{"report_id":"921ee7b1-3604-457a-ae1a-dfd777af6f47","version":6,"status":"done","tags":[],"date":"2026-02-24T17:03:52Z","url":{"schema":"http","addr":"mg596.ru/","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"104.21.88.111","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"mg596.ru/","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"title":"Snowball Space | Snowball Space","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"mg596.ru/","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"104.21.88.111","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-31T17:03:52Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"mg596.ru","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-13","domain_rank":0,"first_seen":"2026-02-24T17:03:57.656812Z","last_seen":"2026-02-24T17:03:57.656812Z","alert_count":152,"request_count":76,"received_data":15450787,"sent_data":41618,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-02-22T22:14:59.650342Z","alert_count":0,"request_count":3,"received_data":147465,"sent_data":1647,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-02-22T22:18:02.864626Z","alert_count":0,"request_count":1,"received_data":60971,"sent_data":494,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"mg596.ru/","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6f56ea82c07879723696220f4bd392fa","sha1":"2eaf1e783bd0431b67bd0481bbbd0c124d36ed30","sha256":"0be779755c5a031a677eb3fc27ee6c2a2635f75a1a0f779b6a59b5c4a77e1cca","sha512":"58c6acf6ae3c98f417cc689fdec80adbb88394b38f09ce1ec1da8eb56879401b322ff00dbc8fe065569ff382432d0cdce6e16ad0b40b823d8facb1e35d25982a","ssdeep":"","tlshash":"1011dffd2e69949b9688b0c96f2c04d66910110b0e0272e3785ed2e4af4ce0ca4ff4e6","size":911,"data":"","first_seen":"2023-03-07T12:23:24Z","last_seen":"2026-04-05T00:00:22.521541Z","times_seen":980,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9671544997e2d02258dd4b11ac2d0ef8","sha1":"a77530b52675c3479d36244cf3ac8f29f2fc67c3","sha256":"2ff8b3986ee6e3c7e6b2279d01f7e65f797259f89578d88b1e42f2c282db7079","sha512":"b7135d2abc3ee18f830479c936d019e18ece0300ffa868c832e2df7418b99f4d021d818b215df0e1f502b96ad5eb9a5324723de9c234f6b2414605b8e7b9d825","ssdeep":"","tlshash":"5631bf1493b9b668c3c530edba57cd69013a0c19b6e5e7cc990bdc40aa44436f625aeb","size":1729,"data":"","first_seen":"2026-01-21T13:10:54.551353Z","last_seen":"2026-02-24T17:04:04.049962Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5966646a9c4f85aaae9fc3af30252771","sha1":"9758c9c9e5cff00863b8539541a1bf75672e2aaf","sha256":"45c7d025e38021b998df8092f67747fe6e5d68a394009da8b77e1832fb875382","sha512":"4ce1d662d8239cce3081fac46532de4d47d6b640b2e59d4196867f5d4ae5c802d878a0c2d45572250855ed1bf593692280b9374e770f135f2c413086cb41f844","ssdeep":"","tlshash":"23d02227269e14a70abb2c3bd2ba6ba57c8e809300000d34352df4d04f044161d2528d","size":205,"data":"","first_seen":"2023-03-07T12:23:24Z","last_seen":"2026-04-01T20:46:11.865355Z","times_seen":2425,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/assets/js/vendors.js","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e27dc1f526b607533c07a534e074551","sha1":"58740698f7e1c5e135e08e13c4cd185931f202c2","sha256":"c83923dc19565e9c97d7e8e20106f0c6effd60549cefeef3b1bfcb7d56518d6b","sha512":"6d38e9a9ca74eccefbf4aa955c9ccc741e3a418b95bc5f8232d9eaa91b3c72f82013d0410a5437575d5f9a8df95305dc08d81ecf0fdc0c96afc73bf71a0c081d","ssdeep":"24576:+B36a1J+BSzGYJJ/zUVTnV94u2hNtT5KzExOX:+B36aiBSzGYJJ/zUVTnV94u2xT5KzExe","tlshash":"4d555c89b281713247e760b5502f110bb23b6929a44e806cf679c8d57dbcd4da27bf7c","size":1343368,"data":"","first_seen":"2023-03-29T22:29:38Z","last_seen":"2026-04-01T20:46:11.862516Z","times_seen":1003,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1892a845aa81b9ddb8b6ef6920d742bb","sha1":"0075569a5a4198b9812be41eab8956188aa19e55","sha256":"6ba6c11bd8700086c8f00d11c7e22487a9c13a211f57e0cf06bb9e365fa87704","sha512":"475d9132eb4852a71e0ce58250abf7fc9470fb67a2cf8784e8d4bed9f84fd2049a2a36cf0c983b2570593f44c6255a98cfd6ac0276bde072328d7c287847e545","ssdeep":"","tlshash":"906000000000000000000000000000000000000300000000300c000003000000000000","size":13,"data":"","first_seen":"2023-03-07T01:06:23Z","last_seen":"2026-04-05T00:00:22.523833Z","times_seen":3986,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f7fef8930207b23ec9c04386f9a02c76","sha1":"146273d1c716700bb25aaa15e8595624b611ffdf","sha256":"74867c5a2cf408b090752d3cb8767bb46fdb4a0529bc959d96f51aeb2607d7e3","sha512":"e76bc0261fb13841f3fd1b6095c1193ec306312c03f189965ea8fa91818cbd3044963711d7308a29a5aa58accb87e5c8fc087ccec122cab25cf669624ce2f905","ssdeep":"","tlshash":"117000002e88c008b080388e08802eaf22aa82082080e2288008002202e00c0aa00838","size":24,"data":"","first_seen":"2023-03-07T01:02:10Z","last_seen":"2026-04-05T08:11:06.793646Z","times_seen":7332,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/assets/js/aiz-core.js","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9a6e566915417c2103df2e69dcc44f2a","sha1":"10f7a3de4d164a6205b89c6007d0187ea38f3a3a","sha256":"11fc9c2834fabf211d1c723b438855375d502611712f618c9b0207e91e0f6c9a","sha512":"986cb542b068eeb28314d99c1a8ee413856673797a69280676cd328f6ceeafe4170a4ef1a939d56694e06bf985328dc25f44581747e61530d42be71a440270b6","ssdeep":"768:RX02O2suuKE0ypBCLCnKPFnVJ97Qntfv/2yyE:RXI0engE","tlshash":"2a833e09b0e76425647b71fe8fafb5403561d02b850adc103e8d53c89f9ac3da1b7ae9","size":82154,"data":"","first_seen":"2024-01-15T04:46:17Z","last_seen":"2026-03-24T03:59:26.512995Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"654c60fee49c4b645ef68405d05e37f2","sha1":"1d199bdd9d93eb6ab7622429e5980d6fdd3d6907","sha256":"ce35db4f16cd8df026124ae49ecb6925c356d5dd3a0c20c7de9c1c5d6961ea5a","sha512":"5c36ae69f64693e837fc4f6b68dc103dc21b9d0fc9e0480d58d68c59af3669f45fd15735d5ce2030a53289ecad27061d39e481197a680a2404a5454d52e24ea3","ssdeep":"192:Oca2w7IFHGGsCHcyTNoO9PG1Yoa7O1dztTE9O1c:O5CHXTa1YiS","tlshash":"23120eaef0b3516444b7387e4aff78443b6b221b954acc00bd9e58c40f9a558f4a3b1e","size":9606,"data":"","first_seen":"2026-02-24T17:04:04.054019Z","last_seen":"2026-02-24T17:04:04.054019Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5cdad393b895dcd32320309038fc6841","sha1":"50b80d045952f634c8b25987573cfe14468f3c40","sha256":"a4c36d1d8769f0b356b99ab54cbab0c5b28e1f301e3b873ce8694ed7654e5d21","sha512":"d06a0dfd4d79f96d237632c92f47a7834965a42a6655f6539ad8fda449f80d827820a10a9e4211f227518cab97ba7051a940530fc2fb483031e8d48edd78e047","ssdeep":"","tlshash":"5621f90ef950b5499af334ee6eb3a48a7db7345740219820baff58900f2c1ea1813b15","size":1303,"data":"","first_seen":"2026-02-24T17:04:04.055437Z","last_seen":"2026-02-24T17:04:04.055437Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/8aEaMIXQQlL9bwvyGVo0LincSFPsvExAQHZHI0po.