4335b5","sha1":"3e3a2aa295a37a7b82c6af5099b56395a9a53229","sha256":"32c9f82883ce128bebcd2436509c77fede013c51c7c65d1fdeffa6561b1e2df3","sha512":"8fc29b9ab661de67497e6ee0ae8e33997e1397ca2627956444ed3e46f2790a2fd3113f3bd9371d1856a4c8674b2dc3e632978d724a16822d1e1c286f5ebc0084","ssdeep":"192:mSfxvH85hMHNO1K5F/j0LR6FiLf985goIteoJWHE3J:ldcL1K5Od6FJ5goILgE3J","tlshash":"15d17e72d5c171b480fe583ae12eef0bb40b592a36b1688d39c55379139832068fecc9","first_seen":"2026-01-08T09:53:39.286984Z","last_seen":"2026-01-08T09:53:39.286984Z","times_seen":1,"resource_available":false,"data":null}},"time_used":610,"timings":{"blocked":305,"dns":0,"connect":0,"send":0,"wait":305,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/ckxz.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/ckxz.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/mobile.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Wed, 22 Jun 2016 06:55:28 GMT\r\naccept-ranges: bytes\r\netag: \"0f035f53ccd11:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 1000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1000,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 12 x 15, 8-bit/color RGBA, non-interlaced","md5":"11eaf0a6dc3ec3c4620a7e57142efa3d","sha1":"50225e432d47b13ec7990d9182cc218e31350792","sha256":"b11068b7e648d1465ca8e7ec102c56d86e79607ea3656932aad91d6cd98a7d2a","sha512":"8bc8aaeb4c84c81469caa68346f88cd2111081ba39c125df50fb22b194ee5192aa8e51c451a258167559f0c17a136dd583f3316aefc61534910a6e4d2647a591","ssdeep":"","tlshash":"f611944ce8126c40c7dcd98664e25217d4760890dde0f8aabf8fc80b59772f509396db","first_seen":"2026-01-08T09:53:39.290665Z","last_seen":"2026-03-17T07:48:49.209263Z","times_seen":2,"resource_available":false,"data":null}},"time_used":588,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":588,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/stars/5.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:53.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/stars/5.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: Hm_lvt_7df4e92a4f5f9f13779b08e96680a342=1767865974; Hm_lpvt_7df4e92a4f5f9f13779b08e96680a342=1767865974; HMACCOUNT=597497A30564D2A0; vspublic=b8cbe840ab46007e7e6427e01c0b4849; Hm_lvt_00526ff88a0f942f7aba7a59e0e7b53b=1767865974; Hm_lpvt_00526ff88a0f942f7aba7a59e0e7b53b=1767865974\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 02 Jun 2015 03:39:40 GMT\r\naccept-ranges: bytes\r\netag: \"0e667c1e59cd01:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:53 GMT\r\ncontent-length: 3906\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3906,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 87 x 16, 8-bit/color RGBA, non-interlaced","md5":"32452e43253f680aed8da5fa136d2b7b","sha1":"63be515b59027e2e22500c4492a2d16d1d5faa55","sha256":"bf0b3c53918df9d4c3ad9fb65b2c70edec1db90bbe3820aa940b7ea0a727a8e3","sha512":"daff3a7c044352391cb1a2df852a656b8f74658c41190f3ce88660ba45de23345e856ae20de193e0845874bd9deaeb6af8381bab88aefc54f8547ed952b1b822","ssdeep":"","tlshash":"8b819f891a58040f144e0b4428afea058639fee8a38d1e0c7ddd924fcb31e517931f0b","first_seen":"2026-01-08T09:53:39.293133Z","last_seen":"2026-03-17T07:48:49.087054Z","times_seen":2,"resource_available":false,"data":null}},"time_used":288,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":288,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0705/20200705082705113.jpg","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.512Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0705/20200705082705113.jpg HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 32237\r\nlast-modified: Sun, 05 Jul 2020 00:27:05 GMT\r\naccept-ranges: bytes\r\netag: \"80d26d26352d61:0\"\r\nx-ser: i91260_c28781, i2475911_c28821, i1940277_c22409, i1935949_c22759\r\nx-cache: HIT from i2475911_c28821(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32237,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.00, resolution (DPI), density 96x96, segment length 16, comment: \"LEAD Technologies Inc. V1.01\", baseline, precision 8, 281x500, components 3","md5":"8ebaf4e827f5157d8f42bb6c520377e8","sha1":"9c6e8619c08209ca6090b7f9ecc3fffd302d601c","sha256":"830ea69a6fa49c1ece1ff54a51c0f92f31c80773d61a9fecd38ae6b0dc705c8f","sha512":"ce5a1827ce554800644d511a0918ac3af1dbae4f5980a76857867ae2c01b6dd630f41abeb2a9c069c04c94c1954aea3f9c4e9d89c3d6a43a49e65c3f7c40c773","ssdeep":"768:A+BO0IaZLEMOk73qqq9yv6Rx85PedIwdrS6YEuP/zlPSY/Fyj:vBO0IaxEMOk7DSRx85W26YEuXUYgj","tlshash":"10e2e0a46687c9eccf8b9c3c872cfc83866dcec20b5a24e215691c0ab25ddf4c54e16c","first_seen":"2026-01-08T09:53:39.294246Z","last_seen":"2026-01-08T09:53:39.294246Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1009,"timings":{"blocked":332,"dns":315,"connect":26,"send":0,"wait":272,"receive":1,"ssl":55},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/1021/20251021021126608.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/1021/20251021021126608.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 8231\r\nlast-modified: Tue, 21 Oct 2025 06:11:26 GMT\r\naccept-ranges: bytes\r\netag: \"0bb40885142dc1:0\"\r\nx-ser: i27249_c14934, i2475937_c28821, i2315747_c28337, i1935869_c22759\r\nx-cache: HIT from i2315747_c28337(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8231,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"2379f3f4dc9bf165b9f5bfe4438ba431","sha1":"41deb3fcbad92f449af366b8e94fe34554ef9d78","sha256":"7c0a3e546180f9555491ed04d9d0f2626b80a2b72885a73530d85d373ee54ec0","sha512":"810f66d818b7d57929c0a45ff2d6f38f5d2d0c40fffb7afdd5cbe98fccf8f6c560cf6babd94761cbab4b0fecec912ac32c327819038305c865dc06ea033d4d54","ssdeep":"192:t6buoqq7ije+Woo4XxJbf4q35vsf4aNFfDNISZ54DkIR4SaStpil:t6mqmjiAzrLdSfZzOoSHU","tlshash":"5e02af577b76a3e0044a1820005a34b495cc41ef3a98ea855f7ac981dcdfdebb6d3bd8","first_seen":"2026-01-08T09:53:39.281213Z","last_seen":"2026-01-08T09:53:39.281213Z","times_seen":1,"resource_available":false,"data":null}},"time_used":420,"timings":{"blocked":307,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2019/0924/20190924025425817.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2019/0924/20190924025425817.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 7834\r\nlast-modified: Tue, 24 Sep 2019 06:54:25 GMT\r\naccept-ranges: bytes\r\netag: \"efbc3de7a472d51:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i27267_c14934, i2103121_c28197, i1940245_c22409, i1935949_c22759\r\nx-cache: HIT from i1940245_c22409(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7834,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8fd7e13ee585e36267e7d96adf56f087","sha1":"75d956dcedf6a7f01607038adcf29a1e90bb15dc","sha256":"090c8cb7513b6df92a5f67b9e30d97879a0f98b5ffaea7801de97feccd716b01","sha512":"29fbbe3eee7bc6e4a6df9ac59c3a21099fc5f09294813ab8bfa208aef7a7da1d649bbd12ddd1194afd6f58a7b9d61fc67923cb532189feea7380a445006ca95f","ssdeep":"192:fgf5XQmiqoiLOldwgCU2Grd/HbzcjFvzkjzUj2E9:Yem/LGd3CQZ/2vtjR","tlshash":"6ef1bf3222a71e730c212e6e6f2e0c1d55614e78fbddc1ccc6b98474cb187da8b182a7","first_seen":"2026-01-08T09:53:39.295477Z","last_seen":"2026-01-08T09:53:39.295477Z","times_seen":1,"resource_available":false,"data":null}},"time_used":400,"timings":{"blocked":288,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/kxia.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/kxia.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/mobile.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Wed, 22 Jun 2016 06:55:31 GMT\r\naccept-ranges: bytes\r\netag: \"80b3ff1053ccd11:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 1035\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1035,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 13 x 15, 8-bit/color RGBA, non-interlaced","md5":"b59a91bfdbb658d940531ffb852383f0","sha1":"1dbde2a8c03fdeb914c65eda98a40be7cce9afda","sha256":"18bf88ec16543b7f789bac83e5fc96b37908a6f6905cfa39aeffb9e52aca53a1","sha512":"5f4bb3b0f3e13476811ee817932b16a2165bc44429d0d2dbf30a2fe636a048f2a2920a1d08052874122f8660efdfc8588cf5210aaa945dc182de505597d5425f","ssdeep":"","tlshash":"5711324dfa342401b5e990e128fb422f8b734a00a5d8f567698bec1649311b2491a9cb","first_seen":"2026-01-08T09:53:39.297026Z","last_seen":"2026-03-17T07:48:49.126812Z","times_seen":2,"resource_available":false,"data":null}},"time_used":586,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":586,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=597497A30564D2A0\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=2146201220\u0026si=00526ff88a0f942f7aba7a59e0e7b53b\u0026v=1.3.2\u0026lv=1\u0026sn=59349\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026tt=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:53.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=597497A30564D2A0\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=2146201220\u0026si=00526ff88a0f942f7aba7a59e0e7b53b\u0026v=1.3.2\u0026lv=1\u0026sn=59349\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026tt=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Thu, 08 Jan 2026 09:52:53 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=4DDED7574230988D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-05-02T15:30:39.021409Z","times_seen":344919,"resource_available":true,"data":null}},"time_used":306,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":306,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lupic.cdn.bcebos.com/2025071014/3099893583_14.jpeg","fqdn":"lupic.cdn.bcebos.com","domain":"bcebos.com","tld":"com"},"ip":{"addr":"171.109.97.35","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pos.baidu.com/ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1","date":"2026-01-08T09:52:59.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.a.bdydns.com","organization":"北京百度网讯科技有限公司"},"issuer":{"commonName":"sslTrus (RSA) OV CA","organization":"sslTrus"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B0:A6:2D:34:BD:DD:55:41:21:71:78:8B:43:8A:7A:51:22:5C:31:C9","sha256":"10:61:DB:D4:46:80:6A:CD:63:18:ED:40:2F:F0:02:9E:CD:37:4C:88:54:E6:A9:CF:03:50:63:B3:B1:23:63:11"}}},"request":{"raw":"GET /2025071014/3099893583_14.jpeg HTTP/1.1\r\nHost: lupic.cdn.bcebos.