{"report_id":"bed0afa9-03ad-4d7c-bafb-c1f726ecf1de","version":6,"status":"done","tags":[],"date":"2026-05-30T02:31:35Z","url":{"schema":"https","addr":"m.bangauto.net/","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":0,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"final":{"url":{"schema":"https","addr":"m.bangauto.net/","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"title":"Trust钱包app官网下载-币安(Trust Wallet)官方网站|你的通用数字货币钱包","dom":{"size":17312,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (443)","md5":"b16aad6b64e9b75a88d3ad3da54165e2","sha1":"23b40c0cf30f568e34481bb6c1a1668deb75ac9e","sha256":"842b5a0126ede75cf191d209a48560d7fcb2f78874e519af5dc688beb5f7559d","sha512":"50ed4ec720fc7ef9fa4f800673bb7ecb87ae2f2395af0af185a5d2abf1eb400b78d4674474f3041b952164e34a2c77c3e4d01e820e69ba74e275780df931ee37","ssdeep":"384:OKDGGCtOHxtm/EqIwt7EwtMMRwtDkiwtOAX/VeixtvDmc1tOowPhhBtXxoAySgpQ:3GGF6XwxIdRm","tlshash":"0b72635245eecdab121316aba164627db06fcd72ea23c8e2f7ff059543e1c18a52a053","dom_hash":"domhashbe94cc9f644c58285266ccae617719d1","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"m.bangauto.net/","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":0,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-04T02:31:35Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"m.bangauto.net","ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"domain_registered":"2018-06-11","domain_rank":0,"first_seen":"2026-05-10T23:42:38.272069Z","last_seen":"2026-05-30T02:24:00.80398Z","alert_count":168,"request_count":42,"received_data":1277875,"sent_data":22683,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:1.11.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/js/detect.js","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"introduction_type":"scriptElement","is_inline":false,"md5":"14cdcfb70d47d0d596aa51ebc6de4eeb","sha1":"c17d25de9624e1b75b6e3ed05344fd81e27a7b2c","sha256":"b3e7c4c9958e9107c1a45637b7b85a46a26c4b1d8a01c9e97afdfee018bcbb14","sha512":"73ef7306b787ff95e26d79785bdf6c99a5194c9f5ca8d2f68158081fbfd6693e2cc01b2f337f5cc2eaec81860d86fbe67233dca0f1f5466ca1e27060f7c04a58","ssdeep":"384:w9BDlDCxFFQhAYqWs0p3QBHenPvE2SA80DlA7Mu2R:w9YcjqWsSABHePfjDDlA7y","tlshash":"1f134b5439fa25c3959bf05d122e1e13722609ab8ecffd58770d206a3f5c46e92b43ac","size":43808,"data":"","first_seen":"2026-05-10T23:42:41.261004Z","last_seen":"2026-05-30T02:31:36.751032Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"introduction_type":"scriptElement","is_inline":true,"md5":"22f564b7929a36219d3f587601395419","sha1":"df650a570fa4123b36adfb37f298d9aac934b055","sha256":"476ab840d3f5fbf0cb1d850791d7706b7176e0bf9c86261cdf47c9187771aa11","sha512":"1df2f666ea83dfc51d6b0a99d67aa511338ee7f5a4e18220ddd8a79cf73bb648c961288dd6bfe66aa661ecc5962b92aed9f61cc271b0b496b6cbcfca4a3c3714","ssdeep":"384:OKAGGCtOlxrm/ExIwtAEwtMnRwtYkiwtOAX/ue5xtYMm31tOommzGwvUxojhSopt:MGGBQXMZVv","tlshash":"2462226141eecdbf121322aba164627db46fce72e923c8d7f2f7059843e5c19a61a053","size":14576,"data":"","first_seen":"2026-05-10T23:42:41.292019Z","last_seen":"2026-05-30T02:31:36.769004Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/js/runtime.js","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"introduction_type":"scriptElement","is_inline":false,"md5":"cac6147a47397ed0350dbd4876e12a04","sha1":"86b8f611977df12af85ce70b41fdfe27185ad83b","sha256":"4523f77752a4b515ec214b473766ce115e8816cf15ffba146a12bcb3ee613d44","sha512":"cc2ff406ea69acb6812bf39b402a9c3ec6c659758174307a8194a0495176274798571ac9991680ccaa194ce64da4ad045503c353cd12769ac2aa1e00b4914cf7","ssdeep":"","tlshash":"b251554a3de265a4a213f43c462fa405f168481709a9fc507f0ca274bf2643d5bf8bda","size":2681,"data":"","first_seen":"2026-05-10T23:42:41.282084Z","last_seen":"2026-05-30T02:31:36.75217Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/js/down.js","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"introduction_type":"scriptElement","is_inline":false,"md5":"b523bb5e20d52c01bb123d62c686e4f8","sha1":"904f140a43374bf3960bbe2e1875e2a5ae57b52e","sha256":"243f94c24173eab1548fdc4c548e782c86ffe4f51c1b95f13b2411b2b88e7c77","sha512":"2c18e9519e0337832ae55bc951e9da93e71fb1ba5a0959e0db0c23f3be7021e188aebfcdec69b94da236177f869fa344b87b6984f5ccfdc681042bc6caac3b16","ssdeep":"","tlshash":"3701fe67d4f169270a63d064203f8d0d6062b9c3d805fc1a362ca2964fdc5182355567","size":703,"data":"","first_seen":"2026-05-10T23:42:41.286857Z","last_seen":"2026-05-30T02:31:36.749763Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/js/jquery-1.11.0.min.js","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"introduction_type":"scriptElement","is_inline":false,"md5":"09c6ff31308ecc58223c55d7b13990e2","sha1":"9edb3b66426c17c92708a6ae8d6c826d2d595cd4","sha256":"f78642193f0b12fbd42987c9744f19a98329fbe3c2ae222425e99b2d6e6a4080","sha512":"a8490f233da49ccf9c12bc3e5abf1d004717cabff85160a26bfb54e4acedbe67d252a8efab9842592c296a1e6375ed8528b4b5eb8f74f9053c4fce94d21e9093","ssdeep":"1536:UdKmW8Bs+myLiC5/e2bHHMgMrcIrf/vpuYjcXoEVpTbbmI7mB6cj+AfJldG6k9LG:iAggnv407D7A3AIFZgIgnOvmrUf6wY","tlshash":"4c04528ab6e624359713f03d8d7fd804b176485b2e9cec59780c91a41f5843c9afafe8","size":173953,"data":"","first_seen":"2026-05-10T23:42:41.270848Z","last_seen":"2026-05-30T02:31:36.71409Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/js/jbox.all.js","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"introduction_type":"scriptElement","is_inline":false,"md5":"81d8eae8e5feff498e37ad95e6030b8a","sha1":"43cfcc15d38880af5e962fbf15d621d57df23836","sha256":"5cb8c1973f397ed22409e0aedffef29ddba57c5d3a6bf737ebd724ec9ce9a9d2","sha512":"23d9c2375ee53525b791de2b86549b0a309a31dcd1b8b22368cbab43770f906e3e63ae1fce78af5b48012f49f863933bfa408ddc58d10fa4748aef28138ff396","ssdeep":"1536:5xP33iBqYIHLEF3CB//qbsEFiTNmMOBOjZhYY9:jqMOohYY9","tlshash":"cc83405d66ba2315c1b371e96eaf810e6132852b6906dc1c3d6c83d99fc603892f3fb5","size":85961,"data":"","first_seen":"2026-05-10T23:42:41.286005Z","last_seen":"2026-05-30T02:31:36.741308Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/js/image-defer.min.js","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"introduction_type":"scriptElement","is_inline":false,"md5":"5ae3e0cf0eb29bf182eeb15e19c31de9","sha1":"5321e505693e9e6b876eff12eafbca4485ff4c5f","sha256":"14882d6a179f25a285d7a16f089d88f5462888cb52c312b06da13d27c6d2e0ef","sha512":"cca6fc340f455abfead37e01c306fc946fc4d6f10759947bcbd78d2449cae8220a852ab46a857a50a0d453b5b14882d7deee40ac8b98d5532bee56aa5c9aaf71","ssdeep":"384:bDBWjWQJbCelpqrU4DFLQ5noFiCyIp9A7:bDBWjWWbC8ztoFi9IpC7","tlshash":"7d42da1f1af72122a4ab71385f5f520c323190072a4ace887d0da7e9df54a3946f4fb9","size":12484,"data":"","first_seen":"2026-05-10T23:42:41.284597Z","last_seen":"2026-05-30T02:31:36.710806Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/js/101370356.js","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"introduction_type":"scriptElement","is_inline":false,"md5":"fea8f1bfbe03fee455d8692b7a1157b2","sha1":"0e70f96cc2609ed4da4f0d24480d90db7f2896b5","sha256":"544958e271423103827487f74cd7bd16f3de8c8a63698e3a3e3535ab4f0f260e","sha512":"9a4753bf36b013d962a192fdd3522f60b91ad60b705e6ab2408eaf60b3f890fc592502996c7dfd3b4ccc9de4141bd3438c22ef76ffcfa6777dafb4795cbea9b2","ssdeep":"192:qaVZ3y2yNIpYS+iSCiCiC0LryYD2CCy1ts6B5gYFysyYgCylZYnZyymoMHabdiCm:gFg565MNiH2LnQfpQ/HA5/bs","tlshash":"cbb20c582abb106565133c390b6fa026733fd11346aecd047b6c8354afa4539daf9fb4","size":25200,"data":"","first_seen":"2026-05-10T23:42:41.283709Z","last_seen":"2026-05-30T02:31:36.768411Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/css/jbox.all.css","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/css/jbox.all.css HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:04 GMT\r\ncontent-type: text/css\r\ncontent-length: 3620\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 06:33:16 GMT\r\netag: \"4067-6130c40164300-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16487,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (16487), with no line terminators","md5":"04025613bfc8c649849921296a8fec70","sha1":"8e228886bc781c2e493c8e80d66b74c0f44182a6","sha256":"8812520e79b32f14344c28f84ff620d2cc30f7f784a32bdb8c12610ed7a2d9bb","sha512":"25a1d5cff192611c22d67a2354b60cb4ce87a8d95d56b2942151e38b2551fd0700a0a84cf0c3bf17d1a56657528601e7281e7ee19dbd139628c74549fec3b974","ssdeep":"192:P7mRvf6VNMgtLt5A6srSh+JaDiREnjz6TLW5pQcfX49W/Rg2SobgS5M9jLuw4:PKhAMgth//h+JakEje/2UW","tlshash":"f2724fab9b1f205d7263d3e660c17b892856c443b2631c6bf3bde0d2cae64e494b9341","first_seen":"2025-12-09T15:33:57.093464Z","last_seen":"2026-05-30T02:31:36.709965Z","times_seen":23,"resource_available":false,"data":null}},"time_used":578,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":578,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/js/image-defer.min.js","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/js/image-defer.min.js HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:04 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 3002\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 06:35:06 GMT\r\netag: \"30c4-6130c46a4ba80-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12484,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"5ae3e0cf0eb29bf182eeb15e19c31de9","sha1":"5321e505693e9e6b876eff12eafbca4485ff4c5f","sha256":"14882d6a179f25a285d7a16f089d88f5462888cb52c312b06da13d27c6d2e0ef","sha512":"cca6fc340f455abfead37e01c306fc946fc4d6f10759947bcbd78d2449cae8220a852ab46a857a50a0d453b5b14882d7deee40ac8b98d5532bee56aa5c9aaf71","ssdeep":"384:bDBWjWQJbCelpqrU4DFLQ5noFiCyIp9A7:bDBWjWWbC8ztoFi9IpC7","tlshash":"7d42da1f1af72122a4ab71385f5f520c323190072a4ace887d0da7e9df54a3946f4fb9","first_seen":"2026-05-10T23:42:41.284597Z","last_seen":"2026-05-30T02:31:36.710806Z","times_seen":3,"resource_available":true,"data":null}},"time_used":577,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":577,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/iconmonstr-user-7.svg","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/iconmonstr-user-7.svg HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:04 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 338\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:29:41 GMT\r\netag: \"1f2-6130d09d94340-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":498,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"dd545a19dde2e1f0484a4532c0f1deff","sha1":"623b024ff20985a31f0153725510acc3f51d96d3","sha256":"628992d7eb3a725ba972006f702b2984a2467709ea95bccb8a7fd79075d1e1da","sha512":"0bfaed149fe1b8a1e7ce66ee648b680316a554d90a03b80fc41bc074d4a9f48e972d7e850bc68400da82f13059c7b2ff23b3095c3038f70bf66a1e26bd150863","ssdeep":"","tlshash":"42f09ef84f98647c2dd3cc6c7b396c76e61c28f416954485b68de0206557a99d406a40","first_seen":"2024-08-19T20:50:36.170267Z","last_seen":"2026-05-30T02:31:36.711922Z","times_seen":65,"resource_available":false,"data":null}},"time_used":667,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":667,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/app-store-badge2.png-v3.png","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/app-store-badge2.png-v3.png HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 7834\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:37:38 GMT\r\netag: \"1e9a-6130d2647b480\"\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7834,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 240 x 80, 8-bit/color RGBA, non-interlaced","md5":"f593f0b2de05ad076743e3b51ed6c015","sha1":"2e8912f58289a8906e27ff6376c996a69d0b76f4","sha256":"cc4d0a85bcb684c04051f64782dc2dbef34e8fb913f425828581f670343fe201","sha512":"76524aac12ef6471a22e3d5c42d14a8cec50076e75d462aad0ab9335e65a0a1eef944c331090749887740e76bb421e1c60e417742f5610c25e5fa19ed5efb223","ssdeep":"192:GRXhQmNXT+7ZZ32MxT9qaHMVcHdDO/10HS2NHO:GUm9TqZRBx5qLVc9DO2yYO","tlshash":"b1f19d8a76eafd9af954e1ed0f0afe4859fdcc403d6481224b029cd2aeb50a1111e5e2","first_seen":"2023-09-19T00:36:34Z","last_seen":"2026-05-30T02:31:36.712651Z","times_seen":74,"resource_available":false,"data":null}},"time_used":1480,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1026,"receive":454,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/upgrade-top.png-v3.png","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/upgrade-top.png-v3.png HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 7021\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:41:00 GMT\r\netag: \"1b6d-6130d3251fb00\"\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7021,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1793 x 198, 8-bit colormap, non-interlaced","md5":"a7f3571d84875739f17f90d871758d31","sha1":"08aba808007b718c4fcd928b846f9ff02abac220","sha256":"ff2ffdeab43da636a3c1adbbd195c760da36286c706768a7e2fda98634a78443","sha512":"65072f089921c2e8e1747a852b4570c45015ce66c2f4bb12f03cf85f7f7aaa5459cbe847fe2373e4508057f14064ebb55c70be1490e87a0c4c495655520b2794","ssdeep":"192:bgSaqhc+/++JHLENXSl/JbC9H+vhMV5l0+Be++BnRsuhGU34:1Nc+m+JI2NcHrVvbBQniu8Uo","tlshash":"84e19f9d786d452dd40e6a608227d32d6df90dd6883ed71d7459002f9be9f2313b8638","first_seen":"2024-08-19T20:50:36.181709Z","last_seen":"2026-05-30T02:31:36.713476Z","times_seen":68,"resource_available":false,"data":null}},"time_used":1503,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1503,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/js/jquery-1.11.0.min.js","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/js/jquery-1.11.0.min.js HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:05 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 40898\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 06:34:55 GMT\r\netag: \"2a781-6130c45fce1c0-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":173953,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (769)","md5":"09c6ff31308ecc58223c55d7b13990e2","sha1":"9edb3b66426c17c92708a6ae8d6c826d2d595cd4","sha256":"f78642193f0b12fbd42987c9744f19a98329fbe3c2ae222425e99b2d6e6a4080","sha512":"a8490f233da49ccf9c12bc3e5abf1d004717cabff85160a26bfb54e4acedbe67d252a8efab9842592c296a1e6375ed8528b4b5eb8f74f9053c4fce94d21e9093","ssdeep":"1536:UdKmW8Bs+myLiC5/e2bHHMgMrcIrf/vpuYjcXoEVpTbbmI7mB6cj+AfJldG6k9LG:iAggnv407D7A3AIFZgIgnOvmrUf6wY","tlshash":"4c04528ab6e624359713f03d8d7fd804b176485b2e9cec59780c91a41f5843c9afafe8","first_seen":"2026-05-10T23:42:41.270848Z","last_seen":"2026-05-30T02:31:36.71409Z","times_seen":3,"resource_available":true,"data":null}},"time_used":1684,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1511,"receive":173,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/css/images/fade.f07526a5.svg","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:05.248Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/css/images/fade.f07526a5.svg HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/template/pc/static1/css/base.css-v3.css\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Sat, 30 May 2026 02:31:05 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 1112\r\nalt-svc: h3=\":443\"; ma=86400\r\nset-cookie: home_lang=cn; path=/\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2863,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"2f8ebbeade3c7f92954bc84b86cc522a","sha1":"d8664609c8979fc1eb140c86410cf32394407217","sha256":"54b070ea2795d9387e31a262bc7b154816dbca861df67122a8d3c59f9167bbaf","sha512":"d08ac963bf1d2a5374af0f060297aa9619570a82868bb03744a653a3d59819961762120c48c7d04d93a10a0e01c44f840dd8945eb3cb7467835a89498c6fefcf","ssdeep":"","tlshash":"cf519c199d401107727bf2746be2d749e9620483d7128629badc76a6cff5908cd93fcc","first_seen":"2023-05-15T07:40:50Z","last_seen":"2026-05-30T02:31:36.715147Z","times_seen":69,"resource_available":false,"data":null}},"time_used":451,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":451,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/ic-lock.svg","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/ic-lock.svg HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:04 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 311\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:36:42 GMT\r\netag: \"1cc-6130d22f13680-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":460,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6e303a823bcc6379eedf1cafac537d07","sha1":"67cbfb75da1caeb9dae60583a40fe8e263eb6763","sha256":"a73001be2e566744cc71c22698e2ca995bcc24e525df5c45d952ee384d4fc76e","sha512":"40cb93c8fb35bfea4b657433f4e1b5f1d42499e28eaf2ffce9435c058e1f4a25c28ef57b72b12b61477799462b61e578cbd51d45a89cafbed5caa2fc1939fe7b","ssdeep":"","tlshash":"d4f05cddd7769a1cb4d50ba0a76d6c60390da4e50e44cd2493954ed125c436719408c4","first_seen":"2024-08-19T20:50:36.164863Z","last_seen":"2026-05-30T02:31:36.715636Z","times_seen":564,"resource_available":false,"data":null}},"time_used":671,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":671,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/iconmonstr-connection-2.svg","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/iconmonstr-connection-2.svg HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:04 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 228\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:37:19 GMT\r\netag: \"118-6130d2525c9c0-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":280,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a185db729512b49877ca1624aba127f3","sha1":"8db076d3778ddd38e64e34fec2ebacd60f7a2a42","sha256":"0a2cc3858da840ab97c2fc95b6723f0ab65575bc611c1194a8bea8eef2f5f74f","sha512":"6cc0650229f7f1042ac50fe23b83f9fdd88838daa67057d273f227e56a09034a43a0f4150032acbb3fe00420366b3145ab260b20f34b51e1fc51f7a0c28864af","ssdeep":"","tlshash":"f2d0ebdce118ef0cea6bcf30b338c0863201e09185c00a70f3b01a30390884a2844cec","first_seen":"2024-08-19T20:50:36.167419Z","last_seen":"2026-05-30T02:31:36.716106Z","times_seen":563,"resource_available":false,"data":null}},"time_used":681,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":680,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/group.png-v3.png","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/group.png-v3.png HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 86691\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Tue, 03 Sep 2024 10:06:23 GMT\r\netag: \"152a3-6213435afe5c0\"\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86691,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 289 x 602, 8-bit/color RGBA, non-interlaced","md5":"f47bc0e39fdbc9e3d512733a17f0d373","sha1":"8f3b1ddde7212a416ff5a1bcc9ab15cc56074999","sha256":"f2cf6649535b218b42a29f7e2667b7a117f8a4be264f1997ba01127fa85b46a8","sha512":"998a6fb4432742018b37a01ff3f29dfb927f6133c31e9b4452884c5aa6cefa1d2a4dd3ac96351f5ac629a772e24a3811636cf8b15592374ccf20dd024c17a4ae","ssdeep":"1536:Nv9H/cBq0u8UsHTBZPkoIcB45ZjNpXK9qYdcPqUf7czVw/qhGMxgxbM5:h9HiqG9z8K4pxSqrPVjqVw/S12s","tlshash":"57831292cff99f66512243dd72d206e98aa9443df53931c3613b14cee3a63734472368","first_seen":"2025-12-09T15:33:57.083594Z","last_seen":"2026-05-30T02:31:36.716545Z","times_seen":23,"resource_available":false,"data":null}},"time_used":1481,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":989,"receive":492,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/mac-o-sbadge@2x.png-v3.png","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/mac-o-sbadge@2x.png-v3.png HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 6343\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:37:51 GMT\r\netag: \"18c7-6130d270e11c0\"\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6343,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 234 x 72, 8-bit/color RGBA, non-interlaced","md5":"8b9a8d438efaa5014d6267352f418088","sha1":"91aa61ef5c1efb8467ab731e928966ace99b31f9","sha256":"60ec09dc329fd2f7a0e040c3e1792f9ac9e36328bf0b19690a2cfd6f9c458356","sha512":"bb60ca539cc8a52fdc2b6a86558edd813858e361ca72c732358d35c31d78d14bf8423e40859cedc17224802e20f9147ed6cc35a1410939d628519a79f147bb23","ssdeep":"192:WhPxWPR4BoVyMosIT4MECT1A7kKIol9f8EyYHEZ:I4Pco3vm1lNrEyWY","tlshash":"0ed17ec1eb91a728d758854230c6158d75fe3f696097cb984263d13cdb40962cdf736e","first_seen":"2024-08-19T20:50:36.177013Z","last_seen":"2026-05-30T02:31:36.71737Z","times_seen":67,"resource_available":false,"data":null}},"time_used":1477,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1023,"receive":454,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/vector-smart-object-world.385522f7.png","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:05.244Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/vector-smart-object-world.385522f7.png HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/template/pc/static1/css/base.css-v3.css\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 May 2026 02:31:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 113701\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:38:51 GMT\r\netag: \"1bc25-6130d2aa198c0\"\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":113701,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1133 x 660, 8-bit