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:29.934Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/8aEaMIXQQlL9bwvyGVo0LincSFPsvExAQHZHI0po.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:30 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:15:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fcf58-9cee8\"\r\nexpires: Thu, 26 Mar 2026 17:03:30 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v%2F%2FgAXjj7gCMNbPgkYnDZYDvkeicQ5DAu3AOmCKUvZPHPn4qTyBd32ENaGPyrzX8KLQj1l4kTxVcQy%2Bx6VVzZukRrxNBuyh4\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3089640b5dc3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":642792,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1500 x 598, 8-bit/color RGBA, non-interlaced","md5":"ebd316d81ee129358fa0547173b56c53","sha1":"14ad464f4fcbcf0dbff32eefb23d24ee2071353c","sha256":"c05b012716dc17453326e9052015b1a6e3642c60f72a7ec1dafb52c80001c012","sha512":"17b1b969b790f214c0c3d7ca6f8dd441a4814fff66168bc2b0c934cc40b99d088912f7b9b313ce4f6a82c7caff2b4b3b57de5786a35e20cfc8d556d054ca9728","ssdeep":"12288:IEYsfTm6u8jjnpNqx0UrD+qJ0KTqe+ilIsrnsSR8eM2L0I51sJ:f9u8jzDO0UrD0KTqXd4sSR8L2T5w","tlshash":"7fd423d3c1df14a6fedf8988f952652a6340c8d9d3892c523bab84d274990f54628fec","first_seen":"2023-05-05T03:08:07Z","last_seen":"2026-04-01T20:46:11.815806Z","times_seen":212,"resource_available":false,"data":null}},"time_used":387,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":186,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/assets/img/play.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:29.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/assets/img/play.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:30 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62d647f2-34ff\"\r\nexpires: Thu, 26 Mar 2026 17:03:30 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zoYER3g82IB9ACS2%2FKYwECf9lRLU73rZDZjpPReCqTVf4xnvYT3DkpBotXkUtlB%2BYG509lZQaT0aZYN5wdXRF8bR8CDRn%2BkZ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3089640b65c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13567,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 89, 8-bit/color RGBA, non-interlaced","md5":"e481cce2de3cecf9161636e7b2fe89e8","sha1":"a891dbde1af19164f4eac33da6bcaac6089e7273","sha256":"4634366a44153659e28ff1815d7d7637593149807bc642bbb0834cdbe9d3834c","sha512":"0b1f563179f594c2579383de8d59f8957705cee6b67cf9f1515ee402a2afe6731312ff64fa6e884451f81de41f23649086ad063d4acb5515ce3f5cc099a61d18","ssdeep":"384:aJnzA80UIc3XE1LRKAmMdx8cw1C6bkbgEUUedTZwTy:aJTPI0XE1LRffd0CS7vky","tlshash":"3c52a0d5e6749f2434c933093c7899fda537179043c0a5cdfc99c11b0da86f287b899a","first_seen":"2023-05-04T19:59:00Z","last_seen":"2026-04-05T00:00:22.380378Z","times_seen":814,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":183,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:30.294Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mg596.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 18 Feb 2026 08:40:55 GMT\r\nexpires: Thu, 18 Feb 2027 08:40:55 GMT\r\ncache-control: public, max-age=31536000\r\nage: 548555\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-04-05T09:48:38.647865Z","times_seen":199892,"resource_available":false,"data":null}},"time_used":376,"timings":{"blocked":186,"dns":2,"connect":30,"send":0,"wait":10,"receive":3,"ssl":141},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/Mdqpntq74vXUac1DOSZC0chtS4jmw0BbEpSvdImp.jpg","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/Mdqpntq74vXUac1DOSZC0chtS4jmw0BbEpSvdImp.jpg HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 22:28:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fe078-1530\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pWVIdtJwXLAgBaD5mQFxNPKH%2B%2B6gdaLebtWcYo7pu8hDmaqIIZeO09OfL7Yikucn6WMkP4NNxAcyD1OEIcVIcUp6jlbUO7sJ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896ccc87c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5424,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 200x200, components 3","md5":"f5ee88fd5386827f8c3c45607df29bc6","sha1":"d0af0907d3fea172f7832319c322310037b0016e","sha256":"273bb02c1b5a3cfbfa242bcf02a393f94202b52d1c43ec9c9d329ba42b0ddbf9","sha512":"f0d8c38e6a324eeae844b19ff868eb1d161d8e85e96a0dac252ef0fb99948121dd9dac7f8477b4544cd5b9999e05b121c2688871a40d044e106228bbd12b6ba9","ssdeep":"96:mEoekke3dtp3ah5Iv4B26PPK7hBCmV5RNKiZErOsLD6TodH9QNq7:mVkYU+v4tchBCU5tZECYGToh96q7","tlshash":"e4b13957de91ead3b823d3bebe5a6e7563ed6d1410c037e316e00d92b325a809e17188","first_seen":"2023-05-04T09:04:14Z","last_seen":"2026-04-01T20:46:11.596863Z","times_seen":1071,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/blQsdznx8vgcULlyUJqxT1AXo1GNnYHdsFiggOY2.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:33.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/blQsdznx8vgcULlyUJqxT1AXo1GNnYHdsFiggOY2.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:33 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 02 Nov 2025 02:54:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6906c7de-b15c\"\r\nexpires: Thu, 26 Mar 2026 17:03:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S5AErcMEAKBsOQ3QVpabzbsh6YCFE0mSmY9NkYpRbn8IA9DNgHHgWrQQshZHG%2BvoAD8LTfPW%2FRU2zjEcLfUBOZ%2FLP2RlGC2j\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308977bbebc3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":45404,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 430 x 430, 8-bit/color RGBA, non-interlaced","md5":"f07703175daebb4d490a4aa46127ef0e","sha1":"ee8f41ba1d6890659d4595185a141ad5419d2cb2","sha256":"adfbad1fbab45066dc58756195253578f4edfbd47345840976188d2dbed49598","sha512":"e63459a94517e5af56b429e2c737ef11249e319305dab4a4d79a5fc1d6ef2ce68b9a3bece24358a25e1a9487207de4d58b125194b993de4ca3da851b83e97878","ssdeep":"768:wdfABpfTeK8kBtnWlaPPsZObkqCPLEAMhdgYYufKmpQhxKxfesWL0o5umnBvNgAH:+ap7BBWlOHtCPLNMCufPpQuDWIo5DuAH","tlshash":"b113e13708cf7daa496d4346ada197166cef09356e2585689fccc38f1af302c1c7aa17","first_seen":"2026-02-18T02:57:42.46703Z","last_seen":"2026-02-24T17:04:03.959788Z","times_seen":2,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-24T17:03:27.