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pos.baidu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 09:53:02 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 79923\r\nexpires: Thu, 08 Jan 2026 11:58:02 GMT\r\nlast-modified: Sat, 12 Jul 2025 03:43:42 GMT\r\netag: \"904dedc762a4e3f7f672a7f6e7e3841e\"\r\nage: 251405\r\naccept-ranges: bytes\r\ncontent-md5: kE3tx2Kk4/f2cqf25+OEHg==\r\nx-bce-content-crc32: 1774555401\r\nx-bce-debug-id: QoMo94VThgO31CZPdkrukTt5iKQJfAvYuHsLF0cmupu9t1pLeAUJuv+hUxY9tQp1zF8iF4+cW/7YG42VHehd3A==\r\nx-bce-flow-control-type: -1\r\nx-bce-is-transition: false\r\nx-bce-request-id: b00ba533-5e00-4948-a059-1593eb86410a\r\nx-bce-storage-class: STANDARD\r\nohc-global-saved-time: Mon, 05 Jan 2026 11:58:02 GMT\r\nohc-cache-hit: nn9ct56 [2], czix115 [4]\r\nohc-file-size: 79923\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":79923,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x728, components 3","md5":"904dedc762a4e3f7f672a7f6e7e3841e","sha1":"9ec31744d3c62f2611920f6293b43d1c62c6ae6d","sha256":"062d8413488cb9b903b4099090ce73c2ceb6599e52e5250f4d7c4a7c71ba68f2","sha512":"548d795c105f63d0e4a7124faecde4f6bb4e70e00855bbed37b91a9e01db03e0ac325ea20654faafa6b3c1debdac1f5b5f8298163bdb107be7cfd70ad6ef4442","ssdeep":"1536:gRNf8C71b0KvtGlKHpleXoZA1+F/KJSgyTzFYo+uKD4b3Q6wPzKh7U:yU6bPtwKHqXJSgSzufuKD4b3QNrKh4","tlshash":"4173e12fcc169e87d66597feb5435ce8ad226b08f89135e6c126de9b3850a348c4e07c","first_seen":"2026-01-08T09:53:39.299333Z","last_seen":"2026-01-08T09:53:39.299333Z","times_seen":1,"resource_available":false,"data":null}},"time_used":6963,"timings":{"blocked":2991,"dns":1740,"connect":530,"send":0,"wait":826,"receive":151,"ssl":722},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/pc-start2/5.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.515Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/pc-start2/5.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Tue, 02 Jun 2015 03:25:06 GMT\r\naccept-ranges: bytes\r\netag: \"01576b8e39cd01:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 3503\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3503,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 70 x 40, 8-bit/color RGBA, non-interlaced","md5":"3c0a2459382784a074c76f012a223ce3","sha1":"2b4a5156460b3684c079b841e6a4b9916583c1b3","sha256":"da968a7283364aca37b542174ea17eb0b621a9a8ff59142f3ba513609c01264e","sha512":"1d4044405ec226321264106e3b0bdee5ae9324fb1e96ab0c087ae7fec4187e91568817af1b70b93531d2f6f63129d8dfbade02d5dd533c2ad9123840f71600cd","ssdeep":"","tlshash":"de717e855850462d440e46ba252b9f05463ad7d0c2a77e1ce9fec24fc714c203df4b99","first_seen":"2026-01-08T09:53:39.303918Z","last_seen":"2026-01-08T09:53:39.303918Z","times_seen":1,"resource_available":false,"data":null}},"time_used":553,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":553,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/0805/20250805015519441.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/0805/20250805015519441.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 29138\r\nlast-modified: Tue, 05 Aug 2025 05:55:19 GMT\r\naccept-ranges: bytes\r\netag: \"1cf9486cd5dc1:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i91224_c28777, i2103121_c28197, i1935891_c23471, i1935839_c22759\r\nx-cache: HIT from i2103121_c28197(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29138,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"30120d58139338a5d68680a7354b7fd5","sha1":"b330bf3db1ec8c2b930db226c12efb6067e921d9","sha256":"ccc33264888eb1708dfd7498c8eb00259a8dc92a20956e55c5cf49dcf6793a3c","sha512":"de758cf60bff87000b1c23d64fb28c0ecb6f4d95c40950af2ca26d3a29c6944d06db834ed2f9bc06ae50e677f0ab2a5d5b91380e729bd90e9eb3fc72575061d0","ssdeep":"768:LoX50mQLz/gSc+ejP3V3cXOeSwvPHWhT7tdj4c18Tm4Y:Up0meu+eDVsXOFqfWp5dHv","tlshash":"a2d2d052ab00cc24ee7e3693b04b9ad340732a6b6ad28f97e770d50b855bd72b47143c","first_seen":"2026-01-08T09:53:39.305128Z","last_seen":"2026-01-08T09:53:39.305128Z","times_seen":1,"resource_available":false,"data":null}},"time_used":644,"timings":{"blocked":301,"dns":0,"connect":0,"send":0,"wait":342,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2025/1017/20251017094403128.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2025/1017/20251017094403128.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 37209\r\nlast-modified: Fri, 17 Oct 2025 01:44:03 GMT\r\naccept-ranges: bytes\r\netag: \"cbb09e8473fdc1:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i24687_c6956, i2475911_c28821, i1935851_c23471, i1935893_c22759\r\nx-cache: HIT from i2475911_c28821(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37209,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8be36325ab9e9c88d2a01983e7dc3107","sha1":"4f973acc79926d970f6c5177a91645a97107dbbe","sha256":"9fbcfb338e7c1052aa5d782c79ac0f919ab428e8c6ff5dcb050a5f300e50a8c8","sha512":"8ecfd769463e9cae391149ffd191ddc87db7fe0b17377f9ad644946d4bc9ed6b2a57f1de3a334cda95a39d914ea05c76f379b1bcc72b8f768460f699e3aa926f","ssdeep":"768:mPF2aHM3k/eLIc/PJg98wLJAol4TjMAmVwmpgFQLPTHxxknQGK3zUMTgJ8:mPF26ZGk+PoD4TQppg+LPTHDk9aUMTgm","tlshash":"25f2f1488b14553ccc139745dfbfa590ef3d34c6181fee526731216316aa0a8f6a09f5","first_seen":"2026-01-08T09:53:39.309171Z","last_seen":"2026-01-08T09:53:39.309171Z","times_seen":1,"resource_available":false,"data":null}},"time_used":533,"timings":{"blocked":276,"dns":0,"connect":0,"send":0,"wait":255,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/css/comment_style.css","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/css/comment_style.css HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\nlast-modified: Mon, 23 Dec 2024 05:13:26 GMT\r\naccept-ranges: bytes\r\netag: \"05f4265f954db1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-length: 2527\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9137,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (325), with CRLF line terminators","md5":"a3131f6778a4729a18f4b9a8223b48ad","sha1":"85b76151be591739ee084eb0cea82c5894cb02c4","sha256":"857e8f31f954fa4116748841c36a772e68c05f1db4657a0ab7d9e85b1f995cdb","sha512":"078fbdf85f7468e8b539f41e476256b579567208ef57660331148975cd0fde5f3b0797ab4165c600bd4a73ac0dbec491b49faa7d0e947077bc87699965bc95bd","ssdeep":"192:5l8W8812ZZxDGQEM/AXdd5tEUOhvFszeA+R9OlL4vhPIv5:/71aEQEMcdq1LTOd4vhu5","tlshash":"031261902f161348b15b83b6fa7793d76f5f6102ba0381f9ada53424c38e93e81b2746","first_seen":"2026-01-08T09:53:39.310192Z","last_seen":"2026-03-17T07:48:49.262145Z","times_seen":3,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0705/20200705082844993.jpg","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0705/20200705082844993.jpg HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 47517\r\nlast-modified: Sun, 05 Jul 2020 00:28:44 GMT\r\naccept-ranges: bytes\r\netag: \"06703d6352d61:0\"\r\nx-ser: i27253_c14934, i2103121_c28197, i1940255_c22409, i1935839_c22759\r\nx-cache: HIT from i2103121_c28197(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":47517,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 404x720, components 3","md5":"b960f940764e61f8b7c9aa813e97600b","sha1":"1d61db0c412de01b31f78388a487608da79d799d","sha256":"aba39aaa19e04fa652234d35a1b339fdcaa71b5b2c86a2e12436b24d42bc7b4f","sha512":"7c64a3b0301e57d547fd4e51f7e6bebedd58f835a8e3dd141acee02aa4f31e8af00a160ed89d837146ceb4dd86de4978a889868063c71ab962af7409464f9426","ssdeep":"768:+pdSAFuy2rI6n6PWxPk/Vmk9V7qeKdw3Qo1ynwgZgrFdc0mKVqU3v1ysouu8KBra:edSouC6ngEM7nowGnwgoFxmK8U3dysoY","tlshash":"4423d0a6dc0494d24dccc7be2b1a4ef4a32e275b22055dde8f3a1f887d586d3c52b016","first_seen":"2026-01-08T09:53:39.311367Z","last_seen":"2026-01-08T09:53:39.311367Z","times_seen":1,"resource_available":false,"data":null}},"time_used":551,"timings":{"blocked":310,"dns":0,"connect":0,"send":0,"wait":239,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/1128/20231128084334344.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/1128/20231128084334344.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 23685\r\nlast-modified: Tue, 28 Nov 2023 00:43:34 GMT\r\naccept-ranges: bytes\r\netag: \"20c67eb9321da1:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i27263_c14934, i2475923_c28821, i1935891_c23471, i1935889_c22759\r\nx-cache: HIT from i2475923_c28821(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23685,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"7210be746dc3de32001daf756723cf64","sha1":"426632a4db285cf05f690bc44b62048aadc0818b","sha256":"563b3195ec1607b020fecb57528c670c33db48153e0142974374d42f72ccc96f","sha512":"c4d6ce00d167925be8b8e5d58d0ca661b687c5f428c75472bdd196531da9f182b8350dacf9cfec3e408b7f1951c71e74af727349e3669ad2fdf6c27444ea07a1","ssdeep":"384:LD8PvRg6+9cILhwmV8qWRcUH+SZBWwHmbmBiukbQviLQz7mJcy5eY9r:LD8+XdemdUHPBjGbm0b+iLQ3mJcy5eYZ","tlshash":"3ab2d1e1a81b3d26ce72042baf479acdf112d2949077b14c15ac0b050bc568ecdeaf66","first_seen":"2026-01-08T09:53:39.312236Z","last_seen":"2026-01-08T09:53:39.312236Z","times_seen":1,"resource_available":false,"data":null}},"time_used":584,"timings":{"blocked":305,"dns":0,"connect":0,"send":0,"wait":278,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0202/20230202022316902.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0202/20230202022316902.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 24245\r\nlast-modified: Thu, 02 Feb 2023 06:23:16 GMT\r\naccept-ranges: bytes\r\netag: \"9b52ad6ce36d91:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i90978_c21609, i2475941_c28821, i2315539_c28337, i1935839_c22759\r\nx-cache: HIT from i2475941_c28821(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24245,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"ccf692feaeb52e9286209b66702c4bac","sha1":"c810756fe041c03c6274db053290dc1fec2539ed","sha256":"5a34ffcf11ec8c0f25c2af7eaa612f7143a616469bfcef44f5d71351a2297cab","sha512":"76c779a425a39e4a438d94c9ecc4075ed2de1604040c26489f74d127f413a5a061a9839d831f19c174a8091c990428023ad9e4d3cb2a57312f32a62972174cae","ssdeep":"384:IdJ/tYgZ632meXWBPaIt4+UEj2ydstQUxYS2tskmXbzn2JcL5xAR/vFJr6koxGes:+JGgZTmmWBPa2hfn4YDoz2ytxYR2xGhh","tlshash":"80b2e1e48f4e47a97bd1f63ed93269640971872595920e492cda63b0043f1b83f730cd","first_seen":"2026-01-08T09:53:39.316047Z","last_seen":"2026-01-08T09:53:39.316047Z","times_seen":1,"resource_available":false,"data":null}},"time_used":572,"timings":{"blocked":299,"dns":0,"connect":0,"send":0,"wait":272,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/dxinfo.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/dxinfo.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Fri, 12 Sep 2025 00:54:53 GMT\r\naccept-ranges: bytes\r\netag: \"80ac6ed97f23dc1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 772\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1348,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"0bf4a8e59d1f20b9f094e8b968dc22a5","sha1":"eedc5c0f1484ddf792300455d8fbb30ac604aaf6","sha256":"11cd3f662a7724c5cd9047de9641c5b263cdb80196adf345e5d56dfabdb72887","sha512":"73f98b5e45b57a1634d560d5990dbc64ee672a75f97d4a21952d9bbf03a34bbef536cb19c2049191436da568ece747d4ce1b9a53669c54de0ed70a9559328e87","ssdeep":"","tlshash":"0021974fad199965023b44bd427ee85ceda5c7af503c78423a6dc904bfb0cc045afa88","first_seen":"2026-01-08T09:53:39.318396Z","last_seen":"2026-03-26T10:00:03.953713Z","times_seen":4,"resource_available":true,"data":null}},"time_used":758,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":758,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/ico-zank.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/ico-zank.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/pc.