colormap, non-interlaced","md5":"385522f7300c9aa82b79cbd057f8b8a0","sha1":"d941ffb37b3e8210c4ef9cb7d75512b4288c57e5","sha256":"da68dbc7ca562c0c4505f965e71f16d74a35aba020294d85e25f3139780bd30e","sha512":"d133e1f7cffe66aac4d094648587045dce9d90802b0b6aa4595032a1cd51e536f26973fdf63422f0e7c304e631551738792f52d40ecfc2b946f6b47e8e4aae56","ssdeep":"3072:SLXNL1jtrk1p9u7ngiDUHPGWKlTpljqB9vDCiNnonLNH4hrGLVR/:QJ1tkn9ahDUHPGXlzGvDvonZYNGLz","tlshash":"ffb312b45eda8f3a624990d293ec5a94c16b3c588d0cd7fc1663123962c18cd7737a1f","first_seen":"2024-08-19T20:50:36.168925Z","last_seen":"2026-05-30T02:31:36.717948Z","times_seen":452,"resource_available":false,"data":null}},"time_used":1157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":935,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/devices.svg","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/devices.svg HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:05 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 7439\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:40:45 GMT\r\netag: \"615d-6130d316d1940-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24925,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bf2d967d51e3feea89766940bf0edecd","sha1":"c025677362879423159bc258b2931ad78a1c30bb","sha256":"7b4b73d0880c77cfd4a68a113e0623fc512d20f3ecb65a771cce7edb1746304c","sha512":"bb18e16b61e9c39c934803676522be91e199eb7fb8dd32ffd672f9bcae8553a4f23f36f2ea0749de807fffc5a240d518cba821d727c50d710933edb7074fdb2f","ssdeep":"768:V5+ezyqcKQXasQEGf9+HD8J1LQyW0SP3XUkwRTon16JQiU52dQd+:OePhQXasQEGf9+HD8J1LQyW0SP3XUkQT","tlshash":"bbb243cb11b4d26054c9c79e9f7aacc13416a0bf2d3656caf3dd4a495b8b986f206f80","first_seen":"2024-08-19T20:50:36.179715Z","last_seen":"2026-05-30T02:31:36.732783Z","times_seen":67,"resource_available":false,"data":null}},"time_used":1489,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1489,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/iconmonstr-facebook-1-1.svg","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/iconmonstr-facebook-1-1.svg HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:05 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 213\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:42:19 GMT\r\netag: \"ef-6130d37076cc0-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":239,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"76e79937cd2eaaf1fc8410dfa38346b3","sha1":"1f0a4ed867ba758aa31eba9d7366d9aafbacd71d","sha256":"053afab6ced5d362cab374fb662c758370b49d47e17e6998386f0c7790484cbe","sha512":"cc5b49bfebb850d89d4e4e2f267d18b312bfb851649217b2cb45bfd64875f9a3b134679c54de05a81b64784324857a063adec992ace05afc72678b3a5dff26e7","ssdeep":"","tlshash":"d5d097608aa56a0c0cc24032682cc6dc02272084138c04d8a1002d3069894f3381308c","first_seen":"2024-08-19T20:50:36.183453Z","last_seen":"2026-05-30T02:31:36.734799Z","times_seen":68,"resource_available":false,"data":null}},"time_used":1513,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1513,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/iconmonstr-twitter-1-1.svg","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/iconmonstr-twitter-1-1.svg HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:05 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 356\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:42:25 GMT\r\netag: \"251-6130d3762fa40-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":593,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ceddaf8b9eee3fd765fde8d881f6bb30","sha1":"eb474a41278442e24496c299a8ec5c6ce6a96cc0","sha256":"9173e9e1073dc20ba997e89030400e0840e8c409ae23b2efd2557ec798c63680","sha512":"fba8a6eb676e6f29a6efff77cd6b91fb7ba6c253fab4484f0a9db3bb446ceec983f4773cfacac5e5d4899b1b448fa0411091acd08441600bc477971eefbee5b3","ssdeep":"","tlshash":"a8f0acf997fc6a7c29a7dfa81f2860a4270e30f6334087d2940c5f204b020e9c55be4c","first_seen":"2024-08-19T20:50:36.184719Z","last_seen":"2026-05-30T02:31:36.735999Z","times_seen":68,"resource_available":false,"data":null}},"time_used":1513,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1513,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/uploads/allimg/20240903/1-240Z31KJ9606.png","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /uploads/allimg/20240903/1-240Z31KJ9606.png HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 4017\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Tue, 03 Sep 2024 09:57:48 GMT\r\netag: \"fb1-6213416fd9f00\"\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4017,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 196 x 56, 8-bit/color RGBA, non-interlaced","md5":"1c34801f674d7ea068248a247b7ab7c1","sha1":"5f7d5d427c870a67aa5170b95409198918b08663","sha256":"25cd87509c2ab76d2e735b75cf9f2d45fdf4de54b0ee678bb6ac38114860d910","sha512":"9a368ab0183603fbd510d8672a7ab18e32442627722631f86b8b56194000280ceb93a51754694d600894867634c29132ad6a7aa8515b50aca47c0b948c0505ea","ssdeep":"","tlshash":"d4818e87cdf1192dbb4c1ccf90a73a03c2458de936e2045cce956e391b1f3485c89695","first_seen":"2025-05-31T11:59:30.830917Z","last_seen":"2026-05-30T02:31:36.736774Z","times_seen":67,"resource_available":false,"data":null}},"time_used":667,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":667,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/ic-hide.svg","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/ic-hide.svg HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:04 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 463\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:36:35 GMT\r\netag: \"2d7-6130d228666c0-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":727,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c5bf706459ac02bb53151b97bde4847a","sha1":"dd76452615cfc2852dd2e22311dcd55ae5428ca0","sha256":"e69d9b514b3022a08dbd7ad1185f6239ef6b07df5d470abf749c693fa65b0b2f","sha512":"161f8bbf46f9005a4aa2f6eeb346dd87b3f038e928631ba0c5bbf1b8babe3835f03534575ebb87b2d5f9f5aa461dcc1b8610b4fb11bd00fdf7d8ea7a93492eeb","ssdeep":"","tlshash":"490110e60af0699cc0da4f2d77ba40027e5ba8f121324ca8d7bd1d9146e180dee91cde","first_seen":"2024-08-19T20:50:36.163442Z","last_seen":"2026-05-30T02:31:36.737352Z","times_seen":564,"resource_available":false,"data":null}},"time_used":672,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":672,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/ic-network.svg","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/ic-network.svg HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:04 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 770\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:36:42 GMT\r\netag: \"584-6130d22f13680-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1412,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5c6dd9d6feca0136591eca09389fbd90","sha1":"636b11729acf7568058028cf517f08d931d121c4","sha256":"a3734a0b0d0614caec4ce27f052027024136c9449a6ef5ee8fbbb1b7b3f244f0","sha512":"45056af33f238bf41a60c0474c413e79235c1ac81bcecfc3461f7e1cd42e008b1cd92aa1a283c9681b0cd32af9fba0d11a73c5a6d2e615b603b8818ad134382a","ssdeep":"","tlshash":"3b2112e9abbd59acb8831e25bbd1b875530f54b13150c6d0842f4da0d592d99e7c3c02","first_seen":"2024-08-19T20:50:36.166191Z","last_seen":"2026-05-30T02:31:36.738045Z","times_seen":564,"resource_available":false,"data":null}},"time_used":672,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":672,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/iconmonstr-idea-14.svg","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/iconmonstr-idea-14.svg HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:04 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 563\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:37:26 GMT\r\netag: \"5ab-6130d25909980-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1451,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"aa596305d1cba349f0157d941d9fc7d0","sha1":"2248894a2002a27b725c251ffa110da57dcefd70","sha256":"8e697d63b76829185c6be2b84df34823aea3446216811459ed0b4bc2041f0019","sha512":"d2d4b28821dbf8a437e3331ca8c5c0d1740f5dcfcbb64a11d0d2dc4a9ab0e15f4b9b8bc060528284d75287ad78bfaf14f2484a2f0ceeabddfc43ea8da1337806","ssdeep":"","tlshash":"f93148f85338544c2c579a246f5bec24b7ccabdf28d8cde4d19edc6248c6870e007521","first_seen":"2024-08-19T20:50:36.168072Z","last_seen":"2026-05-30T02:31:36.738607Z","times_seen":563,"resource_available":false,"data":null}},"time_used":1480,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1026,"receive":454,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/google-play-badge2.png-v3.png","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/google-play-badge2.png-v3.png HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 8684\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:37:45 GMT\r\netag: \"21ec-6130d26b28440\"\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8684,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 272 x 80, 8-bit/color RGBA, non-interlaced","md5":"6ae7c87c6d5062640444685617641c17","sha1":"c178c3bd0b2e44637163524ab85fcda4fd19ee52","sha256":"b05a3ce6adbf5526c996dcbb4670d788281bfeb73f7f3a8b3e5214648bcfa615","sha512":"1a6491a3e401b8cd1aa80e6c96a99b494452a70622298afeffe993d10e67a0c00c51639a996832628b54847aba4b5286c36af099cf9ffc95e014fc8301258545","ssdeep":"192:1S6NfH51RXEvtR9TH08diplF5jm615w2T4YydvrnEpdE1u:7N7RXatrrBsl/b1h0Yo8N","tlshash":"a0029edc9bac880776e865c100a7e9566d86cd8c65c89ef530d30c660941bff80592cf","first_seen":"2024-08-19T20:50:36.173513Z","last_seen":"2026-05-30T02:31:36.739225Z","times_seen":67,"resource_available":false,"data":null}},"time_used":1479,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1025,"receive":454,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/js/base.js","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/js/base.js HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:05 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 22191\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 06:36:11 GMT\r\netag: \"10496-6130c4a848cc0-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66710,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64237), with NEL line terminators","md5":"ac40c5d852600d23b89587b029f6c20e","sha1":"ed01a4d00b3694bf63138ac5d135b32bb241a2a7","sha256":"f8d94154cd90c4a157e8c13c9f3808453f3645dfc34697db859efeb67e972341","sha512":"81bcd63954c1b941765d1f1c8b0c704e6f9f944d00c2cbf036af8373e377e0c5c8bc62096d6f0df3fe731c303ab1d4da7818aed340818afe663d192ad7b9928a","ssdeep":"768:hD9nldH+XCTNbh73xOAMUKiqMg7g6ZiO0DDSh2ZMhk2Oq35jgNiBC7XYnhSoxwhw:NdH+Xo7wAMiDqpjgNiBC7EhBQvF1/i","tlshash":"e453c58df2d6b0f512e770a5012f620ef2b79560b48980d2ea75d9e09d78e8e4127f3d","first_seen":"2025-10-09T04:59:34.155373Z","last_seen":"2026-05-30T02:31:36.740213Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1704,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1680,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/js/jbox.all.js","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/js/jbox.all.js HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:05 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 14529\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 06:35:00 GMT\r\netag: \"14fc9-6130c46492d00-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85961,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (504)","md5":"81d8eae8e5feff498e37ad95e6030b8a","sha1":"43cfcc15d38880af5e962fbf15d621d57df23836","sha256":"5cb8c1973f397ed22409e0aedffef29ddba57c5d3a6bf737ebd724ec9ce9a9d2","sha512":"23d9c2375ee53525b791de2b86549b0a309a31dcd1b8b22368cbab43770f906e3e63ae1fce78af5b48012f49f863933bfa408ddc58d10fa4748aef28138ff396","ssdeep":"1536:5xP33iBqYIHLEF3CB//qbsEFiTNmMOBOjZhYY9:jqMOohYY9","tlshash":"cc83405d66ba2315c1b371e96eaf810e6132852b6906dc1c3d6c83d99fc603892f3fb5","first_seen":"2026-05-10T23:42:41.286005Z","last_seen":"2026-05-30T02:31:36.741308Z","times_seen":3,"resource_available":true,"data":null}},"time_used":1720,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1680,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/group.18c6d4fd.png","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:05.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/group.18c6d4fd.png HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/template/pc/static1/css/base.css-v3.css\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 May 2026 02:31:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 216364\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Tue, 03 Sep 2024 10:05:21 GMT\r\netag: \"34d2c-6213431fdda40\"\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":216364,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 640 x 640, 8-bit/color RGBA, non-interlaced","md5":"5c227cf137ff1f44d25fff9452e5981c","sha1":"9d74cd5d20d893c1a3e768859808074df30babba","sha256":"f2f473af65b0e07f07f850d21977df8f6c2c287474d1cf7f94c0298243212244","sha512":"6384c18934d53ba5b01b03738d7b349e9c944d997b587f9079364c1e4ac9b8ffc77890ee51067a5c8a6b538be9e78b90b6f02b9212da85922975b313d6d57a39","ssdeep":"6144:cBTLnb39mzzwk/ZT2B+nCeatLvVLZkFT24CTaZZBIxoM9T:ATLnbzkxT2B+TahdLux2FTADduT","tlshash":"30242391cd7966bc322ddb907e8508daf10f1f5007d8b64e43be61a9620d5d1fd16b2c","first_seen":"2025-12-09T15:33:57.081413Z","last_seen":"2026-05-30T02:31:36.741958Z","times_seen":19,"resource_available":false,"data":null}},"time_used":1183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":962,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/iconmonstr-cursor-9.svg","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/iconmonstr-cursor-9.svg HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:04 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 419\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:37:25 GMT\r\netag: \"2a5-6130d25815740-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":677,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"33663d6df182780e4148c9b40725dadd","sha1":"ccef41932490aabe1a20f52fc498281fd739d045","sha256":"69e9a4e435de9a5ead447e14b6991657bf6b8b8dbb38247b99f9d48cf4171ba3","sha512":"5ba301baf08a44a9f249277077dd55a3c3e1c9752cd523362acba3d99ef0f6af2743543c7c33c8ea4305795249c8fbda1c3d80538b6fed77826522c544e14d06","ssdeep":"","tlshash":"e90144e88bb4b2281bc7cfd08a3574d4e1aeb8d42115a484e220cd3584dbcc18700848","first_seen":"2024-08-19T20:50:36.165486Z","last_seen":"2026-05-30T02:31:36.748387Z","times_seen":563,"resource_available":false,"data":null}},"time_used":680,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":680,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/vector-smart-object-world.jpg-v3.jpg","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/vector-smart-object-world.jpg-v3.jpg HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:05 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 35496\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:41:48 GMT\r\netag: \"8aa8-6130d352e6700\"\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35496,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1133x660, components 3","md5":"2155cdc4bbbc1c9cd654d644c7d892d3","sha1":"60b1d36bf0877665786b58089b0b55858ac10667","sha256":"f755e45045a0b3d895c6da32423db71ae9df9862d36e74b1837daf62a3eec079","sha512":"efabab1ebc099a7364450f833b440d1f749aa79cd91a20abd1e1cb81d6f2098cb840cae7befb15667a7c61d7a31bdd4f11d3f8390f230ed1c8deca654625861b","ssdeep":"768:2WrA0u41XqvtK5NKyk+CvFMG6QXvS42KZpIMh8lS:2EA0D6E5/zCz6QXEeDhkS","tlshash":"a9f2f169eabcfe25edcd0e7c7882b75315539201afed74bb600962db0422dd0e726891","first_seen":"2024-08-19T20:50:36.182765Z","last_seen":"2026-05-30T02:31:36.748993Z","times_seen":68,"resource_available":false,"data":null}},"time_used":1513,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1512,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/js/down.js","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/js/down.js HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:05 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 447\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 06:34:44 GMT\r\netag: \"2bf-6130c45550900-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":703,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"b523bb5e20d52c01bb123d62c686e4f8","sha1":"904f140a43374bf3960bbe2e1875e2a5ae57b52e","sha256":"243f94c24173eab1548fdc4c548e782c86ffe4f51c1b95f13b2411b2b88e7c77","sha512":"2c18e9519e0337832ae55bc951e9da93e71fb1ba5a0959e0db0c23f3be7021e188aebfcdec69b94da236177f869fa344b87b6984f5ccfdc681042bc6caac3b16","ssdeep":"","tlshash":"3701fe67d4f169270a63d064203f8d0d6062b9c3d805fc1a362ca2964fdc5182355567","first_seen":"2026-05-10T23:42:41.286857Z","last_seen":"2026-05-30T02:31:36.749763Z","times_seen":3,"resource_available":true,"data":null}},"time_used":1720,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1680,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-30T02:31:03.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:04 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 4945\r\nalt-svc: h3=\":443\"; ma=86400\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\npragma: no-cache\r\ncache-control: private\r\nset-cookie: home_lang=cn; path=/\nadmin_lang=cn; path=/\nPHPSESSID=70jk9srmnitha9ki2sthmrvi4s; path=/\nsite_info=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:1.11.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17390,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"0182a6277bc707a4fe185306b872d890","sha1":"85961d804245145ae12627e7a314314ee67d95c6","sha256":"3be3623622141f84a087fc32cce783e94251f9e2808928dfef772d4847946996","sha512":"469521c56fdc1e9239e4c6f8db9d9b8294b5b27a6948d8eae7516edc7038d8ed50d6e790d7a8723392c83ea748b8298831c9b9d971bc0e5e4ddc81fcaf523305","ssdeep":"384:nKAGGCtOlxrm/ExIwtAEwtMnRwtYkiwtOAX/ue5xtYMm31tOommzGwvUxojhSopT:fGGBQXMZV6Q","tlshash":"f572535245aecdbf121326aba164627db0bfcd72e923c8d2f6ff059443e1c58a51a093","first_seen":"2026-05-10T23:42:41.2649Z","last_seen":"2026-05-30T02:31:36.750469Z","times_seen":3,"resource_available":true,"data":null}},"time_used":2424,"timings":{"blocked":1046,"dns":596,"connect":221,"send":0,"wait":327,"receive":0,"ssl":231},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/js/detect.js","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/js/detect.js HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:04 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 7277\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 06:34:38 GMT\r\netag: \"ab20-6130c44f97b80-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43808,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (591)","md5":"14cdcfb70d47d0d596aa51ebc6de4eeb","sha1":"c17d25de9624e1b75b6e3ed05344fd81e27a7b2c","sha256":"b3e7c4c9958e9107c1a45637b7b85a46a26c4b1d8a01c9e97afdfee018bcbb14","sha512":"73ef7306b787ff95e26d79785bdf6c99a5194c9f5ca8d2f68158081fbfd6693e2cc01b2f337f5cc2eaec81860d86fbe67233dca0f1f5466ca1e27060f7c04a58","ssdeep":"384:w9BDlDCxFFQhAYqWs0p3QBHenPvE2SA80DlA7Mu2R:w9YcjqWsSABHePfjDDlA7y","tlshash":"1f134b5439fa25c3959bf05d122e1e13722609ab8ecffd58770d206a3f5c46e92b43ac","first_seen":"2026-05-10T23:42:41.261004Z","last_seen":"2026-05-30T02:31:36.751032Z","times_seen":3,"resource_available":true,"data":null}},"time_used":604,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":604,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/yellow-pixels.svg","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/yellow-pixels.svg HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:05 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 318\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:38:35 GMT\r\netag: \"25b-6130d29ad74c0-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":603,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c320fc2579f9bf23ae35a1e018ef9798","sha1":"4e2337d56d0d96fcebc0c7cd21233468d77a5e13","sha256":"3b1f229b350e7843f296e9812e7866f74012af5af095edfc9d6283bada1024ce","sha512":"eafd3cd59c55d2942bfe183ced5bcbeb9d014621dbd86ab80cf95c01ee5fe40b3a7ef73fcc87d6b9fbcc6d011a7d5476e2820df21c799595cb8855aa8b97f09a","ssdeep":"","tlshash":"89f0f67b0f7d813c44ce5b2ebfd0a5bf12e540667f704516b0023a9ca659d87580a9b6","first_seen":"2024-08-19T20:50:36.181036Z","last_seen":"2026-05-30T02:31:36.751646Z","times_seen":68,"resource_available":false,"data":null}},"time_used":1503,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1503,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/js/runtime.js","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/js/runtime.js HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:05 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 891\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 06:35:54 GMT\r\netag: \"a79-6130c49812680-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2681,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text","md5":"cac6147a47397ed0350dbd4876e12a04","sha1":"86b8f611977df12af85ce70b41fdfe27185ad83b","sha256":"4523f77752a4b515ec214b473766ce115e8816cf15ffba146a12bcb3ee613d44","sha512":"cc2ff406ea69acb6812bf39b402a9c3ec6c659758174307a8194a0495176274798571ac9991680ccaa194ce64da4ad045503c353cd12769ac2aa1e00b4914cf7","ssdeep":"","tlshash":"b251554a3de265a4a213f43c462fa405f168481709a9fc507f0ca274bf2643d5bf8bda","first_seen":"2026-05-10T23:42:41.282084Z","last_seen":"2026-05-30T02:31:36.75217Z","times_seen":3,"resource_available":true,"data":null}},"time_used":1684,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1681,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/css/base.css-v3.css","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/css/base.css-v3.css HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:04 GMT\r\ncontent-type: text/css\r\ncontent-length: 23799\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:39:40 GMT\r\netag: \"392d5-6130d2d8d4700-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":234197,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"6e42409cd2ad7086ffdfa19302f8f4e0","sha1":"2b8736be6c9c12f60c7a0c8438b6838e3c39e524","sha256":"970400d080b8dc62500be81746012d32c571ec6b785004633b7cde51a8e159c6","sha512":"4443e836cf5e526d0368adf4ab8c712bef7ae0813589aee5569d9d6326a8b89c91d3e55c268e0f0859178580bb54380e1a907d9afa34e4c9902be221603a6686","ssdeep":"1536:JwZvXaUmiBCAJ1YOZzTX2GLUDY/3/o+iNs1eu+Fh4HZmkw2v1OXeZni8WSNKLgyX:evKydNTXi","tlshash":"bd34f4664bd21818650fd8543abd7208266a9873d30bdef93edd614cdfc83d395a2b8c","first_seen":"2026-05-10T23:42:41.278108Z","last_seen":"2026-05-30T02:31:36.752666Z","times_seen":3,"resource_available":false,"data":null}},"time_used":578,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":577,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/css/tan.css","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/css/tan.css HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:04 GMT\r\ncontent-type: text/css\r\ncontent-length: 233\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 06:33:23 GMT\r\netag: \"23a-6130c408112c0-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":570,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (570), with no line terminators","md5":"c408ffea3a299c53cd17e532a7a24521","sha1":"e7531de2fcd999e93d019d36813794806440ffca","sha256":"e18c52227eeae584206b462350d4f280e427015db4858753db869abb3e144c4f","sha512":"967b29e279401e3c5e0538a75333e4483a3e3c9cd7eba9eb8c8fd6a7a377ebf9013941e4d50596a4177c0cdfca4f63c82f9e152ddbd088e47eea67f1afa27a23","ssdeep":"","tlshash":"78f0f6c3f35d22ae2237d2b601d21384623615c2ea736924aa7df4d0cafc84a3e86012","first_seen":"2025-12-09T15:33:57.082325Z","last_seen":"2026-05-30T02:31:36.753194Z","times_seen":23,"resource_available":false,"data":null}},"time_used":577,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":577,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/ic-time.svg","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/ic-time.svg HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:04 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 478\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:36:28 GMT\r\netag: \"326-6130d221b9700-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":806,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fa92e16d419eadbdec452433d014bae5","sha1":"fad21cff82f4e93a106aa84a72eb685b904042bd","sha256":"1bc114b05919dc924d8abd3a7b4d974e85e1f4a3fc311f14ef98cbb60598b062","sha512":"1ee0e042557ae3a72fb5f750bea8dc180ca10d5e16d1aa3b9112f01a04816f54f63d1a6b3e4ab6f25bcfe276281d1c554e6c0a0ff06428c295432397b155ef58","ssdeep":"","tlshash":"d90141a183b02edaa48e8f7976747d907a46ccd9af994874c33e89305041ddedab3047","first_seen":"2024-08-19T20:50:36.171525Z","last_seen":"2026-05-30T02:31:36.753767Z","times_seen":564,"resource_available":false,"data":null}},"time_used":673,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":672,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/windowsbadge@2x.png-v3.png","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/windowsbadge@2x.png-v3.png HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:05 GMT\r\ncontent-type: image/png\r\ncontent-length: 7074\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:37:58 GMT\r\netag: \"1ba2-6130d2778e180\"\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7074,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 234 x 72, 8-bit/color RGBA, non-interlaced","md5":"3497e0704ddd71c33e6f8f8ba896276c","sha1":"54bf33983e28cc9a09124f5c8660d2f35fc56937","sha256":"41c9e0078a0bfe54c4fb7fe60698ea6520051ded772d29224b43108f57e7718a","sha512":"cfbfaa28e5ade910592b1979ad6d660d76591fe35d0b0b672f3ca12d9da9a3ea49756b45880df970b70ec7159d0adae20e483cdbf983eb52835f305c7a832ec4","ssdeep":"192:eL5OlKz+xdgn9H7QwFfyfCMEvfFK53zIWo:JlKzJ9kmfyqm3M/","tlshash":"1ae19f5275cbf0dc692583508cdc7ff751a5b4522e930f84d1e7d27f88165887ac4688","first_seen":"2024-08-19T20:50:36.179031Z","last_seen":"2026-05-30T02:31:36.754276Z","times_seen":67,"resource_available":false,"data":null}},"time_used":1491,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1490,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/shield.svg","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/shield.svg HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:05 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 785\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:38:25 GMT\r\netag: \"996-6130d2914de40-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2454,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7dfab7c91a4c792465bf8fd23accc9f4","sha1":"b9bc80b8f678afba0f530af995a2290f647fab18","sha256":"8645c274999f8e4db9a5501f2f9139e71a45ddd531e48a692cdbf25d2c9db6fd","sha512":"a3044d82884d8f2b38ad84ca8c44bcda117888fae971cba3e5d13268b6744387ad13ee53d7d678bd10a88fdde9f924cd3a224d3643d27141f4535b35fcef5984","ssdeep":"","tlshash":"555123d0a9fe4106d924a385e799c095af1502ff52e10792f01c1fec1f265cb8f879e8","first_seen":"2024-08-19T20:50:36.180355Z","last_seen":"2026-05-30T02:31:36.754778Z","times_seen":67,"resource_available":false,"data":null}},"time_used":1487,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1487,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/iconmonstr-youtube-6.svg","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/iconmonstr-youtube-6.svg HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:05 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 264\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:42:33 GMT\r\netag: \"162-6130d37dd0c40-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":354,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f15002c79ea768bf28f21e5df9ea1825","sha1":"4e0d33e984d32a11b98ba9a203e9fa3d5af434d6","sha256":"b861a14519e99eef1c40fd466a020b7ebc3646fc9e9693d14edf61a2f1b98391","sha512":"22ffa110542b0b886fc5a16df9e5dcd03084c0f50fd2a387e78072cc14155c3dd30a98bc578cb76b30ac45e8a471e3a1e3116c4e090995c6c09c86fa457096b1","ssdeep":"","tlshash":"19e020e587b4460465175e2d97bf74e909dbb156129d028ca104fd04ba484a3b49ae98","first_seen":"2024-08-19T20:50:36.185481Z","last_seen":"2026-05-30T02:31:36.764749Z","times_seen":68,"resource_available":false,"data":null}},"time_used":1512,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1512,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/favicon.ico","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:06.441Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 May 2026 02:31:06 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 695\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Tue, 03 Sep 2024 10:49:02 GMT\r\netag: \"2a0-62134ce372380-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":672,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 24 x 26, 8-bit/color