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:29 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\nset-cookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK; expires=Tue, 24-Feb-2026 19:03:29 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2tHOzpC6hy5%2FyCS4B8dbYvoWcg2sTP5wsT%2BFMxc6qegtjMO2haDYx1tjBqlZaga6mMbwfb8TGGU5vJ6X559dXmaUIQnAX0kK\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9d308952db49a3f8-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":154497,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1753), with CRLF, LF line terminators","md5":"c47f78f79f6ffef6c1b11e9ff46a92b4","sha1":"ea7b5e1ca069879fe30d52d7b879b42eeb324fae","sha256":"cdaeff4783d504294ecbccec1c2b16858e70b94e65f7a55d221c115eef14196d","sha512":"f10c35b2fb310b9588f5639c9bd9e848d489dc9fe3d4c9f2d7f48ef929b168d800d784208031ad623e56f624450e68665bc11fea80c8e445598e8f622e46e4d9","ssdeep":"768:60ZIp/KHoUFnHUXFGsWIBN7GRI41xEciKxZ7M6YDMtesL6sCHXTa1Yif:60Z2/KHoqeFGsWIBN7GRIiERsLV","tlshash":"f5e3336168f011a701b3d1d19a716e5efd83d207d71b8a04b2fd1beaaf93c92dc43629","first_seen":"2026-02-24T17:04:03.967739Z","last_seen":"2026-02-24T17:04:03.967739Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2729,"timings":{"blocked":78,"dns":34,"connect":8,"send":0,"wait":2573,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/assets/css/custom-style.css","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:29.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/assets/css/custom-style.css HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:30 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 05:03:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=glFO%2F0r3KSEGPHz0J3Lq8Mg%2B1aHYomIe5oy866Qe%2FdPXSiSbd00PQ6LUM3uZ4bh6%2F1suDM8Um%2FwsUut0XMVXTlEmoSRPocfC\"}]}\r\netag: W/\"62d647f2-1d\"\r\ncontent-encoding: br\r\ncf-ray: 9d308963fb43c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"2cc149a2ebd1a4253dc242d54c2dd366","sha1":"c28a715492b8decb160125ca7ba623e217c733e3","sha256":"3b6b5f14b03f97ad3a449c30657096210268c8460408a9b77a9b4bdb966e37ed","sha512":"6ff235b93b3aa0adaf92f24fd925894f461fd862238624423a14510dc05895180b38622701f677694fd08ddf373ca6b7dc101df4a936379bb8821b956c9aba11","ssdeep":"","tlshash":"a080002e002380aca8200b82300c0c30e003a20300ba82002e0820ba20b22a8000c003","first_seen":"2023-04-05T18:32:05Z","last_seen":"2026-04-01T20:46:11.751154Z","times_seen":1875,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/assets/fonts/la-regular-400.woff2","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:30.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/assets/fonts/la-regular-400.woff2 HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/public/assets/css/vendors.css\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:30 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 12900\r\nserver: cloudflare\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\netag: \"62d647f2-3264\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SiL8P93QaTyAcTT1VmLwnH5LA1Nk0gTYOhiMeSAlCeNzHyndMs1xlx40qD8N8mLdpL6mRpKB374UT65gHH5wGAu%2FPrrUvdM5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3089667b2dc3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12900,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 12900, version 1.0","md5":"88d9d9416c58bde56378dc4439e3a144","sha1":"bebed8d7033a4df35bebba69f1fc261a78a4ee22","sha256":"51ca2c00a3e30945e52227147fed9e296dde03af3c4d7589e8e95ca5740037db","sha512":"906884d6b687dd0b583872578a107fc7264e4198b3218545c01dd2185a397015b7226e0c96ae3dea6294abf7599052d3d271b6bb8461e972c5e49149f28b95f6","ssdeep":"384:cQ/ZCDaw2Q49jW8QIkW5SepdRZS3KUWSQoppk6CMRYtPP:l/BwzojW8lB5SenCKUtDC3tPP","tlshash":"fe42e1629963cb089c9d5b38b0ee5d401792703dfd9d5bec022bfe52cd4e09e4b1a076","first_seen":"2023-04-05T18:32:05Z","last_seen":"2026-04-05T10:22:42.219456Z","times_seen":4363,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":166,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/home/section/home_categories","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"POST /home/section/home_categories HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 47\r\nOrigin: https://mg596.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":47,"data":"_token=nNea4jwqn38Cz5Mb6MQw0oTbKq2676BBgQrHnnvC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:39 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\nset-cookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK; expires=Tue, 24-Feb-2026 19:03:39 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8IFULh03RIeJtWW%2BPybPaEdTyy15cmYXrzTVFPtKOnr%2F4dumKkg0brVybNmrJ9hS82OiDlLUT4B9iv8RSSyDqbMM4HthZsfU\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9d30896c9c1ac3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":259781,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (323), with CRLF, LF line terminators","md5":"4effe892e8a66aaaa8740ea174029487","sha1":"7412a0122c40da6d5f0de882464e89bd859bd30a","sha256":"7b2a1ebd432b2141162578c2dbf9e47871d533f51e13685817af0a25eb9e6338","sha512":"460738ffd5617b971f4e9674ba524f346f87450bfc7196cc60edfd587d61ab97f0b74062092521f006e372fbe7d116e8df02dc265b19a0a92d002b399389eb1e","ssdeep":"1536:0MBy7Df7LO/V+v3t0YcJ09wI6ZaXsPNVrDfV8lms2Ix9LmBICFQpcbze6/n3dFtD:oC2lzk","tlshash":"5c44fd5538e011ab05b3c6d2c2309fadf9819607d7578844f6ec63e76ff7ca2990362a","first_seen":"2026-02-24T17:04:03.972842Z","last_seen":"2026-02-24T17:04:03.972842Z","times_seen":1,"resource_available":false,"data":null}},"time_used":8300,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8300,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/n3HgCaj2U1rbs12p3TVUKNbCVD3Jo4r4hYOcEzH2.jpg","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/n3HgCaj2U1rbs12p3TVUKNbCVD3Jo4r4hYOcEzH2.jpg HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 