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Thu, 23 Jun 2022 07:08:29 GMT\r\naccept-ranges: bytes\r\netag: \"801435ad086d81:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 1169\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1169,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 11 x 117, 8-bit/color RGBA, non-interlaced","md5":"be693d12cf90e6256200cfcacc0bd50a","sha1":"815b2ead288473c03566aa719d9ab4b5f8b8ff9b","sha256":"f51183aff2991b4e27d4570e0f37e1fc86bf9ceff2e6103ec54090d8c4954bcb","sha512":"f958f53ae0d4ef0d7902c440cfeb75faf49771b9221c59f8cf88f2ad71697cf0c1caa20f1faf7ddefeae38ffe33553264a6d569814ba83703fb2aac8fb055dd5","ssdeep":"","tlshash":"7c219659f7627c00a18c5dd918f3a423ad238d80c9c4f55679cecc1a9d749f548d91cf","first_seen":"2026-01-08T09:53:39.319329Z","last_seen":"2026-01-08T09:53:39.319329Z","times_seen":1,"resource_available":false,"data":null}},"time_used":585,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":585,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/logo.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/logo.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 22 May 2015 15:14:09 GMT\r\naccept-ranges: bytes\r\netag: \"807685f3a194d01:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 6111\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6111,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 107x89, components 3","md5":"b956f24fbd9c38cff0c0a3c4e54dd9ab","sha1":"6cdce8dc42255354e480565b8b542f4f472708fe","sha256":"3027ef252e2fa47202909fdfaffe82923212991402d1f605bafe2c985a0aa694","sha512":"da3bf2c42914eccea8247ea7eb9d3162a8faff8dd20d4fc4496018595af4dbcc33b8b1ae6aa93c1e7382d3f7e5ee07ce764675f52d923ba7ce1a7aae1f2be07d","ssdeep":"96:zU+AX65PFNPlN8OJB8evkoHu8ouC9FDjuaKAdzMkVmX4Hx28eJ+RLk19J+Vs2Pn:Iq5PLlNOev9UfuKdz574VgBqJ+Vs2P","tlshash":"73c19fe174403b42dd765772d22a38c8a471799552da12e30ce90884cdbfb25bdfa0f1","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-04-16T01:23:16.701967Z","times_seen":23,"resource_available":false,"data":null}},"time_used":560,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":560,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/phpqrcode/?data=https://m.downxia.com/downinfo/302239.html","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /phpqrcode/?data=https://m.downxia.com/downinfo/302239.html HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 341\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":341,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 124 x 124, 1-bit colormap, non-interlaced","md5":"c92cdf89e194d25a89a484f0b805d035","sha1":"41a9df581ad77194706eedb7393c9d36dd013d18","sha256":"1b3c7a4ee64a309f2d39373fe0eba236afc1bc2842f941cfc2ae02b6564c4ba7","sha512":"d15b016ea541d2682434ccfe0e19d1f03e89d8f22edd576a00c1147c369c0159174157b01871f3ebe2d9659e08b08fb7f9b49453e9b683cf64b2a55cfe47e137","ssdeep":"","tlshash":"e5e020d3a0f5ddd8514735515ebcd201c8f34654d521973e5d0f9d225a662009a4961b","first_seen":"2026-01-08T09:53:39.323413Z","last_seen":"2026-01-08T09:53:39.323413Z","times_seen":1,"resource_available":false,"data":null}},"time_used":834,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":834,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/tit-m1.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.064Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/tit-m1.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/mobile.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 25 May 2015 14:46:34 GMT\r\naccept-ranges: bytes\r\netag: \"0c14d98f996d01:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 1026\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1026,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 665x6, components 3","md5":"0e82666730d9842b8b098dc7502b3c76","sha1":"aa2f8eff0c54e3e4f47f1e18f6b0b5f8c41e54b6","sha256":"6ab0647e9db1bd587c7f39fa97894d47d40a6450a223baaa780c6fee1c4d2b39","sha512":"c3f87dad4a7e3ea00861904b2e1be13820b0efd9812a536f4317ae1eb8920da8041f8ff94bed2e288b36d61bdcb5ccf0f8030208526df66d65378a0a51a036ef","ssdeep":"","tlshash":"d01190ae184d87c6ff7e067545d687c0fa0f7e075c2c6e4b05867e0dfa7c4952510442","first_seen":"2026-01-08T09:53:39.327Z","last_seen":"2026-03-17T07:48:49.141437Z","times_seen":2,"resource_available":false,"data":null}},"time_used":585,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":585,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lupic.cdn.bcebos.com/20210629/28340962_14.jpg","fqdn":"lupic.cdn.bcebos.com","domain":"bcebos.com","tld":"com"},"ip":{"addr":"171.109.97.35","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pos.baidu.com/ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1","date":"2026-01-08T09:52:59.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.a.bdydns.com","organization":"北京百度网讯科技有限公司"},"issuer":{"commonName":"sslTrus (RSA) OV CA","organization":"sslTrus"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B0:A6:2D:34:BD:DD:55:41:21:71:78:8B:43:8A:7A:51:22:5C:31:C9","sha256":"10:61:DB:D4:46:80:6A:CD:63:18:ED:40:2F:F0:02:9E:CD:37:4C:88:54:E6:A9:CF:03:50:63:B3:B1:23:63:11"}}},"request":{"raw":"GET /20210629/28340962_14.jpg HTTP/1.1\r\nHost: lupic.cdn.bcebos.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pos.baidu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 09:53:02 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 48799\r\nexpires: Fri, 09 Jan 2026 11:28:31 GMT\r\nlast-modified: Wed, 30 Jun 2021 06:59:10 GMT\r\netag: \"fc160b4288b51351bc4ccc221bf6646a\"\r\nage: 167041\r\naccept-ranges: bytes\r\ncontent-md5: /BYLQoi1E1G8TMwiG/Zkag==\r\nx-bce-content-crc32: 0\r\nx-bce-content-crc32c: 0\r\nx-bce-debug-id: Fs4Pf3vwfJda28wS0CZlJ+rJ1kK1EgqMz7sk7gWz5xEc4qY2onvdIuk2DOjSxLOpz3e4lGJeRWOUeV9uBubOSQ==\r\nx-bce-flow-control-type: -1\r\nx-bce-is-transition: false\r\nx-bce-request-id: 4a0c44bb-440e-4854-a69d-af1385e376c3\r\nx-bce-storage-class: STANDARD\r\nohc-global-saved-time: Tue, 06 Jan 2026 11:28:31 GMT\r\nohc-cache-hit: nn9ct96 [2], czix96 [2]\r\nohc-file-size: 48799\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48799,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 279x200, components 3","md5":"fc160b4288b51351bc4ccc221bf6646a","sha1":"ce86f193521b0a74df156833b41e39201701113d","sha256":"37ed92bf7d588b395307173abc6e2bb4e6d93262c057c9bee8573bb16bc76bb7","sha512":"bc38d64cf41178b31de79bff1a229151e77593f8d59cb6f548cc4cc085557351db7b346b8ee2c3caddad9f817c9cc151795c5ad385ca91ddb872a58216cfcaf8","ssdeep":"768:KumHXf7GRFVMeTM6Jrxw8+vHuq8IbCjr2UOPfs1h53uAC3a9fLNyhbUdrlHIuUWs:KumHDGRFueRKBmt2UOc5RCyxyhb4lHI9","tlshash":"af230126d2c48d06b83eb175991957152c08effe1cf2b8bdbfa52e1fca68544288c529","first_seen":"2025-11-22T04:26:04.002385Z","last_seen":"2026-05-02T10:12:40.806664Z","times_seen":23,"resource_available":false,"data":null}},"time_used":6571,"timings":{"blocked":2958,"dns":1743,"connect":530,"send":0,"wait":551,"receive":98,"ssl":683},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0516/20230516102740558.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0516/20230516102740558.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 21201\r\nlast-modified: Tue, 16 May 2023 02:27:40 GMT\r\naccept-ranges: bytes\r\netag: \"6aefdcfc9d87d91:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: BC197_dx-lt-yd-jiangsu-taizhou-4-cache-12, i91106_c23533, i2103143_c28197, i1940263_c22409, i1935945_c22759\r\nx-cache: HIT from i2103143_c28197(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21201,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"c02fd21a88ea39a6257c8fe33c37560b","sha1":"49b077621ce77096e16ac2082a1fefa16db1f1a3","sha256":"4106a3071acf5a7a21f454e254c15b6f5c46cfec230efcf230648c1fafcbba18","sha512":"ad9045ba373374cb7ed59ec9a464390a30f9eb18c7fde8efe916469f606253fd16719ff202c1270697f91bf418bc0d86a52dc1602311f262a0d17bfdc0c41b64","ssdeep":"384:bLgtDw1E+fq0NpP5kRCYUhWLpPxWZo1viE349OeVbxTwIWHx0uL8kaFiETOpjUR:bLg8BbThkRCYUg1PxWK4E3mB57bTt","tlshash":"7492d031e4524ed07618f6f4badf146c0d18f46e8c9914721d7e90ab7e4f239e04aeda","first_seen":"2026-01-08T09:53:39.329899Z","last_seen":"2026-01-08T09:53:39.329899Z","times_seen":1,"resource_available":false,"data":null}},"time_used":578,"timings":{"blocked":283,"dns":0,"connect":0,"send":0,"wait":293,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/1115/20221115091046205.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/1115/20221115091046205.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 16977\r\nlast-modified: Tue, 15 Nov 2022 01:10:46 GMT\r\naccept-ranges: bytes\r\netag: \"ea4f57178ff8d81:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i92434_c21609, i2103123_c28197, i1940269_c22409, i1935869_c22759\r\nx-cache: HIT from i1940269_c22409(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16977,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"9ed78079ab54cb1539b1629f96a322c9","sha1":"4b49abe2069ff04a6012e4b1cfa0cc3b1386d695","sha256":"a284003e7c286b3ba61cabe96fffd2baf21085f7e4bc4c23d5130d225bfbb2c6","sha512":"64d89aa2927865d40ee3e263a709f0595cf8818790082e43e4024fd4179fc1e51b8cbdaf004f2b5b11b57d97c9ce87492b22ebffd2da8271d27e7971db0605a5","ssdeep":"384:M4Xv0IYzFIeP/B/nHFieeMmsjNzfFLg3uob8kPyFWrscZ5bXjqsm0PpnoM6eqc7:M4f0IONl7LmsJFLuu5hco0hPFD7","tlshash":"dc72d1f00dc6b4ef556b3da20f33e2644dcc940cae834a4c1aaf9c97355549a54dace7","first_seen":"2026-01-08T09:53:39.331505Z","last_seen":"2026-01-08T09:53:39.331505Z","times_seen":1,"resource_available":false,"data":null}},"time_used":390,"timings":{"blocked":278,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/0706/20210706045807604.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/0706/20210706045807604.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 5910\r\nlast-modified: Tue, 06 Jul 2021 08:58:07 GMT\r\naccept-ranges: bytes\r\netag: \"8f9af94572d71:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i27255_c14934, i2475927_c28821, i1935891_c23471, i1940231_c22759\r\nx-cache: HIT from i2475927_c28821(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5910,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8ff539bf4f29d05d6291a85d0dfc2d0a","sha1":"0c3cfa074c69710d077af9aad3a45ec78917965c","sha256":"79c7ffe0ab9bed3b272167ac85e115baa3c4d0db839f5e7a51e4359a9d01d19d","sha512":"2486d66ecdc5fd9dbe2ef0e9baa6e4deb83e9a9caaebe719a0bb8ba91f40321947dc071d57639ef8612185c4ca324e0c7f8eabceaaf5aa1daa53af754658d43f","ssdeep":"96:FMCiEG7xnFWCNGXT4sS9evdZxjCwkzHs39aN+Txjc8RbiiuA4cUd1FGWOBaF:FP+7xnFWdD4sgevdZhCjM39e+TRc8wiS","tlshash":"72c18eeb5904ac08ba839d13da8d376bd5249b7c9f8ceae1f10684309f27586d4ce325","first_seen":"2026-01-08T09:53:39.332499Z","last_seen":"2026-01-08T09:53:39.332499Z","times_seen":1,"resource_available":false,"data":null}},"time_used":716,"timings":{"blocked":272,"dns":0,"connect":0,"send":0,"wait":444,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/jquery.jscrollpane.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.575Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/jquery.jscrollpane.