RGBA, non-interlaced","md5":"e755d2d8786b26e754eb686728678be7","sha1":"fc76783706790953025344622c91380a8292c603","sha256":"12302d78c068623e54fef13426c16cf7e9e022e36414f65bfdf9aac4c4d613d8","sha512":"2cba23e43155f5c9b26f4ac153cdd63f3c08d86b733819502237318a2542994207cbf19d5c6be272cd43dbbb1a209ba1a2323a50a793fbc05d546043cc2a4d7e","ssdeep":"","tlshash":"fb0123b7bfd3176d57db9029cd712001363779fb2902e81c3ea2f22051199c61056f60","first_seen":"2024-05-16T01:14:06Z","last_seen":"2026-05-30T02:31:36.765521Z","times_seen":31,"resource_available":false,"data":null}},"time_used":223,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":223,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/js/atlas.min.js","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/js/atlas.min.js HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:04 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 16214\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 06:34:16 GMT\r\netag: \"c392-6130c43a9ca00-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50066,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (32911)","md5":"83fe2152828db778a211de45a6bfdda5","sha1":"3831bb1bb0006860cbde4832999f9a333ec3c71a","sha256":"bc484955b4fed04b5301aea772efa0743c8c1b004a7354a0ce70c52f57aba034","sha512":"4a0a37d55c99320e5851e91b419b5a9c31b43d2835322d7f076271bbf91e8835043493ea0ab1dd053f9a5e016cd8cfdc5b4c0ce6801ee41a1d3b5cdad7de4362","ssdeep":"768:dKbzrY5FZx/FoRy8+LXXYlAzCUz1iBObtnCC9HQbeXml5woj5Fef+iY:Mbz6FL/eE36Az5iaJXml56Y","tlshash":"1c232ad971e43196c6a32064503f4607a2aece89f8cc8d94f498dad07df89977837f68","first_seen":"2025-10-09T04:59:34.14163Z","last_seen":"2026-05-30T02:31:36.76614Z","times_seen":5,"resource_available":false,"data":null}},"time_used":578,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":577,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/iconmonstr-control-panel-21.svg","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/iconmonstr-control-panel-21.svg HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:04 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 301\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:37:12 GMT\r\netag: \"1ea-6130d24bafa00-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":490,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a63f3e0439ae36dd919281adbc6e67de","sha1":"c389665c83002c538a0e80d93730c358c470de82","sha256":"731a73babd3a653ed2bbb926c9d6a0b7e770dd782d33fe33a97084fb12ae5d07","sha512":"dcbf0381deafee2ea0f4af6fd7daca65ea712ab0af86a9125da8e5f103d7af2437697bf9a994b87efebe6bd5fcc185a8d72edf9180f90ac1ac708d9064540be1","ssdeep":"","tlshash":"a0f0e9f8d5940fece8474b20b2a42556625e995c3398cc5492780df450653dae760cdb","first_seen":"2024-08-19T20:50:36.172166Z","last_seen":"2026-05-30T02:31:36.766782Z","times_seen":563,"resource_available":false,"data":null}},"time_used":1480,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1026,"receive":454,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/iconmonstr-arrow-right-thin-1.svg","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/iconmonstr-arrow-right-thin-1.svg HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:05 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 201\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:41:25 GMT\r\netag: \"e7-6130d33cf7340-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":231,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"656735ab83f586d888622d35ab28fae9","sha1":"16930a7d51143b7fa6df40b0ce0d0c1c63d50167","sha256":"2518b3e2251086046c725d845c35c8618b6590ce4b072c1258a514217eb6b158","sha512":"169a0f4f9c719b3022eb642ed37921137d3f9a4d50cab9e43f031da0eb645fdf7615effd52c9777817a71787d506f382e4f4ba166ea5f3f725a0edbc9c4cb394","ssdeep":"","tlshash":"c9d097ed23d89a2084180b32af6c23801286b08e0048208cf1910465d8482d2aa3a8f8","first_seen":"2024-08-19T20:50:36.170879Z","last_seen":"2026-05-30T02:31:36.767284Z","times_seen":564,"resource_available":false,"data":null}},"time_used":1502,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1502,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/picture/iconmonstr-instagram-11-1.svg","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/picture/iconmonstr-instagram-11-1.svg HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:05 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 516\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 07:42:31 GMT\r\netag: \"405-6130d37be87c0-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1029,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4a538031889f03eec36a74dbce6f8e1b","sha1":"f3d6dcdbce45e9fa29789ac56632be4724e8d429","sha256":"a49791faed117e4d6265b710864bb8f06f5393ab2b638f1d64deb9913dc0c4bf","sha512":"7bbf49ab295d98ab17f31a90a8995cd0a87976a60b158e5d45e0e8689a9b31231d15bfa559a04555722f10323e417fb992281b3420ac9a618129a9b1298e9883","ssdeep":"","tlshash":"2a11c0cd43a5e6ccaca7843adf2f6567070ef03a67c5c4a1c48d8e3864495d2a34e418","first_seen":"2024-08-19T20:50:36.184113Z","last_seen":"2026-05-30T02:31:36.767826Z","times_seen":68,"resource_available":false,"data":null}},"time_used":1512,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1512,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.bangauto.net/template/pc/static1/js/101370356.js","fqdn":"m.bangauto.net","domain":"bangauto.net","tld":"net"},"ip":{"addr":"47.80.68.7","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Philippines","country_code":"PH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.bangauto.net/","date":"2026-05-30T02:31:04.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bangauto.net","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 14:29:55 GMT","end":"Thu, 27 Aug 2026 14:29:54 GMT"},"fingerprint":{"sha1":"50:74:9E:FE:F7:7C:2D:40:93:58:42:13:B4:94:2C:C4:3F:3D:62:5D","sha256":"5B:5A:FB:F2:DB:42:53:A4:CB:7B:8F:80:B0:6F:1D:66:F7:F4:62:5E:90:DD:3F:85:A7:20:78:42:FA:61:AD:4C"}}},"request":{"raw":"GET /template/pc/static1/js/101370356.js HTTP/1.1\r\nHost: m.bangauto.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.bangauto.net/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=70jk9srmnitha9ki2sthmrvi4s\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 May 2026 02:31:05 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 5615\r\nalt-svc: h3=\":443\"; ma=86400\r\nlast-modified: Thu, 07 Mar 2024 06:36:22 GMT\r\netag: \"6270-6130c4b2c6580-gzip\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25200,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (799)","md5":"fea8f1bfbe03fee455d8692b7a1157b2","sha1":"0e70f96cc2609ed4da4f0d24480d90db7f2896b5","sha256":"544958e271423103827487f74cd7bd16f3de8c8a63698e3a3e3535ab4f0f260e","sha512":"9a4753bf36b013d962a192fdd3522f60b91ad60b705e6ab2408eaf60b3f890fc592502996c7dfd3b4ccc9de4141bd3438c22ef76ffcfa6777dafb4795cbea9b2","ssdeep":"192:qaVZ3y2yNIpYS+iSCiCiC0LryYD2CCy1ts6B5gYFysyYgCylZYnZyymoMHabdiCm:gFg565MNiH2LnQfpQ/HA5/bs","tlshash":"cbb20c582abb106565133c390b6fa026733fd11346aecd047b6c8354afa4539daf9fb4","first_seen":"2026-05-10T23:42:41.283709Z","last_seen":"2026-05-30T02:31:36.768411Z","times_seen":3,"resource_available":true,"data":null}},"time_used":1725,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1679,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-30","alert":"Phishing Block","trigger":"m.bangauto.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-30","alert":"Sinkholed","trigger":"m.bangauto.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}