22:31:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fe158-5b8\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ySHM8l1OapXusUEwow%2FFKt%2Bpz8LhcO%2BfeGm2AyDlus2limMQamvGHZznFUwqtlh4ihIFRtqOJ0NsO1XSmg4eJp%2Fc%2FGIu7Iok\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896cac4bc3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1464,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 32x32, components 3","md5":"04439ebf1e9b150965aed277b9b532b5","sha1":"67a22cd08f57f95e0873503ff65b4e8ad01a5be2","sha256":"a067809d0b0cc0d4938f0f7680dbc5a6860f681916314df474cf77fde063aa37","sha512":"cfdedc4a6408ebe76133f64328d45cd6773252c731d671a52e30a18d21ce49f8f1db527e19808bdfbebe786f3c2a2c952dcc6376e1292e86680c933a44316d19","ssdeep":"","tlshash":"4d31766f970306c17d13ace6c6341e66d7ec9a41bd52270529e197f2ca315dc445ce1d","first_seen":"2023-04-18T11:40:39Z","last_seen":"2026-04-01T20:46:11.577238Z","times_seen":1061,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/fbGIQHGvdDs3ZmgmLuQ546o3ToOU5YKleb9kkasC.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/fbGIQHGvdDs3ZmgmLuQ546o3ToOU5YKleb9kkasC.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:16:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fcfb4-2b9f3\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ufzzYxKZQcVBqG5T6VbC2c7p02DjRLsADtY6AMs0twUeLSh6oGRgCiPoFahXE5LvcSUuwrR3AHpee4JzeoShBmymA4MetS4C\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896e489bc3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":178675,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 886 x 326, 8-bit/color RGBA, non-interlaced","md5":"ca660f7969082eb7c4bf9eb6be2fd8ee","sha1":"efebb96f17299df7f5e2aeacca66defb645cd6ee","sha256":"43aabb339ed50d165ca0929416ebfbdbca21a7e716a3b094141e22bcb133c4d7","sha512":"12dad84854a1f4b02fa755263fa35e0791ab79e070fd3979c6e4a54e8b612f59f41bd9be21fe868aed4f961bc2220cfde2185eca7e97175ae68a74b1e4323b64","ssdeep":"3072:TKcJcRxYpcyTG2LUlgR+MuOai3KyyFt9lUWBuuPT7tqQxkXZNvAC8hvjb6mhW205:TKcJHcyTG1G3vc9lRXb7AUkXZNvd8hv8","tlshash":"0204126c91c0a65dca7f040e67bd1f92784ca198b089a3dcc09dfb85b8b18bd6ce751c","first_seen":"2023-05-05T03:08:08Z","last_seen":"2026-04-01T20:46:11.721033Z","times_seen":676,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":191,"receive":86,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/6HcHGpYWIQywyvVqFpiv5WMdIIlFIBuN5FHbqcfz.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:32.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/6HcHGpYWIQywyvVqFpiv5WMdIIlFIBuN5FHbqcfz.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:32 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Thu, 23 Oct 2025 09:22:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68f9f3e4-25a58\"\r\nexpires: Thu, 26 Mar 2026 17:03:32 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jOTteMf73mXBxCz44Gcr1iArs22ZFTyNvYRyh0gXbqLDUTKPM7wmyOq%2FHwzCSJGtPybGGaoDDSb4ligkH4aqyiDiEq0IjryT\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308971cab3c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":154200,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"f1d33740e1b28f5f9e6076930b607e37","sha1":"5b39ab410fc6bc31e1feff674b1c7908924ea464","sha256":"2c596fa64828063fd54aba4b2e7e0a6bc9ae6388af5502c0fbf0268b4cf4963f","sha512":"e51ce0a5ec4fecd602751e541b39c27df506be7b07559de261d110a7dc8b974c7d896f862442d3ee4712fafcd3f57ecfaa4604bc60a4d7ab6aa449a2691d58fd","ssdeep":"3072:kChtYf2xbzJWlmCuHBbYw3ILpcxXGhRBdpqqxhvaow/M4dxyMoIH8k:kQtYf+X8lduHJ3IIXGhHdpriP/Fdxydo","tlshash":"49e323e370bd78b9e1f7fb14982521c5d95123118fbaa46c3b26bbb9235d3244501b3b","first_seen":"2026-02-18T02:57:42.449424Z","last_seen":"2026-02-24T17:04:03.97777Z","times_seen":2,"resource_available":false,"data":null}},"time_used":337,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/omjR6KY8oejYSFFKSyMOfEopYqsvlsKJL907KfhM.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:29.933Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/omjR6KY8oejYSFFKSyMOfEopYqsvlsKJL907KfhM.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:30 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:15:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fcf5a-e7280\"\r\nexpires: Thu, 26 Mar 2026 17:03:30 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0jXwznsKKIr0HX6bf%2BG3szNID9Kb6qb8SHNXZTr7dhGttDctRLhpMQKC3AzCpvge%2BjaOK4pkvLyRI23fGNoC5NnisMwdzW23\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308963fb55c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":946816,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1500 x 598, 8-bit/color RGBA, non-interlaced","md5":"9813961294173b088c6fc6e6df6bbc11","sha1":"db80a76f2716f9aea7bf07f0997c294bfd609607","sha256":"99f17b0fd7def171bba471e20495f514387c6e1389d1ef81b2b2fc70629c5d1f","sha512":"848ac1ba3b0a0a882129abc258e440431b64821a8106e46df7fa5f724cf847386d3f921ec4d6f443967a11f4ecc6f67f20424c1a9eef564fdb759cd20297e59d","ssdeep":"24576:rA2q5bAbwNDJ/BGIDxyk4Mv1GQ5XXGKK3Gh1phBKp479okeWnVj:rAEw15DuMv1GQ5XXGV2rbBKp4R5eWnN","tlshash":"0115333d82ecb2c8df7fd06a05a412493a62558fa6548108740f689b9bc8c87ff9c6dd","first_seen":"2023-05-05T03:08:07Z","last_seen":"2026-04-01T20:46:11.651313Z","times_seen":163,"resource_available":false,"data":null}},"time_used":420,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":217,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/assets/js/vendors.js","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:29.943Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/assets/js/vendors.js HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:30 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 04 Sep 2022 10:36:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63147fc8-147f88\"\r\nexpires: Wed, 25 Feb 2026 05:03:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B%2Bi1gL7USVLc2Z2CBj4OZra0L2rbBY5wQOfNOYxkVnNr12c6bvqH7HQOUewehycc5Uf2YtnjBjDLtnMvc96EK9dwBAxejeVm\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3089640b75c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1343368,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65446), with CRLF line