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Fri, 19 Jun 2015 08:29:58 GMT\r\naccept-ranges: bytes\r\netag: \"0875d206aaad01:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 10962\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":46300,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"871a605730dc5f4b4ac122fbb27b2fdd","sha1":"54f10586b475c2ab499de02883a566c7ec7ff0a1","sha256":"6050eb2215d72ecc2151adf098a9c0aebc0102af7b0825dcd7bd95564946b0da","sha512":"1a5b4714cc8ea8675e7660b7595c4c3ce6054f7fe3450ec1754d4e77b50b863052238640c5fef6f1dd71b326b787cdfe4665c005fa6a3cce1fdba3c2e0b23bad","ssdeep":"768:gBF4fI5Ekf4G6GPxjGaUIS5OjGix0nRAdGzeJf7LHsJJk:DfI0G6GBS5OjGi+nsyeJEJJk","tlshash":"b4237694e79c317f46ad211ac51f23cc9b3c90b31a129cf27c5aed6825d1dbc036ada9","first_seen":"2025-10-20T16:53:46.691017Z","last_seen":"2026-03-17T07:48:49.085538Z","times_seen":3,"resource_available":true,"data":null}},"time_used":768,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":768,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=597497A30564D2A0\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=229720885\u0026si=7df4e92a4f5f9f13779b08e96680a342\u0026v=1.3.2\u0026lv=1\u0026sn=59349\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026tt=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:53.593Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=597497A30564D2A0\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=229720885\u0026si=7df4e92a4f5f9f13779b08e96680a342\u0026v=1.3.2\u0026lv=1\u0026sn=59349\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026tt=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Thu, 08 Jan 2026 09:52:53 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=31D88428989B6FBB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-05-02T15:30:39.021409Z","times_seen":344919,"resource_available":true,"data":null}},"time_used":327,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":327,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/1021/20221021112239891.jpg","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/1021/20221021112239891.jpg HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 29140\r\nlast-modified: Fri, 21 Oct 2022 03:22:39 GMT\r\naccept-ranges: bytes\r\netag: \"51bcd65ffce4d81:0\"\r\nx-frame-options: SAMEORIGIN\r\nage: 50268\r\nx-ser: i90862_c28777, i2103141_c28197, i1935851_c23471, i1935845_c22759\r\nx-cache: HIT from i1935845_c22759(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29140,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 340x195, components 3","md5":"862f07ceff8b766eacc0f34eb1e465f4","sha1":"f8e47db5ba13dda27e7372585ca6ab23a51de175","sha256":"51e7e0bd813af278827112e0d0870e9a07e6d05c08629f3456435f2138234fe1","sha512":"2378cc440492efa704c793d3fd88f0f414f76dcd8c5b18b831545118e59d92402f9ef930a21621f8231f869fce4003629e8f997e1e129ff072109909284b28f6","ssdeep":"384:mOaBW1gMAA7MTEgxOk2cGRKcqJZyFk+1ruZ+ZeO7myyyQetfVJ5DdwlP+5wpPqmf:HV2IY2rQiFk+Jt0Oyts3dwl4Ei6","tlshash":"4bd2e1580e5586d0fd837479b9b62cc49ed4c22af4a45d7212c8a6273cb7acbc6d40fb","first_seen":"2026-01-08T09:53:39.334427Z","last_seen":"2026-01-08T09:53:39.334427Z","times_seen":1,"resource_available":false,"data":null}},"time_used":364,"timings":{"blocked":297,"dns":0,"connect":0,"send":0,"wait":58,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0909/20220909041033120.jpg","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0909/20220909041033120.jpg HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 13181\r\nlast-modified: Fri, 09 Sep 2022 08:10:33 GMT\r\naccept-ranges: bytes\r\netag: \"cf9681a223c4d81:0\"\r\nx-frame-options: SAMEORIGIN\r\nage: 41728\r\nx-ser: i37214_c28455, i2103141_c28197, i1940269_c22409, i1935839_c22759\r\nx-cache: HIT from i1935839_c22759(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13181,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 340x195, components 3","md5":"457dc7d9b3bbbcb7cb2335f99c54efe2","sha1":"546658f68bef796322072df7da3381ae13975ecf","sha256":"84a875a765daf356f5a92efa1542f28b27553a1af7f35a125e76c2284cd4736b","sha512":"4f3e9b27dd07729d1a5729d10fe22879175aaab6598a6aaf8cc4d8857478b1d2194528a12d1780c885e4bf6bf780cb1c027a20d6a1837037e5754224202fb61f","ssdeep":"384:qDa9IloRa073ac1JPyQCshz/LB1i1LAZUet58+deuv8eFbPZ+:qDQIuRa073XzyQCMmBAGGd7D7Z+","tlshash":"b242af8b736774c3f5c9d8ed458b4c9699e05839b2c440f729d478a36ce1e812b34be2","first_seen":"2026-01-08T09:53:39.335395Z","last_seen":"2026-01-08T09:53:39.335395Z","times_seen":1,"resource_available":false,"data":null}},"time_used":369,"timings":{"blocked":296,"dns":0,"connect":0,"send":0,"wait":73,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0509/20200509043842564.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0509/20200509043842564.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 12887\r\nlast-modified: Sat, 09 May 2020 08:38:42 GMT\r\naccept-ranges: bytes\r\netag: \"c9e5783edd25d61:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i91226_c28777, i2103119_c28197, i1935953_c23471, i1935869_c22759\r\nx-cache: HIT from i2103119_c28197(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12887,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"e88fe23943c14830a7a985c31a674438","sha1":"535e15b0a16fd1adeeba903fc33435663faa24cc","sha256":"77d80af6309a0c95112895de3f254b8a7c03b3419e5df97426b84d154e5ce033","sha512":"3b8ba5aa31ed8676bd71afc4cb3a99d3fd3eba5b6ba38195b6a1006c8caa2dc68d8939aff61eebc9da278c0598a0eb25d9cfcce5619b067039c35243f436c532","ssdeep":"192:Ndln1+QcxK3ItwGZ7cXOlei1BKdDH3PB06H1NdzrwmxacPrKJxzz+psuRwNl:Ndl1+QKL/AKPaDXPS6H1gnJRzUsuRo","tlshash":"5b42c00bd5efccb9178e5836e998ea31112ef4e351702359f7cdc965441eca21ec9a20","first_seen":"2026-01-08T09:53:39.336293Z","last_seen":"2026-01-08T09:53:39.336293Z","times_seen":1,"resource_available":false,"data":null}},"time_used":681,"timings":{"blocked":294,"dns":0,"connect":0,"send":0,"wait":386,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/bg-ul.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/bg-ul.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/lib.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 19 May 2015 02:13:27 GMT\r\naccept-ranges: bytes\r\netag: \"803d4664d991d01:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 1267\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1267,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1x1, components 3","md5":"b79f375dc58cdfe7e07b6732a2f5c896","sha1":"12f204cf4104bc412211b1d90c8f168a8a095f6d","sha256":"678b77ac0fa88fd883db7d2d96222a733d6c5bd25026c4c2aa3f2ce7bf0f72b6","sha512":"94e2a3df43a98a34bd1e313e5d4bcf941947f717c79afee442fe7f573bbc32d8ac513b0675e804146c65e34f38014808d9d7df7c56d9c90f4096b29188441f20","ssdeep":"","tlshash":"a921140df6526b03dc98997638f6511f4d1544c0f9c0e996a8fa8c1b5c750f94c1a1cb","first_seen":"2024-05-20T23:08:38Z","last_seen":"2026-03-17T07:48:49.153281Z","times_seen":20,"resource_available":false,"data":null}},"time_used":587,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":587,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2021/1026/20211026092629739.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.554Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2021/1026/20211026092629739.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 6142\r\nlast-modified: Tue, 26 Oct 2021 01:26:29 GMT\r\naccept-ranges: bytes\r\netag: \"63d666808cad71:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i25509_c14934, i2475963_c28821, i1940277_c22409, i1935949_c22759\r\nx-cache: HIT from i1940277_c22409(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6142,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"7b2c80adadac02e87eb4f1f2eaf22c05","sha1":"5c83c00319db4282fe3a68ee75ed5e27da6da629","sha256":"738d40c80f93bc29c157588e90ca78cad2c594af0eaf2f4003b93cf0aa71ef84","sha512":"636198a42d25286e711984c4bf2cd209e1ec3fba327ef0f9a71d3e5f4af8d73e21b9c1c11828b0eeeb229baebe9131a772985b8d6e493bf52695ecc968844781","ssdeep":"96:qULl3SsJ/jR/fS7t3Aofaf3ewOv99qzQMy5KKXlT6JNRJjcM7cKtsNsNLX7C7srZ:qUx3F/j9S7t3AoSPnO1flTSu8csNNL22","tlshash":"f4c17d84d8ef1f1d42e267e0f9c3d2382c74e2f2b6952154493b9271760be74669d260","first_seen":"2026-01-08T09:53:39.338159Z","last_seen":"2026-01-08T09:53:39.338159Z","times_seen":1,"resource_available":false,"data":null}},"time_used":396,"timings":{"blocked":282,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/1101/20201101092027642.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/1101/20201101092027642.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 14726\r\nlast-modified: Sun, 01 Nov 2020 01:20:27 GMT\r\naccept-ranges: bytes\r\netag: \"4220b12eedafd61:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i31243_c6956, i2103143_c28197, i2315749_c28337, i1935921_c22759\r\nx-cache: HIT from i2103143_c28197(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14726,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8485edb2614a31c3e3a26453c0645404","sha1":"332670e44df4668eca89866eed9cf0a1cd34ca7f","sha256":"583aa34ac6d55f7a92c5dc603354e9bc73073e3f45e0e0401c9d9962aed663df","sha512":"2c0b1c393483bb2a86f234b6cb97c952ba53ed55d40f236f1bd6a426386c5b70494431fd2eab15e2e3f017179eb2a6ccab421c226fab912614851a302f7aa245","ssdeep":"384:muY8sd3C+5tkdjiDYd3R3wrzVlSp4Soum:L8fkcD2SJlUNm","tlshash":"3b62c0b79de6894d521b3ee0fc13f0a54cad00069ec9070a477ca11a888d7f44e1ebf9","first_seen":"2026-01-08T09:53:39.339068Z","last_seen":"2026-01-08T09:53:39.339068Z","times_seen":1,"resource_available":false,"data":null}},"time_used":565,"timings":{"blocked":280,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2018/0820/20180820032829383.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2018/0820/20180820032829383.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 8439\r\nlast-modified: Mon, 20 Aug 2018 07:28:29 GMT\r\naccept-ranges: bytes\r\netag: \"d4a727645738d41:0\"\r\nx-frame-options: SAMEORIGIN\r\nage: 241349\r\nx-ser: i37198_c28455, i2103121_c28197, i2315469_c28337, i1935949_c22759\r\nx-cache: HIT from i1935949_c22759(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8439,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"013b7550111b4a76aff53797a93e1c71","sha1":"75f9c927a15c4143fc60ae0cd40655e8a4aebc5c","sha256":"f55c34e36ffbb8f563bc13f5a44da02cfe6c2cac6e680728f31d89c1bce2ca16","sha512":"4823ab0be9cc8f80f6d1e041a688714be7bbbaa0adc6f137155cd536ba7195b0632caea905ed5f420d974421925ebc3595f559f58055f09adb48dc4a9eba8a1b","ssdeep":"192:oyOAo3C7Ky8iz267b0xLjp4INeDZTV3F4:Ttok18iiEb0xLjyk2ZtF4","tlshash":"0702a076acdf1424ac05158cab939a09084b9ef2366376943099df6c22373d949baf98","first_seen":"2025-01-03T05:17:31.530876Z","last_seen":"2026-03-04T05:46:55.182725Z","times_seen":4,"resource_available":false,"data":null}},"time_used":383,"timings":{"blocked":279,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/jquery.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/jquery.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Mon, 17 Feb 2014 07:48:28 GMT\r\naccept-ranges: bytes\r\netag: \"06e9a5b42bcf1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 33504\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":93636,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65483)","md5":"3576a6e73c9dccdbbc4a2cf8ff544ad7","sha1":"06e872300088b9ba8a08427d28ed0efcdf9c6ff5","sha256":"61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf","sha512":"27d41f6cfb8596a183d8261509aeb39fcffb3c48199c6a4ce6ab45381660c2e8e30e71b9c39163c78e98ceabc887f391b2d723ee5b92b6fbc81e48ac422e522b","ssdeep":"1536:s6IzxETpavYSGaW4snuHEk/yosnSFngC/VEEG0vd0KO4emAp2LSEMBoviR+I1z5T:O+vIklosn/BLXjxzMhsSQ","tlshash":"b393f8ed73c6717243ab30ae40af610ef1365869280d8410f129e8f9bc79a499277f7d","first_seen":"2023-03-07T01:02:53Z","last_seen":"2026-05-02T15:23:55.043495Z","times_seen":32596,"resource_available":true,"data":null}},"time_used":566,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":279,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0216/20230216022913265.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0216/20230216022913265.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 2736\r\nlast-modified: Thu, 16 Feb 2023 06:29:13 GMT\r\naccept-ranges: bytes\r\netag: \"123397fccf41d91:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i17891_c6956, i2475963_c28821, i2315749_c28337, i1935839_c22759\r\nx-cache: HIT from i2315749_c28337(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2736,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"b6648fefdcbbb28601925dc3add7c816","sha1":"862f7068b233cbc21bc3da6d4c8126bd7c3bd0ce","sha256":"78be15d2aa812455ad7c718e1a90b3b415f14c4e92a9bcdbc7b73d419c7c966f","sha512":"7172cc2f94ce083263b36ea48946206b2f09050bbeb27ac644055f8d7c27f80bcf55417609560717c1112c5b4a85a71d3da370bac8607120480b41f25444e848","ssdeep":"","tlshash":"1a512b9f6435418c4afa86f738d5a5d5f8e741801c773729347d81405c6075c98286ee","first_seen":"2026-01-08T09:53:39.342821Z","last_seen":"2026-01-08T09:53:39.342821Z","times_seen":1,"resource_available":false,"data":null}},"time_used":391,"timings":{"blocked":277,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/p-bg.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/p-bg.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/mobile.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Wed, 20 May 2015 08:43:35 GMT\r\naccept-ranges: bytes\r\netag: \"8055f1ed992d01:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 1024\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1024,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 263 x 37, 8-bit/color RGBA, non-interlaced","md5":"246219a9d0272df626769177a3d14f92","sha1":"cbe5e987be647aa33e21afa7cc8b16132c90b3df","sha256":"d0c16e1c3df48666b22bd75616fe71851b93bf59b165b3510fe623935fb3ca4a","sha512":"8177ef33f0fc8b33329c0552a33ee00260717a879dd7cd7d48db309a9254571b43686a15d778b447cd3bb38378c16c08bc5cefbb9a8cc6bf7d0448d5a0671f0b","ssdeep":"","tlshash":"6111ef4df45564d0c7a5da8718eba1234b2346419b90b036bb8ec4169d742bdc86d0db","first_seen":"2026-01-08T09:53:39.343599Z","last_seen":"2026-04-16T01:23:16.972561Z","times_seen":4,"resource_available":false,"data":null}},"time_used":476,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":476,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lupic.cdn.bcebos.com/20210629/10465092_14.jpg","fqdn":"lupic.cdn.bcebos.com","domain":"bcebos.com","tld":"com"},"ip":{"addr":"171.109.97.35","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pos.baidu.com/ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1","date":"2026-01-08T09:52:59.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.a.bdydns.com","organization":"北京百度网讯科技有限公司"},"issuer":{"commonName":"sslTrus (RSA) OV CA","organization":"sslTrus"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B0:A6:2D:34:BD:DD:55:41:21:71:78:8B:43:8A:7A:51:22:5C:31:C9","sha256":"10:61:DB:D4:46:80:6A:CD:63:18:ED:40:2F:F0:02:9E:CD:37:4C:88:54:E6:A9:CF:03:50:63:B3:B1:23:63:11"}}},"request":{"raw":"GET /20210629/10465092_14.jpg HTTP/1.1\r\nHost: lupic.cdn.bcebos.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pos.baidu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 09:53:02 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 24810\r\nexpires: Sat, 10 Jan 2026 12:47:50 GMT\r\nlast-modified: Fri, 02 Jul 2021 16:50:02 GMT\r\netag: \"8f22cd98dab28263b98ed0a555f8f4ca\"\r\nage: 75850\r\naccept-ranges: bytes\r\ncontent-md5: jyLNmNqygmO5jtClVfj0yg==\r\nx-bce-content-crc32: 0\r\nx-bce-content-crc32c: 0\r\nx-bce-debug-id: Dm1mOMaUfDAW2oBRLPk7lMSe8OfSHCd7ne+iQi+KVuJx3wVqAiEEv8MnRQv8qgikMkiLPg0dBXTLvAgQuoNt6w==\r\nx-bce-flow-control-type: -1\r\nx-bce-is-transition: false\r\nx-bce-request-id: 833be61f-1e5f-4027-813e-a824c6312de1\r\nx-bce-storage-class: STANDARD\r\nohc-global-saved-time: Wed, 07 Jan 2026 12:47:50 GMT\r\nohc-cache-hit: nn9ct61 [2], czix61 [4]\r\nohc-file-size: 24810\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24810,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 280x200, components 3","md5":"8f22cd98dab28263b98ed0a555f8f4ca","sha1":"26d3730f80833323e8a27d83cf8f2f6f76657604","sha256":"9de44afd3cec805d0dc548240dc0928d5ddea40a062d1a060c98da9b9afd30f3","sha512":"19403d151a28cdb1d40e64b2a2ec725f81443eb4fb7aaf4f8541da3fb144657ca469e9857917f71829f25b36c3efc1ab5a8115a22670af295bff2d37e56d1d40","ssdeep":"384:BpWJHBwZAYxfDkfjSg8W4Yf7n/iWM39l2uw/Xe1scgKZ/DJjfuyDE/vT6fA4VcVz:HKuyYpSjSmfjaN2ZqZ/D85rEA4VcVz","tlshash":"a7b2e1761090a0f8fdb0c59911760c7c28f6168696261f892ae7cbb48e5cf46d5f7783","first_seen":"2023-07-03T04:23:06Z","last_seen":"2026-05-02T10:12:40.812118Z","times_seen":27,"resource_available":false,"data":null}},"time_used":6254,"timings":{"blocked":2949,"dns":1746,"connect":530,"send":0,"wait":319,"receive":33,"ssl":665},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0415/20230415102416429.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0415/20230415102416429.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 15677\r\nlast-modified: Sat, 15 Apr 2023 02:24:16 GMT\r\naccept-ranges: bytes\r\netag: \"f44a7e60416fd91:0\"\r\nx-frame-options: SAMEORIGIN\r\nage: 50260\r\nx-ser: i37210_c28455, i2475923_c28821, i2315527_c28337, i1935945_c22759\r\nx-cache: HIT from i1935945_c22759(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15677,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"8f092bf094d7e57d89dd31c1184341e3","sha1":"d67c3ec7a5ddc2e89b5665c4ecb416543bdabfdc","sha256":"cd5fc96f0351bacc1a36c985ff107d416e666c004a116a7a970da4b9be95f6f6","sha512":"5621ac5a21cc363a80ae180bb171790aab552543a420b955faf304d68be5d836ef1b2fd058d5f0294be69394e08fe8f2caad10d276aaa732a7e7fa024f0cf721","ssdeep":"384:mClktOhLkkGF2y+Fwd3+e5mhqXz3EisxXf:0tOhgkC2y+4xmhXf","tlshash":"6f62c1dafb3f15fad2a4fdc021b640213d8e146412561e4e46b3f4581d536abedc07ba","first_seen":"2026-01-08T09:53:39.345183Z","last_seen":"2026-01-08T09:53:39.345183Z","times_seen":1,"resource_available":false,"data":null}},"time_used":378,"timings":{"blocked":288,"dns":0,"connect":0,"send":0,"wait":89,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/comment_template.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/comment_template.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 21 Sep 2023 03:06:53 GMT\r\naccept-ranges: bytes\r\netag: \"8044dfab38ecd91:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-length: 1376\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4952,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (558), with CRLF line terminators","md5":"1c561523563f55884dd34a8135606c2a","sha1":"4f49fd0204fbe626050343806e812e65224bf488","sha256":"6c09da938abcf6ca632c43c9ace1f58e927bdbbc6da0f54bf1c5983945911b7e","sha512":"3b92e034680000ed023631b054f9785867946c187f68eb31808fd75952765f05e87550fe7a3ec33ae30af4b7ce4b5a60342a0ee246ac4bc799ec277f0e6d8c18","ssdeep":"96:hNocalk3UHB/Ti14MN7caARVQBbgBPsaSPi7Y:hN13UHBr/QBUB0atY","tlshash":"05a136621ce49b7a033b80a45a615f4afde1661bcf478948b6ec97d71ff7c408a070a7","first_seen":"2025-10-13T03:08:21.093693Z","last_seen":"2026-03-17T07:48:49.100994Z","times_seen":26,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"eclick.baidu.com/se.jpg?type=iframeLoadStatus\u0026result=u2218020_0_1_0_0\u0026ver=0620\u0026rdm=1767865980063","fqdn":"eclick.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"110.242.68.137","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:53:00.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /se.jpg?type=iframeLoadStatus\u0026result=u2218020_0_1_0_0\u0026ver=0620\u0026rdm=1767865980063 HTTP/1.1\r\nHost: eclick.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0\r\nConnection: keep-alive\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Thu, 08 Jan 2026 09:53:01 GMT\r\nExpires: Thu, 08 Jan 2026 09:53:01 GMT\r\nLast-Modified: Mon, 28 Sep 1970 06:00:00 GMT\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-05-02T15:30:39.021409Z","times_seen":344919,"resource_available":true,"data":null}},"time_used":2734,"timings":{"blocked":1234,"dns":461,"connect":254,"send":0,"wait":265,"receive":1,"ssl":516},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/i-dd.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/i-dd.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/mobile.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 25 May 2015 14:37:09 GMT\r\naccept-ranges: bytes\r\netag: \"80988947f896d01:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 1234\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1234,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 17x18, components 3","md5":"d85e92d1301662d1b8583f86a10ef2f8","sha1":"6450ecab2a36959b7deddaa7ab6ca4820202ddd1","sha256":"7f491fc9c2a0618ebedf6e36d133ab1da727b01ae8676aba4c2d0cb6cc002af7","sha512":"b90bcbd818f2bf9bf4cee488fdbbec02d882efabbbd8b8f31223e5b03363f638f52f347bbd29f09be4bcbe7170c7cd1563ef70f7ea5d5d07053fbcd5d7d0adcc","ssdeep":"","tlshash":"592182fa8e1074a6ed2a0a38e36828ad321819435ce5490973679ac0eee798409e2126","first_seen":"2026-01-08T09:53:39.350769Z","last_seen":"2026-03-17T07:48:49.108634Z","times_seen":2,"resource_available":false,"data":null}},"time_used":587,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":587,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/jquery.leanModal.min.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.380Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/jquery.leanModal.min.