terminators","md5":"892778359170727f61a5c126de22bbc4","sha1":"3c96b1c22b2ac0910da4fd907b6b9dcfccdbf249","sha256":"8af4d6ddad6778ef6e6f3ce0365db8566f02848c24dfd63555fe1d6b4b3ff9d2","sha512":"f94b550e36e5fb3a8b68f738d62490c5f56d6375bf32ab77ee6640fe2919efe55015345007d27429f5cf9823910765c08fde0da511aeb6e943606ed467bf0961","ssdeep":"12288:eywRuI36a1J+HhjynEs+tYdLnx7/zUVTnVMmbS5M3u68:+B36a1J+BSzGYJJ/zUVTnV98","tlshash":"e6254bc9b291b03247d760b5502f110bb23a6929a44d806cf639d8e97dbcd4da27bf7c","first_seen":"2025-07-28T13:06:06.60703Z","last_seen":"2026-04-01T20:46:11.710962Z","times_seen":188,"resource_available":false,"data":null}},"time_used":355,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":138,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/AmrpWEDDbar3ylIjWdVvyIxHrAhcYfq9EGGY9tjh.jpg","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/AmrpWEDDbar3ylIjWdVvyIxHrAhcYfq9EGGY9tjh.jpg HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:56:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd922-552\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yUN4ZgxIGsY8lUtoHaXQRWlhdAch5P%2F8QQG477uXNtlEopECJItukRdDU2RgGR9h%2FpJc%2ByDABYggJFcRcfASN0Con%2FEyvqcx\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896b2831c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1362,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 32x32, components 3","md5":"43d7cf53fa96deb31c0827f0b04bee49","sha1":"0b635faa3172ccdbe047ebf9b7b92627c82b667f","sha256":"a6d142db9cab39711d9b043d66a83334cfb56a859d9132b0c7ff71a378a8b392","sha512":"3bbb880835d2ae57b6d2ff4310942710e2397129a42703984b4cffdd0bb2a5b0041dc71cd03a7c5e2b09c4b50e9c19883111eb623305723a598ded515ddfb68f","ssdeep":"","tlshash":"a321fb16bb0747e0f92642f60d443d80f3ee1b42b4e066072bf451f182536e44064d9d","first_seen":"2023-04-18T11:40:39Z","last_seen":"2026-04-01T20:46:11.693075Z","times_seen":1328,"resource_available":false,"data":null}},"time_used":147,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":147,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/home/section/best_sellers","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"POST /home/section/best_sellers HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 47\r\nOrigin: https://mg596.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":47,"data":"_token=nNea4jwqn38Cz5Mb6MQw0oTbKq2676BBgQrHnnvC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\nset-cookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK; expires=Tue, 24-Feb-2026 19:03:31 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Xrf3RwfbT2oFTPKA%2F%2BruGrWA%2BVw6TeAvwO7YHzCKRhNrxLTqUuCiAbe6uU8F4KdgPMbDQG6h4aY0pZP1j%2FVeb8EVwA6y0VAR\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9d30896cac1ec3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":44216,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"5035ec18d3b22ea3b196058812ef5289","sha1":"4d02f0d746160ff3fcb9804d949eff27d3876088","sha256":"3b6b1ae8b0c88a3a90e29ce49ceb267beb8c3ba4f3652e03efac72a79900955d","sha512":"987b576f480ac8040f6b975567b8b933a90ae0503779f6b7fe3df13c48731f5530a02bf3bcee3d1f2807d173fbfd2027ffd4ecbf7d07e7efa3f73f685b8efe5a","ssdeep":"768:jhNm8C1FJoIIeykiLt+5WAn3na1ELUpxZj8OgRUJsIv:jhNm8C1FJnIeykiLt+5WAn3na1ELUpxD","tlshash":"99136b2528f122af05a7d181a6302f2efa829653d7274d05f6fd0adadfd3dd58c43a09","first_seen":"2026-02-24T17:04:03.983042Z","last_seen":"2026-02-24T17:04:03.983042Z","times_seen":1,"resource_available":false,"data":null}},"time_used":399,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":399,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/haE2D6jYCLyblTY889YdN88mBXHLhHjf4Qa4JsNi.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/haE2D6jYCLyblTY889YdN88mBXHLhHjf4Qa4JsNi.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 22:31:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fe15a-42a1\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ui0FihrmZByDcFFotyEh0rMq%2BmTnSLHT3vbCsqUQQi27SShRsfN35Q6nG0FDfZ3KIq4hbgtpnWRpIRwmfjNFxuH3LSP0W8iV\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896e4877c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17057,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"c8644f70aa738a911c1d2a7ce1f6d8b3","sha1":"8e39cff7e880d77e5d832b625e75b80c660f941e","sha256":"61c838b3c598bd9daeb9ffe3cd357d4a048df9ad46805c6523c7ac032957348a","sha512":"067cdf4884591cc79ee09036a306b94c86ee843258586d6fbb2d67225b9bd5d5504a90060e030ce04ccf4966ac163537d54ef44b7cd9226d85511ea86df94b74","ssdeep":"384:J+EELilwdV+SuZdS44tBzA+OxbL/cv0Ce9oHzDxAwOW7uc:J+ZilXTZ6GvxbLS0pqzOP+uc","tlshash":"bc72ae83a73474f9402a27f4b1ca1bff59892631c6391fed98722ed081169ee4cf0b95","first_seen":"2023-05-05T03:08:08Z","last_seen":"2026-04-01T20:46:11.739286Z","times_seen":730,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/cjjtGVaj753Mrgk3zWeRJAiLlGcDMFu29odnJEWY.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:32.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/cjjtGVaj753Mrgk3zWeRJAiLlGcDMFu29odnJEWY.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:32 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Thu, 23 Oct 2025 09:02:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68f9ef30-2408c\"\r\nexpires: Thu, 26 Mar 2026 17:03:32 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TQgx16KCh3k4RPOSNaQctdEYEyCiuhWoLpp67dtprT9hSU7L6iWUH2pzephg5o3wwElco5pI0NGP%2BBvMyGQGCDRwfz8YGZiJ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3089750c2ec3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":147596,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"ee22371b27a788f976bcf58071efb030","sha1":"baf2754afa28a7dce7f314460bf973e4043e2ad7","sha256":"b32d75ac426a5a221b4875860adc5f0de064db15967f7ffe7586a491ae0137f2","sha512":"c06fa3bb5236ee3b623a33616507c3fe643e5f8023b576649248d19d42e86ddb44972f695b4a875e66d410cf477a884badff13f2b7fe5b683f620bda534ed0d3","ssdeep":"3072:6bxy0ATHkQUGE2lG+MobR8m/l82EQ9ngYgtgAClA0qPlTRyl0op4D49:Wd2AxCbyj+9ngYgtgPlKPlT0l0e9","tlshash":"26e313c084c8f2ec00b7d1e0214b254d67527349aa3b07f89d9f27ec89e9e794add798","first_seen":"2026-02-18T02:57:42.457411Z","last_seen":"2026-02-24T17:04:03.986629Z","times_seen":2,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":81,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/NfZnwsvoIy7acEClZiprH0VD0VE0b42w05PSqHQI.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:32.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/NfZnwsvoIy7acEClZiprH0VD0VE0b42w05PSqHQI.