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 20 May 2015 08:52:13 GMT\r\naccept-ranges: bytes\r\netag: \"80dcb143da92d01:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 656\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1861,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"702312f8535e1eae9780d7d0bee0440b","sha1":"9cb5cbabd037cca3b5cf5b3c4a745c424dfad619","sha256":"32b3ee0bcf3de91cf233bc6b3f4d80c6e1e6268a85952db39f5da0d26f5ac240","sha512":"43ffd4b67c5837d412d40d18916507c56249ab61ee91b587710ed79f207b5b1989e9c7e7b29fc9cfeb3226e7695020d93bfcc709c93c60db8e48456ad4b7c2a6","ssdeep":"","tlshash":"d9314c09faff2140a47fb35a2b2f99091671411b191dfe063e2c4fcb4f49628b096758","first_seen":"2025-10-20T16:53:46.554156Z","last_seen":"2026-03-17T07:48:49.152365Z","times_seen":4,"resource_available":true,"data":null}},"time_used":550,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":550,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/comment.js?v=1","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/comment.js?v=1 HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 27 Mar 2024 07:29:14 GMT\r\naccept-ranges: bytes\r\netag: \"041e6771880da1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-length: 4999\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21494,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"5818dbb185ffba95f1e6d1477db53b4f","sha1":"0e559e327386845717210c2470038a4461c94369","sha256":"96488788264d6133744543f778fcfe40ba683a85723f7df39a7bf3e0a6ed0a65","sha512":"14d87372bef12f0b3b72388de3627c1870bdb563a50c379c60ad7634ed3f9bc2154a782e3f18f21ccc0fe70c3773431c0a28527b7812087ac3a62a8db706d5f8","ssdeep":"384:uqbizUrgbYE4iK4amHLAR4QmvdaHbKyfJojegXmx2DDKqAZ3cj0HreQ1tP8MXESH:hb2UCYEh9rznv+1JojegXmxAWqAaapi2","tlshash":"94a251487cb52a514877317a9bbb0101efbe0b5f8841cb9cbded66802f71a446217fad","first_seen":"2026-01-08T09:53:39.359041Z","last_seen":"2026-03-17T07:48:49.145743Z","times_seen":3,"resource_available":true,"data":null}},"time_used":288,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":288,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/css/cui.css","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/css/cui.css HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\nlast-modified: Mon, 01 Aug 2016 06:17:23 GMT\r\naccept-ranges: bytes\r\netag: \"809bc45dbcebd11:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 1175\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3503,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"c0018d081684e7415cae185e2c676d9d","sha1":"dce6741f70cc393483b904f592bb9e2d8d684ff7","sha256":"bad8c451461169b50e7216d4da2c50d865fc2763ac88daa3a9449fe16eee3d1c","sha512":"36d7823370d90bf28804e914dd3c99a69f7642e2271f7928a6d040dd760600d990633f138de2b408a2cd41d3c2cc2cece80a576abeb13f2e4bc57116a9389e1a","ssdeep":"","tlshash":"1571eb534af52809b03ba62fecc2ab7a71109437d1736db7b625eb89c8fd5663640334","first_seen":"2025-10-06T14:54:36.87545Z","last_seen":"2026-04-16T01:23:16.746719Z","times_seen":11,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/lib.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/lib.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 28 Mar 2024 01:13:36 GMT\r\naccept-ranges: bytes\r\netag: \"0209e28ad80da1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 963\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1743,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"60f67ef5a7e43d9b2b32f6b47f7052bd","sha1":"c0124d98f17cf4aaae7767f6d4be4ea7825426f6","sha256":"1a25a979aff7d1df4887bd2dd4877847e6aa8926d027fd624a05328b95c4e1eb","sha512":"2236d32e8c894d2b4927c4438203609d3f31a914df69ca2df3f07c07fd66965fef9a2b729ade6f08cf6553f9b882fcbbdb1f0c501ce1da10ce6f1ae2b6bfdeb2","ssdeep":"","tlshash":"ca31ac6afb4c5e5a40e331ea013b9404ededa5158d1646a0f4be04f52fe54486f3bced","first_seen":"2024-05-20T23:08:36Z","last_seen":"2026-04-16T01:23:16.903551Z","times_seen":24,"resource_available":true,"data":null}},"time_used":561,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":561,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/logo-apk.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/logo-apk.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Sat, 23 May 2015 10:24:21 GMT\r\naccept-ranges: bytes\r\netag: \"80f8e0a14295d01:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 5585\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5585,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 72x49, components 3","md5":"2a3d8e0078951be7a840b6ba0219a478","sha1":"43bbff5e9e471586f8ac72ca4e95b62115d53e0c","sha256":"4d6667ae56a9e0dfde9c6eafd0258af97dcc2c0216eea043ed435da7f81e6690","sha512":"dc285c0a078a0247a1b76f9c7f1b197a2713fa057c5382647ff3404351513960671b94eb1dc7cd0942f2401b1197bc30e2e41df2d1a8a077d9c8ae9ec8489417","ssdeep":"96:AW6v54LCInwti04OiPuYGHsxTZj/xkL/vp8/ucOT75G7dDRPcjORZkIG+sv+:AW6SWZti04pOHgTZjGLJ3g5NcjORmIGI","tlshash":"1db19f09de489b075c31787765ee114fa00960999cf1a1ad23579134c973f2d45fdb1c","first_seen":"2026-01-08T09:53:39.364621Z","last_seen":"2026-03-21T21:38:54.199141Z","times_seen":3,"resource_available":false,"data":null}},"time_used":558,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":558,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0507/20200507030320871.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0507/20200507030320871.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 28374\r\nlast-modified: Thu, 07 May 2020 07:03:20 GMT\r\naccept-ranges: bytes\r\netag: \"92244973d24d61:0\"\r\nx-frame-options: SAMEORIGIN\r\nage: 76861\r\nx-ser: i34696_c4672, i2475963_c28821, i1935851_c23471, i1935945_c22759\r\nx-cache: HIT from i1935945_c22759(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28374,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"3af708c0cd9eb31ff0383463136bd5f6","sha1":"3a3445ee8f11647c39701db0923800cd128ffa53","sha256":"5c2dd3ecca803839f02a3ebfb0424178bdc6fc033b748655d50e90eec313529c","sha512":"ef89e6186f9cb2493591e7305058fe5e767d1b7b14733ff43a189129bcdb652f0cddd171cda2fb3a72d835380e4f4723659413876b508358b108f7fd43f6e803","ssdeep":"384:WjJsSJXujqPkYrkGTbMRDQ0gd5KwsSH9JvnRi/69wc06tRY6xIA4M0t0ePekAwMa:eIuMdT6HnRUYpjY6KfCSUJQPH+S1s56","tlshash":"dad2f246d2a8847ae65c2d3e0c832e5c6416e75dba372e253fb78f0c05d2c5025db797","first_seen":"2026-01-08T09:53:39.366581Z","last_seen":"2026-01-08T09:53:39.366581Z","times_seen":1,"resource_available":false,"data":null}},"time_used":389,"timings":{"blocked":287,"dns":0,"connect":0,"send":0,"wait":98,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0718/20220718095647293.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0718/20220718095647293.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 23223\r\nlast-modified: Mon, 18 Jul 2022 01:56:47 GMT\r\naccept-ranges: bytes\r\netag: \"8b6db4a3499ad81:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i32015_c12732, i2475923_c28821, i2315527_c28337, i1935893_c22759\r\nx-cache: HIT from i2475923_c28821(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23223,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"017effce5398b1cbf4a0628c0c1a405b","sha1":"d1086c47a4bd112392269ca76c1b6faed6efc5e9","sha256":"5c1cc409d9ca9fd70b98af0e33803e3b16292ce5ee5642417e0b0dcfdc0be2b5","sha512":"c055545a61a3301b3d4cafbf2e418ef597626817339f6d20e464ecde07535f15f54232af419d9ddeb56c3ad1e3a3b56574db83c4a71bea435e1a167e1c68d205","ssdeep":"384:qnhlVilbe9j/uRTbmB+ldf9Qj6JXzMECFZf0OC6RjOymR7oj731wganT8zyced94:qn0muRHO+lMQ98PRjOycsanIzyced9Ch","tlshash":"4aa2d0c1a8b98e64d75c65fc8cf05fc3970d8b9a638c610d045da866a4b30c59bbb42b","first_seen":"2026-01-08T09:53:39.369089Z","last_seen":"2026-01-08T09:53:39.369089Z","times_seen":1,"resource_available":false,"data":null}},"time_used":634,"timings":{"blocked":286,"dns":0,"connect":0,"send":0,"wait":347,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2018/0805/20180805041830898.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2018/0805/20180805041830898.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 13537\r\nlast-modified: Sun, 05 Aug 2018 08:18:30 GMT\r\naccept-ranges: bytes\r\netag: \"c092f0e4942cd41:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i91626_c21609, i2475927_c28821, i1940269_c22409, i1935893_c22759\r\nx-cache: HIT from i2475927_c28821(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13537,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"50cc56c0af0fed4f4724ed94eeba51bb","sha1":"c55b2a79accff87a86b1ea2799414d51e362ad71","sha256":"9a7e4f71cd9638a39e4a3e31c91fc8289b4271e8343a1a87423f5f47d5d7e3a9","sha512":"14132f87efba0b4aeb0f15adf06dc1c2dded87544bc03f68fefed8e9877d42506cdd0e8ec6997a3caf6801fa6af0fca8df705d9c8cc101e05b524857b4d82e32","ssdeep":"384:/VTmyjjPoeSk64EPJgledrn53/khGHnZX4I0Z1:NT1PPo8oKUhnyo5X4Z1","tlshash":"3352e0db9ea6098400be75b815483b26922e3bb3dafe11c21e0530037da5abd47fc4d2","first_seen":"2026-01-08T09:53:39.370295Z","last_seen":"2026-01-08T09:53:39.370295Z","times_seen":1,"resource_available":false,"data":null}},"time_used":525,"timings":{"blocked":286,"dns":0,"connect":0,"send":0,"wait":239,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/tongjig.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/tongjig.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 06 Apr 2024 03:57:01 GMT\r\naccept-ranges: bytes\r\netag: \"8024927ad687da1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 787\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1327,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (511), with CRLF line terminators","md5":"e010e2a24e8f6840183a24c4b2861670","sha1":"228453936a5d3d00a6aaac57ee9aa17c5e34a3bd","sha256":"43f11b364b7a96310090ba83e73fb7d97e2c300c45707b760485e708913ebf41","sha512":"0f9d947cbdbe8f5067d60daa635e8b3c1b5eef60be22ffc7cb4226c8037473d6b14f99d9dbaafe139b9b6136f1607aecbf4e4762e3a2c10c61dcfe197a38474d","ssdeep":"","tlshash":"6921fd5f280568382b9118b942bfe64cf5b6107c152bc007e4edc88a2c78fc5082a7cc","first_seen":"2025-10-06T14:54:36.35052Z","last_seen":"2026-04-16T01:23:16.762172Z","times_seen":11,"resource_available":false,"data":null}},"time_used":757,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":757,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/ipx.jpg","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/ipx.jpg HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/lib.