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:32 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:18:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd020-71d90\"\r\nexpires: Thu, 26 Mar 2026 17:03:32 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rLKnz1hDzTatrQRN3LNs2yKfImATaaG4J3nrRyvpjdZR%2B%2BFOMDMTXKabca93SSocGJidCzhDSnj1uiWQnQ0DD5JqikE4DxHT\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3089750c46c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":466320,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 886 x 442, 8-bit/color RGBA, non-interlaced","md5":"55150888f6dfb008690855b144bbdf67","sha1":"d3ff00682fa52c1bdeaf069a0dd03eb401e7ca54","sha256":"2be04dc25d94452e760a2174fac9d824c45e5e5ff73bd2fdb46d7a150414c30f","sha512":"49988d5f5d1425ae01f436d36357824e91ad955e655bbbca77072b52389340dc226a9e3abb64e5d5ec631e4276e4096857a597b4c28a334af76800bfc6801763","ssdeep":"12288:830fADX2uHVs9/KOWk6gEDlr5LZmvcejP7jsNuV:83rXf1s9/vWk6h55oPvy6","tlshash":"87a423ddcd507a5bc0e0e2c693f204c4b665b255ac356be18b5ce52bdb3e3a6d5082c3","first_seen":"2023-05-16T15:44:22Z","last_seen":"2026-02-24T17:04:03.988961Z","times_seen":151,"resource_available":false,"data":null}},"time_used":336,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":158,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/assets/css/vendors.css","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:29.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/assets/css/vendors.css HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:30 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62d647f2-6d5a5\"\r\nexpires: Wed, 25 Feb 2026 05:03:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=56kYPd1xcOYn42mNsE4WzirT7SeRmBNjRiSX4MWFL5A0ixel7mEAP%2FjXG8HOEoG%2FjNzsj4lkYRZjfkSa%2Bi7IRijnzWYVWGrV\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308963fb2ac3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":447909,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65251), with CRLF line terminators","md5":"02118fd99729f7f7f943923a4888eec2","sha1":"65795a8c4d93890045ba52ffc1c173bfd136a1db","sha256":"80788cb10255b2093da150862c8566b3b29f51f3f7c9fc6e357c8ad71cee3282","sha512":"954b57c87f030fd6cba472edcd23bfb685d9058f1393b7766da4ee261f2b6e95d3cfacf3ca910c41e4fbdf683b00abeb047d0e9feedc2edab81c31cf71460694","ssdeep":"12288:ykX1upEL+Dhh1CRchzUablNcvtKZywQ1OAPkWDL32ye5trKem0OT2:ym1upEL+Dhh1CRchzUableAZywQ1OAPA","tlshash":"619497bbe15420d8b327c516b7c07bbd151ae116e5220ee9f2472a1d8bc27c712e6f1e","first_seen":"2023-04-08T13:40:53Z","last_seen":"2026-04-01T20:46:11.668251Z","times_seen":1138,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/aZrKPk8DiOV4C5wAMt5ObBC3Jk5dSpnWUuLHP8xe.jpg","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/aZrKPk8DiOV4C5wAMt5ObBC3Jk5dSpnWUuLHP8xe.jpg HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:39:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd526-4e1\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nAWKlljan%2BIyAe1QzyBCJbArzbH%2FD3nVhh2TCus3rtcFkIGF7AWpgOcm4TA4nmHYzPFzL7ngkiR%2FwmK%2FX6DuwcqGDfQapu0d\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896b1fffc3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1249,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 32x32, components 3","md5":"e1580854a56cf8efce3da98b6f6b2244","sha1":"5b0bf6176fcda86dde1fb62d523e521b03b84dc7","sha256":"4e30079f56d5ba1bbf4199b3aad170c591e4c554a74131bc213474ede0e5824f","sha512":"a2c68d29babda68c59816f4e2607614d2a7ded8dbea7e8238d4cf6ed4525201258f241db5e9f77c762efcddd9aadbc79c29c830bd98284fe0d73149d061f44f6","ssdeep":"","tlshash":"c921743a568347e0b92388f7cd622da6a3ddcf50349046492af05ae0d261ed591d891a","first_seen":"2023-04-18T11:40:39Z","last_seen":"2026-04-01T20:46:11.681702Z","times_seen":1282,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/Uf2an5rtjhEAa7tLLoJ3zIViOrgfSNrGoyw13lVd.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/Uf2an5rtjhEAa7tLLoJ3zIViOrgfSNrGoyw13lVd.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 22:35:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fe234-4b31\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i%2BQHAIIBFokVc85bKp7b%2BFrzvDhdz6S5hmkSuBUWcfBBx%2F%2F8mW2ybLncv3%2FqhiHyYnliwVXlQSi4Qfyyk61ThPtR6I%2F8QKBx\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896e4880c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19249,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"3182a7a17fa69c0193dac2d2bd18ff48","sha1":"4edad27447cbb0701678c3c33bccc243430095aa","sha256":"d64301440e08abf71b2b77e61605d8698e38a7187636217da579867f22aee5f8","sha512":"b72dd5afc02143551c5ada8a4f123ee0b03ce05e936a2d0e537e974fadb96fc1557cce28acffe97a87152d3efce255ba95f13751d8317390df34ee3555313f63","ssdeep":"384:vyYS5h/rqCLIy0f+Q3iF6ampLheGwx4752IwcLf:vzE/FLIyO9yYheBxA520Lf","tlshash":"d582f106a53b8a34d79214efbd22321ec4f1b37c19362b44271f67d2a075e8b9e13672","first_seen":"2023-05-05T03:08:08Z","last_seen":"2026-04-01T20:46:11.76797Z","times_seen":773,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/YfejkYNTGEPpNOaxKNDvbFAxIksV3low1t6AKVSU.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:34.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/YfejkYNTGEPpNOaxKNDvbFAxIksV3low1t6AKVSU.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:34 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 02 Nov 2025 03:21:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6906ce44-3c0c3\"\r\nexpires: Thu, 26 Mar 2026 17:03:34 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p1ufLR0li%2B7%2FX3ESvxD2eYDezyeazdVzi2r%2B%2FNiqCholPn%2Blm02add%2B5tx3IoXyTgcPcFyAE5Or90WpGDzFLnWoNkv2i%2FHXE\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30897ddde1c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":245955,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced","md5":"e48d915ca113dd05b164f00a2c9d1252","sha1":"ada18c4f489f73e0e861d8be567421c3df5a5096","sha256":"7821d412d0e40dd7fa2bc20bac86267b255e93ef3485cf5bb4307f7baae24a2e","sha512":"9cec4c243f0364c847ca43e62e628cade6f2d4980abb877aa6d0ca8b145fe1c9780848125f70bc59895a4d1fa0dd8c31476d72dcda646ca7d0925a3e251b8ba9","ssdeep":"6144:lPG1jJK0+deqlpZU4NEnKX0APHr8D30OvC/wgBv:ZGvfhgU46KEAPL8BC/wgBv","tlshash":"a43423c1ce6da0b04e163f6ce9e717ba21506d1b241b49b8bd81e348f18de5a4bcc7d6","first_seen":"2026-02-18T02:57:42.427619Z","last_seen":"2026-02-24T17:04:03.992801Z","times_seen":2,"resource_available":false,"data":null}},"time_used":368,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":219,"receive":149,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:30.