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 20 May 2015 05:00:02 GMT\r\naccept-ranges: bytes\r\netag: \"0f52bd4b992d01:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 283\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":283,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 3x1, components 3","md5":"cacfd31eda571c277abdca253d9703b6","sha1":"581701ab62fc0eacd6f2c9b1c7199fe97c3cb633","sha256":"f834f8d721497b56708947eeae5003ec9244e6d61106e7b298f090ae7bf97765","sha512":"a3b8c4202e6cdc67e5254f9a8a3118aaae342543569535bf5030f64e519030e1d146611cffc998352e1e30c7025d7247dfa209d3ae91e63ef0d6c31c63ff2acb","ssdeep":"","tlshash":"ded092d33d0150d0dc370f380b50c71963072f0ea6104b0d00ab2440ecee2cb2651213","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-04-16T01:23:16.739092Z","times_seen":21,"resource_available":false,"data":null}},"time_used":483,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":483,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0705/20200705082844958.jpg","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0705/20200705082844958.jpg HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 33816\r\nlast-modified: Sun, 05 Jul 2020 00:28:44 GMT\r\naccept-ranges: bytes\r\netag: \"06703d6352d61:0\"\r\nx-ser: i27251_c14934, i2103129_c28197, i1940237_c22409, i1935889_c22759\r\nx-cache: HIT from i2103129_c28197(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33816,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 404x720, components 3","md5":"65821ffeb1f50e4c3c36e3312839d59d","sha1":"f9f90772f94ce10fae9a8ab18b9270dd2a1595b8","sha256":"910696342442a544468c6d68bab320ac652b97bce6d17ed5cfc8c69656681619","sha512":"040636a0270ccc9d1b23f65fd4001e2f1e975a05fcd36f30537480220e69d2c41afb64886896783fbb20bf72eb22a47a0ca380fb12acfcbc151bccc36010fdf3","ssdeep":"768:+pfcezz0wVzwkPRY4RVRVy0AUbRpT/yOHmRXYZjzHRBkT2l:efJRVzpYsPAUjNiYBdxl","tlshash":"d6e2be6b6d00cbc1096cc2f5ae121fd87e1823adf0ca27cf21352edb7b98296551d999","first_seen":"2026-01-08T09:53:39.38033Z","last_seen":"2026-01-08T09:53:39.38033Z","times_seen":1,"resource_available":false,"data":null}},"time_used":981,"timings":{"blocked":324,"dns":309,"connect":26,"send":0,"wait":257,"receive":1,"ssl":52},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2023/0208/20230208115602829.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2023/0208/20230208115602829.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 20287\r\nlast-modified: Wed, 08 Feb 2023 03:56:02 GMT\r\naccept-ranges: bytes\r\netag: \"42db342713bd91:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i31233_c6956, i2475937_c28821, i2315539_c28337, i1935889_c22759\r\nx-cache: HIT from i2475937_c28821(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20287,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"2954784dac780dc0ef98606be5d361cc","sha1":"3afffc014cca35adbc4fac38c48cdd0627ef1307","sha256":"33ad8f6897da89aae1848bb96a2fc344a476e42c8600343d8add80ad56e11f49","sha512":"46bec2d774d993d4d58222e1218eff4ab7cba8acf7654793e7522ac8da95e2d02bff98545cb5434027cf6915093bb8443894d9e49afc48e966371d3cf56470b9","ssdeep":"384:Q2JnagrtwNhypZiK/StF76yNPVgN1YHFA2tkWlsGASI/o:Q2nREheiaSP+yPs1Yl92es1po","tlshash":"f692d04f88d0a8f9fdd6823339d39328ab29b9bc4601818bd77737179c58795b9c3481","first_seen":"2024-05-20T23:08:37Z","last_seen":"2026-03-04T05:46:55.592622Z","times_seen":16,"resource_available":false,"data":null}},"time_used":552,"timings":{"blocked":273,"dns":0,"connect":0,"send":0,"wait":278,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/downfunction.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/downfunction.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 08 May 2025 06:57:13 GMT\r\naccept-ranges: bytes\r\netag: \"802a56de6bfdb1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 2977\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8394,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"86a7f3e3815fca6de583b5d685960dac","sha1":"bb207bce67af3d67fd82493ad0892da67ef36de2","sha256":"e57fdfdc26626e5c3191d5fc51fe5331801ebf8465d5b426c720a6cb5f0c98c0","sha512":"64ed4b97453d6287948eb100bf4a5962df9f2afa83ae13964b231be85a5a4f99f12d7e2e076dc667d22c0230557bcce562537b69cd92c9f859bf7f08cef0c6fc","ssdeep":"96:WF+bgX+wf+534eHr8dTJJW2m3gN7HDGj08XmHm5tLVpYk/IMRcB:WX7f+EV82mw2p5ZVpRItB","tlshash":"36021166b69a2a5c84ff20b3073e7044df0e90671240cfa4f5bd5da52ff52887622d6e","first_seen":"2026-01-08T09:53:39.390172Z","last_seen":"2026-03-17T07:48:49.115248Z","times_seen":2,"resource_available":true,"data":null}},"time_used":765,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":765,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/images/mo-abg2.png","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/images/mo-abg2.png HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/statics/css/mobile.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Wed, 20 May 2015 06:48:24 GMT\r\naccept-ranges: bytes\r\netag: \"06caaf7c892d01:0\"\r\nvary: Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 1195\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1195,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced","md5":"5fc636c4fef1700bec08049cc962412c","sha1":"3d747d31090b3d38bb33d3a04db9d53ad3946243","sha256":"6f176026d3f5432099ef5a17c2cf4b66bec30e7d71e98b24e8d9e3099204439c","sha512":"ef0e71ab5f1442d37777e1adc2bd20a7cfae26fd298e41fd3bc76133748af9bcfd00aa2349765163f1b57cd11e4eedf8d349509f3ca637ac15f237ba9aa08731","ssdeep":"","tlshash":"19217746ec80b842518ad87514f704a3475344c09fd0d1ba6dcdce0bdc682e9cc1b6db","first_seen":"2026-01-08T09:53:39.39111Z","last_seen":"2026-03-17T07:48:49.225782Z","times_seen":2,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":292,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/css/mobile.css","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/css/mobile.css HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-encoding: gzip\r\nlast-modified: Thu, 08 May 2025 06:45:16 GMT\r\naccept-ranges: bytes\r\netag: \"0a6a7c1e4bfdb1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 7927\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26721,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"b1a130f51cf961543d2e07d5d5d52763","sha1":"f7fc190dfce4205434a657826cd32a596ec9628b","sha256":"1c336444c1b5485e3b651f57b6803dd707948d5154277243cc8eb7fc234c085e","sha512":"746373c5ae31d1eed56e0aa4bc3de8aa3ba49cc1048312157f3b6f3b8f1f267660178a2bbdffd9be4c57fa46a90fbb36953cbe2d316d9ba531810a4e114a84ae","ssdeep":"384:3rafRYca18pzja6irPoIZPyLbvZbMJxnblFrwc:7afRYctLLZbMJxnblb","tlshash":"b1c27169d712208bb27b96e5ff22178bde0680435702866cbfd43254efba46d5532fc8","first_seen":"2026-01-08T09:53:39.392568Z","last_seen":"2026-04-16T01:23:16.893744Z","times_seen":4,"resource_available":false,"data":null}},"time_used":573,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":573,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2020/0705/20200705082712516.jpg","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.513Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2020/0705/20200705082712516.jpg HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:52 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 26338\r\nlast-modified: Sun, 05 Jul 2020 00:27:12 GMT\r\naccept-ranges: bytes\r\netag: \"0f09966352d61:0\"\r\nx-ser: i64574_c23633, i2103123_c28197, i2315675_c28337, i1935921_c22759\r\nx-cache: HIT from i2103123_c28197(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26338,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.00, resolution (DPI), density 96x96, segment length 16, comment: \"LEAD Technologies Inc. V1.01\", baseline, precision 8, 280x500, components 3","md5":"347bd0ed011ba47c06f3e923326f637e","sha1":"3f42b9a4981996387181ba8e95d1519789bc7819","sha256":"7987c079912d5ae94d4761b8c3d24ead8980ab6d9a04933a0a5e8fadae2c57b6","sha512":"e5055d350141fd9b6b8b5b325376ae86c7ad5000cb628dddd7fbef16b6697ccda4855190c18685360312d5d2036d6e8b9e83cbeb2b6fe777691e1e4ef98020e2","ssdeep":"768:A+ZqJqTebRjl3LTSYGSosR+MtSLSMMdEq:vZHTwRx3+SN09q","tlshash":"25c2c07feaf3a2f4231f531ca94fac12a64254d761e7e5c404c4ad6adb14e0fa10672e","first_seen":"2026-01-08T09:53:39.39422Z","last_seen":"2026-01-08T09:53:39.39422Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1001,"timings":{"blocked":331,"dns":314,"connect":26,"send":0,"wait":266,"receive":1,"ssl":54},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2016/0402/20160402091308329.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2016/0402/20160402091308329.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 8206\r\nlast-modified: Sat, 02 Apr 2016 01:13:08 GMT\r\naccept-ranges: bytes\r\netag: \"10b811d17c8cd11:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i27257_c14934, i2103119_c28197, i1940245_c22409, i1935949_c22759\r\nx-cache: HIT from i1940245_c22409(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8206,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"1e429057b10ed0ee0a7500cd22139990","sha1":"100275eff0b2c72795145b971aa643368861775a","sha256":"f128be6b6e52ea7098b9adc6fc78960f93e7b444ae7e3dca1d1652d6d9c55bd9","sha512":"45689cef3e1b130e234f8d746cfcad07fb9e5bb44e13224f0318a7eed4eae4744a45b723e650e92145c9b4a575b24690f251ff4160e8be65323ba84bc7abfb77","ssdeep":"192:mXru5Nr4mXlF7nB1FldSGwGSKNzpYOVrqC2:Uru5Nr1Fd1Q893Rn2","tlshash":"df02b06f3d26fa606be0e921f56f173801c1dad8cd74e42c403ea165c52afd0926b481","first_seen":"2026-01-08T09:53:39.395818Z","last_seen":"2026-01-08T09:53:39.395818Z","times_seen":1,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":289,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/common_comment.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.536Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/common_comment.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Tue, 19 Sep 2023 09:19:42 GMT\r\naccept-ranges: bytes\r\netag: \"04b26cdaead91:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 716\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":973,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"ab4e2ac20317e1a8e7bf2ba6435ee13a","sha1":"3b2fb25d47977b9a4eb716d1b23f86abc614a882","sha256":"208eb3b63c9031af5791b166d9ca889a0af1487039954242d4b8831ba59a35bb","sha512":"7a21e9403cca73587dc666bb515b1591da2fdd48928fccccfcfc2d1b0451815be59624529026812c77207640bb4f930e6d8ef158927dd58f9e30d74429966d9a","ssdeep":"","tlshash":"d811eb8dc2a20d0099f2015e0b6795d877231f50542297cfbdaff8e82710e18a873bac","first_seen":"2026-01-08T09:53:39.396954Z","last_seen":"2026-03-17T07:48:49.221373Z","times_seen":3,"resource_available":true,"data":null}},"time_used":537,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":537,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pic.downxia.com/upload/2022/0823/20220823095622760.png","fqdn":"pic.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"156.225.108.42","port":443,"asn":139057,"as":"LEGEND DYNASTY PTE. LTD.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /upload/2022/0823/20220823095622760.png HTTP/1.1\r\nHost: pic.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 10175\r\nlast-modified: Tue, 23 Aug 2022 01:56:22 GMT\r\naccept-ranges: bytes\r\netag: \"29bf778b93b6d81:0\"\r\nx-frame-options: SAMEORIGIN\r\nx-ser: i31227_c6956, i2103119_c28197, i1940245_c22409, i1935921_c22759\r\nx-cache: HIT from i1940245_c22409(cloudsvr)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10175,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"2b5ecdc7d28ad2e8a9242b37561eb940","sha1":"f8c32d8d74d55fdfd548392069417e3a14f22115","sha256":"ab50b7e11d538522a808093f1e69175881458e406f2a513120137a41520f5621","sha512":"6a9adecf03ddbc6ff276ae055fd42e253bd9b17a8e10db24c50fc5fbb1cf6dd19cf5a200bda7e9fe28abd7cf24a4f283502bcc9b9c7aac42b3a6ed9533a3baea","ssdeep":"192:U62++Jc902WnaeDsNIPpdOMHIPVNMMxx2nXPxyERlNuDegtZhtXZ3vaJo:U6K2WGGpEMmg/xyERmDeg3htXZiJo","tlshash":"e722c0f77cb63088d82647db87fce3a88215df43de478418a45d65250b6e3a4a1c7e68","first_seen":"2024-08-19T22:20:45.372774Z","last_seen":"2026-01-08T09:53:39.398137Z","times_seen":7,"resource_available":false,"data":null}},"time_used":405,"timings":{"blocked":291,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"pic.