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mg596.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 18 Feb 2026 08:40:55 GMT\r\nexpires: Thu, 18 Feb 2027 08:40:55 GMT\r\ncache-control: public, max-age=31536000\r\nage: 548555\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-04-05T09:48:38.647865Z","times_seen":199892,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":122,"dns":1,"connect":8,"send":0,"wait":8,"receive":5,"ssl":87},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/dKDjrCqQs5L8XembeZk3oENQe3sHOckPagdtzwL6.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/dKDjrCqQs5L8XembeZk3oENQe3sHOckPagdtzwL6.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:32:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd356-11576\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q6ztTVK6wGlfB2DszKZYvKb3hr2ZtYZJIV7b2Xf76R7eE7brc0LjHl6gpLNbHDeFmNJCWsCPKFcI6F50HmJrBd%2F7V26RWNKJ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896cbc67c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":71030,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"e67671da06e2c7eb39def44488dd6d75","sha1":"4ba20a1a65734bdb200838132f7b532feb3842f8","sha256":"caa02494b7d4bbd47c3a2b6c4e7d0ef6d046bead252f4f832eb420bb05d304d7","sha512":"890fe4d1f80e3f04f87a4c16db634b55b830b2f42550cae947e9bd872ab481a29f7c2e4541c58877635febd6977feb69086b1087d79a9bdc9ab3d99bceb9bca6","ssdeep":"1536:9Fn3SwMP6uVgZfbFgJP+ZIxqxy+FzJfsV4lJBGA:Hn3vMPzMFgJP3qx1FzJfZJBGA","tlshash":"016302b2c76da1bc04a572ba3f61d4ab41c360c94c59b80e897d39389b657c858f7bc3","first_seen":"2023-05-05T03:08:08Z","last_seen":"2026-04-01T20:46:11.642151Z","times_seen":1191,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/CcGQCop2RKI8zA80TZEss7YuNRxYSREELseYODlI.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/CcGQCop2RKI8zA80TZEss7YuNRxYSREELseYODlI.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:39:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd514-4fbd\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZmAzczTE99bVWnv1AgpGB2GMPPe67qwXJbov0T6jWCQEJQELQwEW%2Fgay52iCup%2B0cu6buKpZXPNAyy4sxwnKfjHXLoWcEbDJ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896cbc6bc3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20413,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"204f5972baab8be43721a260631d1a9f","sha1":"500cc835079eee2fd40c297e8ae9f70f146fd1fc","sha256":"a9ed99bc8a30142fc577d3c5cdda41b8e71555396c39b18dc50d39f097020efc","sha512":"35a1c79617ab931d6a66d43fcbee539db7447957ae0d421746f40d99817aca8d6c29f1f2f07550f133e66754f193cf53f488076fc0190a5f70df762914d3afe4","ssdeep":"384:qjB2buQ0wAUJSwBkNRjbMZf1JZFEnfkPJFw7f2yuNhv0p7Hk:qF2/nAASY8R8Zf3DEfkhKibYY","tlshash":"f992d09b7908c9984bac7ece98d8dd42f5d2d587907f22d7680f73db2c4c0488c58a8e","first_seen":"2023-05-05T03:08:08Z","last_seen":"2026-04-01T20:46:11.698706Z","times_seen":1046,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/mBnv4cHIruZZBQQB2iolxSgRlbpbIlISYM3mAFQe.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:32.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/mBnv4cHIruZZBQQB2iolxSgRlbpbIlISYM3mAFQe.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:32 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Thu, 23 Oct 2025 09:01:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68f9eed8-96d19\"\r\nexpires: Thu, 26 Mar 2026 17:03:32 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L52G62W0j9lf7rkob%2BHt75AJjuq73A96NZftbT2OaqEUBVRbVaT0cbiOzV0hJ6s0xLNfQa4eAD0jxZ92HYglPPhzjWFlNrFd\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308971cac4c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":617753,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 800 x 800, 8-bit/color RGBA, non-interlaced","md5":"79511c671989f6886ebcbffe0fb9edd5","sha1":"eae03b70be3307c8c10e3407ef6965d9af59c8ea","sha256":"3063c18897f4b6e6120cbe1135b62204d1778d5731b70f380e1faa4515a582d7","sha512":"d1ab2d425ec1d363b136bde58df7ad6881486b30daaadb5103a5e705f5ba290def7abbaf6f3c534f5e787c12ed660f4a7eaba4bdb62884ebe85a120400ea3dbb","ssdeep":"12288:SOzdV+mdZrhrfdpVvC2VB0V2Ry53lVtsmbMCC/7irkClQ:rRdldt/7GSyNDzbMsK","tlshash":"55d423c0b37a49bd817a6d65282c4abe99c66494cf7275081ed05ca2f2eefd0cc5f25c","first_seen":"2026-02-18T02:57:42.433922Z","last_seen":"2026-02-24T17:04:03.998356Z","times_seen":2,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":192,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/JZFkoh2DdpJ7t3a1PPUN5IVmJkJb27IzwMKPzTvK.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:32.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/JZFkoh2DdpJ7t3a1PPUN5IVmJkJb27IzwMKPzTvK.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:32 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:17:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fcfea-6df0c\"\r\nexpires: Thu, 26 Mar 2026 17:03:32 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N0C%2BucWbS0jvnCq2I0rHvZB2ZevGMiM0eCR%2FguFctyXrhgD29%2BMDL3%2BwdfgBfw6c5XTMRrX5aICN3tO078%2FYnsF7blEZyFIA\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308971dad3c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":450316,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 886 x 326, 8-bit/color RGBA, non-interlaced","md5":"63374a59586d1d44b66ec651117cc946","sha1":"99945288da227b5b91afc664ad8327ad48b20140","sha256":"79ef7859e41f52825b2d33fefb430166f9c1cc644f25314f25f8ac8bb22f3844","sha512":"22cc984eced6b0ab179e877e29237e3ef0a32ebb1a2fad7a2183c36079ca805fa740fca0bd07e0fd9cd5e313fbd3edae7068fb21d27821213b2b56b3e5a405e2","ssdeep":"6144:x/eU8vCtoKuVF616jPVM/fvVWWM3E6msMo29H+W/kUMJax1Mu8u1WI0VeLgpmvT4:qq6JYnVWW2E9BdeW/ZMBZd6BvT2D1","tlshash":"b4a4239247bcc06ee07db5e9e4c256d4a1f2663cead945ff1e0db0c9bc4538ab522d80","first_seen":"2023-05-16T15:44:22Z","last_seen":"2026-03-19T01:42:33.229158Z","times_seen":338,"resource_available":false,"data":null}},"time_used":356,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":195,"receive":161,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/BSvBgTFtCnEMrX8Ky3nKOG4ESOeGbNPBjDHErehg.