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?7df4e92a4f5f9f13779b08e96680a342","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.352Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?7df4e92a4f5f9f13779b08e96680a342 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.downxia.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11296\r\nContent-Type: application/javascript\r\nDate: Thu, 08 Jan 2026 09:52:53 GMT\r\nEtag: c8e8d1ed3f361e6c37fdccaf82d114e4\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=597497A30564D2A0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29902,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (626)","md5":"ef27548480c4ac9b03891524b9634daa","sha1":"8caa33d92c0817f4eb214c87311ddebc85986e7a","sha256":"7cd1b4a0ebdcf89ccdf0e3d183e240544893b2652ceb15153ca269be4d9bf243","sha512":"2281053a0e6de340627b55b9a2fdb72b63359f30e2c79e10a5fff9de1eced24a11b3d31e5890a52b844ff5849228874c45247be6a327c8b6b67fcd102b5b89cb","ssdeep":"384:DNJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:DN4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"45d2c9e9b282713293a324a5153f324af17b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2026-01-08T09:53:39.399404Z","last_seen":"2026-01-08T09:53:39.399404Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1845,"timings":{"blocked":766,"dns":8,"connect":247,"send":0,"wait":311,"receive":1,"ssl":509},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lupic.cdn.bcebos.com/20210629/13522649_14.jpg","fqdn":"lupic.cdn.bcebos.com","domain":"bcebos.com","tld":"com"},"ip":{"addr":"171.109.97.35","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pos.baidu.com/ccom?conwid=300\u0026conhei=250\u0026rdid=2218020\u0026dc=3\u0026di=u2218020\u0026s1=3833091155\u0026s2=3759731100\u0026dri=0\u0026dis=0\u0026dai=1\u0026ps=194x940\u0026enu=encoding\u0026exps=110277,110275,110261,110252,110011\u0026ant=0\u0026psi=00f11fde6a6536f0\u0026dcb=___adblockplus_\u0026dtm=HTML_POST\u0026dvi=0.0\u0026dci=-1\u0026dpt=none\u0026tpr=1767865975166\u0026ti=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD%7C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%20V3.0.2%20%E5%AE%89%E5%8D%93%E7%89%88%E4%B8%8B%E8%BD%BD_%E5%BD%93%E4%B8%8B%E8%BD%AF%E4%BB%B6%E5%9B%AD\u0026ari=2\u0026ver=0620\u0026vc=%E6%B8%B8%E6%88%8F%E6%94%BB%E7%95%A5app\u0026kws=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%2C%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%903.0.2%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BD\u0026dps=%E5%A4%9A%E7%8E%A9%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E7%9B%92%E5%AD%90%E6%98%AF%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Minecraft%20PE%E7%9A%84%E5%AE%8C%E7%BE%8E%E7%BC%96%E8%BE%91%E5%99%A8%EF%BC%8C%E6%98%AF%E7%9B%AE%E5%89%8D%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C%E5%8A%9F%E8%83%BD%E5%BC%BA%E5%A4%A7%E7%9A%84%E6%B8%B8%E6%88%8F%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7%E4%B9%8B%E4%B8%80%EF%BC%81%E5%AE%83%E9%9B%86%E6%88%90%E4%BA%86%E6%88%91%E7%9A%84%E4%B8%96\u0026dbv=0\u0026drs=3\u0026pcs=1280x1024\u0026pss=1280x3755\u0026cfv=0\u0026cpl=5\u0026chi=2\u0026cce=true\u0026cec=UTF-8\u0026tlm=1763319943\u0026prot=2\u0026rw=1024\u0026ltu=https%3A%2F%2Fwww.downxia.com%2Fdowninfo%2F302239.html\u0026ecd=1\u0026dft=0\u0026uc=1280x1024\u0026pis=-1x-1\u0026sr=1280x1024\u0026tcn=1767865975\u0026qn=f437b62e1d0429d9\u0026ft=1","date":"2026-01-08T09:52:59.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.a.bdydns.com","organization":"北京百度网讯科技有限公司"},"issuer":{"commonName":"sslTrus (RSA) OV CA","organization":"sslTrus"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B0:A6:2D:34:BD:DD:55:41:21:71:78:8B:43:8A:7A:51:22:5C:31:C9","sha256":"10:61:DB:D4:46:80:6A:CD:63:18:ED:40:2F:F0:02:9E:CD:37:4C:88:54:E6:A9:CF:03:50:63:B3:B1:23:63:11"}}},"request":{"raw":"GET /20210629/13522649_14.jpg HTTP/1.1\r\nHost: lupic.cdn.bcebos.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pos.baidu.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 08 Jan 2026 09:53:02 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 24862\r\nexpires: Sun, 11 Jan 2026 08:33:33 GMT\r\nlast-modified: Sat, 03 Jul 2021 08:02:34 GMT\r\netag: \"0e8080773d0bed28e77e70fc77b18196\"\r\nage: 4769\r\naccept-ranges: bytes\r\ncontent-md5: DoCAdz0L7SjnfnD8d7GBlg==\r\nx-bce-content-crc32: 0\r\nx-bce-content-crc32c: 0\r\nx-bce-debug-id: f2DTG4ifw4fwbGYfXt7ApMwJ0nXRxLXD8GtJVu4aGx+0UyhORNA6LvwnRgIUZA+leNsk2sByD9mOH+skUKV3yQ==\r\nx-bce-flow-control-type: -1\r\nx-bce-is-transition: false\r\nx-bce-request-id: ebc45112-6022-487d-a6df-dc25a0f37134\r\nx-bce-storage-class: STANDARD\r\nohc-global-saved-time: Thu, 08 Jan 2026 08:33:33 GMT\r\nohc-cache-hit: nn9ct93 [2], fzix93 [4]\r\nohc-file-size: 24862\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24862,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 279x199, components 3","md5":"0e8080773d0bed28e77e70fc77b18196","sha1":"bab9ee7cb7a86dc4fefa94530fefc3620d761ec8","sha256":"3ef503b40c1e774918e4129e61f0af33450cc3ea3b167641455114c32e0400fc","sha512":"10860d7e75206378d5aae86e2a7f57c79a4105996f7f02eb1387f90b897ea8f4b273bfd2a45ac17846b1c8cdd4375d27242bfcef5a3c6c59f361a128a9a56621","ssdeep":"768:sSyjHAqRRaqaNCITbBj1lYzuptLmAZT5LzwNehekk5:sNv/a3C0hC25LR8","tlshash":"01b2e0b2ebc45c4d946d2c7896a29c7685fd4cfbb4ade71410cc2c1479b226c8b3a3d8","first_seen":"2025-10-08T19:58:06.778331Z","last_seen":"2026-04-17T14:55:17.010341Z","times_seen":20,"resource_available":false,"data":null}},"time_used":6753,"timings":{"blocked":2968,"dns":1744,"connect":527,"send":0,"wait":688,"receive":124,"ssl":699},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/statics/js/dxcommon.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /statics/js/dxcommon.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Tue, 04 Mar 2025 04:53:34 GMT\r\naccept-ranges: bytes\r\netag: \"0db1962c18cdb1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:50 GMT\r\ncontent-length: 14609\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":57712,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1739), with CRLF, NEL line terminators","md5":"02550b90c0b2f9f91c278d550e5c8a85","sha1":"8e7e99b96818cdb48a2ae143fe2ec71d8a90e993","sha256":"1bac170aa2e98eaf52f98bad0bd9ba87b0afe3fe3db1afddf142026e959829ff","sha512":"628c2228435515aacbd1278eb55b06dea095500c2fd750b3ab0dfbe4e97ad363890c116845f0b2cc2cb33ae897fb504dd2dd7c19337b4c55046be4b3ec48586c","ssdeep":"768:z4TfhOObsvb3RHYtH4jPonRgoILYxrTxOJOw5fvNGJdJ/n:sbhOObYRQnyoILYPNwBNGfB","tlshash":"f8430a0ab2484b5aa2f221721b3f4502fd3b44bb45568b44fd7c45ed3fb06187926eaf","first_seen":"2026-01-08T09:53:39.402731Z","last_seen":"2026-03-17T07:48:49.16172Z","times_seen":3,"resource_available":false,"data":null}},"time_used":769,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":768,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.downxia.com/dgjs/download_az.js","fqdn":"www.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"122.228.226.76","port":443,"asn":134771,"as":"WENZHOU, ZHEJIANG Province, P.R.China.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:51.580Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /dgjs/download_az.js HTTP/1.1\r\nHost: www.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nlast-modified: Sun, 15 Dec 2024 10:22:49 GMT\r\naccept-ranges: bytes\r\netag: \"80625d4adb4edb1:0\"\r\nvary: Accept-Encoding,Accept-Encoding\r\ndate: Thu, 08 Jan 2026 09:52:51 GMT\r\ncontent-length: 2159\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5485,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (315), with CRLF line terminators","md5":"00b7592bf0e4d255fcd6dff723b1b5ab","sha1":"b354d9234097f4b84d2010e65869536dee941fe9","sha256":"68e3041feab883074f827c2aff86b07947d4826f976617129f31cace93a22703","sha512":"2afa82c3b1af174acf8f0de48e1e44102199f4f44da7e8ab42a788373caa725a208258c624028710db06e6c0970cfd122ded91f337fdcdd78eb92fd66e5e6afc","ssdeep":"96:2Fy1nrNHfA+FKjsjhsuV8MdzNoymHBKISO80KHhKnQVAah75kKQVAXAJlU0PZK4X:51nrN4+FssdsuSMfb0InPpBKQVAdRVAS","tlshash":"b0b1c586bc124769f36032b01a3f8019b8b646732c65c944b97c58c47fb1ebd28f9d9e","first_seen":"2026-01-08T09:53:39.405305Z","last_seen":"2026-03-17T07:48:49.165353Z","times_seen":2,"resource_available":true,"data":null}},"time_used":759,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":759,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"www.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.downxia.com/index.php?m=content\u0026c=content_ajax\u0026a=getzan\u0026ruo=true\u0026id=302239\u0026modelid=2","fqdn":"api.downxia.com","domain":"downxia.com","tld":"com"},"ip":{"addr":"138.113.181.188","port":443,"asn":54994,"as":"ML-1432-54994","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.downxia.com/downinfo/302239.html","date":"2026-01-08T09:52:52.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.downxia.com","organization":""},"issuer":{"commonName":"Certum DV TLS G2 R39 CA","organization":"Asseco Data Systems S.A."},"validity":{"start":"Tue, 30 Sep 2025 03:08:40 GMT","end":"Fri, 30 Oct 2026 03:08:39 GMT"},"fingerprint":{"sha1":"A2:5F:BA:88:AC:84:6A:1D:0C:00:4E:92:FF:C1:B9:5D:43:5C:DB:86","sha256":"EA:22:1A:BB:90:95:33:AD:C9:9F:A8:ED:B7:6D:B5:D5:50:1E:52:F5:0A:CF:33:98:B2:14:6E:1F:8E:29:18:A5"}}},"request":{"raw":"GET /index.php?m=content\u0026c=content_ajax\u0026a=getzan\u0026ruo=true\u0026id=302239\u0026modelid=2 HTTP/1.1\r\nHost: api.downxia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.downxia.com/downinfo/302239.html\r\nOrigin: https://www.downxia.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 08 Jan 2026 09:52:53 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 61\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: https://www.downxia.com\r\nx-via: 1.1 PS-ARN-01C8L93:10 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 695f7e74_PS-ARN-01C8L93_6540-5923\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":49,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"9036eeb24a6038eca99436281eec2238","sha1":"2fb33e06dd734ee61fea4b9ea7f075050d94c0ad","sha256":"ed5cc5f4ece7d9cab8c71b08495d209e1af610a28536950ecd4dfa507f02d1c2","sha512":"6afceda5543def8b2f89f880a8db3e9e544a247e4387adeaed22d120b373a45511c88bdd1e7167acc3337089eee4d666e3c7c10b9a228bafbef5660425bde691","ssdeep":"","tlshash":"fc90040135130051dc135551f0357f303d5c4133c001130fd4cc400447d030571c304f","first_seen":"2026-01-08T09:53:39.407052Z","last_seen":"2026-01-08T09:53:39.407052Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1407,"timings":{"blocked":133,"dns":82,"connect":20,"send":0,"wait":1141,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-08","alert":"Sinkholed","trigger":"api.downxia.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}}]}