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:33.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/BSvBgTFtCnEMrX8Ky3nKOG4ESOeGbNPBjDHErehg.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:33 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 02 Nov 2025 03:05:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6906ca6d-8403\"\r\nexpires: Thu, 26 Mar 2026 17:03:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d0gaJxUg1FhOUZEz%2FL%2F9VVbv9awv68tO%2Fh5OY3NLrZDYrJNDIFQUdMLv5gcZQUL10op%2B575N5TJZSGbnx7EQ7ztDtsHHccSx\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308977cc18c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33795,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 430 x 430, 8-bit/color RGBA, non-interlaced","md5":"0f9c8ae216fe65f88433e4ccc705223d","sha1":"01f750bf39ec383f4d1a25bec676920ec893854d","sha256":"269e9642e14cb2709064b50642e61d893a14fcb955252e241074eefb33117cdf","sha512":"07b111963b65ca2c96b2ef807a2625139dce7248c9d30f166a4fd12308ad661c9597ce0054950577e38f2cdccfd21cc1b50150a44fa9446a738eb11a72687c95","ssdeep":"768:8cHX2WHBG/6D4LWpRhqJ+/GAGRF4LrW7mu85VONyL56XYfgYd/mlx:VHXJEWp7qPAGRGvWShVOAL5uOgYglx","tlshash":"a6e2becbb39e4fdf028451cdd8182e8d9da950906776777dc285a446c2df3888b9cbb2","first_seen":"2026-01-21T13:10:54.531414Z","last_seen":"2026-02-24T17:04:04.00113Z","times_seen":3,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/assets/img/placeholder.jpg","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:29.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/assets/img/placeholder.jpg HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:30 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62d647f2-9d5\"\r\nexpires: Thu, 26 Mar 2026 17:03:30 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YoanF%2FpVx%2FAhybQgSr0EQ4Q5zhJwxnaQ7MAtFpKCfkJ8M98mbwM6h29RO%2FCQ5i%2BzCqSuCr%2Fb1gY5k7%2BCP9l%2BqIemG5eiWWKO\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308963fb45c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2517,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"5632598c913a4107afee98e7ce1f9e4a","sha1":"17398b1ef500f3c736420927da819ec69cd08d5e","sha256":"b993c5624a17777a296e58d275a775899e72f320f73c254db952dbaa970739ee","sha512":"9dc93d3bb0ac4da02a5a5426a36d3685addbe1abd28c6ff295495ac748fbd6bc4c4fefd36c9c54932d96c75cbfc1bd0b49c03f01f1a95955636048526734b4a1","ssdeep":"","tlshash":"985154a31244a082c4d92bb445e64b56238ed66a86d89fc57e4977b455a33860e8c098","first_seen":"2023-05-04T05:57:30Z","last_seen":"2026-04-05T00:00:22.305745Z","times_seen":2813,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/TyJLIfONLEKPPwbaTeHSCwnWGXfBYtC0KJpXCS1J.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:30.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/TyJLIfONLEKPPwbaTeHSCwnWGXfBYtC0KJpXCS1J.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:30 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Oct 2025 11:56:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68e65158-286a\"\r\nexpires: Wed, 25 Mar 2026 06:46:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 123397\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f7eH%2FHods7c4j1sz8%2BNpObdPUHNGv9P8XWnwN15xzhDnP9eDqmXYAJ96oUY595qUnmGE%2F5vqpr4dQ3fo%2FVUzV4MrUwtUdRX%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896a6e58c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10346,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 410 x 102, 8-bit/color RGBA, non-interlaced","md5":"cee5605ba7942ec495a83711c84cada4","sha1":"53c8ab1eee6f7c0173d8f4f309668494ccc6c707","sha256":"bbad6c1d21cf9835f338bd3377db63862a3a434c9b4980f9ea68d5e2a9247f23","sha512":"be6cf91a06518ecab7a80faf6aadc920ba26bd24cb88484de6b1b8385cb7e2a0758e8524a98abf0c8f2e9035401d35c630a7a7b5522b18a7361edd32983d391a","ssdeep":"192:/PI6FunqFf2iOkMTsAu44Xo5MpLJmZdROZ/p2UiqSQhmpQjjjX:/g6+62bTTXu44XoqpF4dRhUN+p4","tlshash":"7d229f61b0770de1541c0ca16d578d268bc324a91bfb8514f7d0ea997a0fb767f32861","first_seen":"2026-01-21T13:10:54.519404Z","last_seen":"2026-02-24T17:04:04.00266Z","times_seen":3,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/YTrXmHPHEBAeW73ffIhMuvOkpDsDbd1IbHVGDaZh.jpg","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/YTrXmHPHEBAeW73ffIhMuvOkpDsDbd1IbHVGDaZh.jpg HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:32:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd36e-556\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ciSUMkkFwLrXwup6IJv4Kle%2BLbsJkHPGCXseI9pQmMQVLbhp9fskE8Li1jeniGf5%2BiiV0cgskQVBAlzv8ODk8%2By70moxcboX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896b0ff6c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1366,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 32x32, components 3","md5":"b9d5b478cf1ccf4b63c4c4f309c57672","sha1":"cf135870f4e958ae16622897add5e44b9a661039","sha256":"393f0153f4308fa263f01711192bcb12054c99454799b7b36c2382c7a95582ef","sha512":"518b3a718575a8c9ab14bd4aa7bc01e94b2301434da55e7ee8aab9d91320457976a019191f7038565b29c839d0b44f88d0d4b93febff12d779d8aa93ea2eff0a","ssdeep":"","tlshash":"dd21fb274b5303d0f5bac4b340d97dd962da59aa30e95352e8e181e1d990be8c1c4d0c","first_seen":"2023-04-18T11:40:39Z","last_seen":"2026-04-01T20:46:11.791884Z","times_seen":1452,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/home/section/auction_products","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"POST /home/section/auction_products HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 47\r\nOrigin: https://mg596.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":47,"data":"_token=nNea4jwqn38Cz5Mb6MQw0oTbKq2676BBgQrHnnvC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\nset-cookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK; expires=Tue, 24-Feb-2026 19:03:31 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qkNhWxuxNqDBqvVNSomH32n2MU6unSVvaHy7Z1LWuP54g5W1LvrBHI7ezI8yG%2BjCvJwYRi93nhmSluAhvDAo1hh7rdflNfov\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9d30896c9c13c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T09:47:05.247441Z","times_seen":13369813,"resource_available":true,"data":null}},"time_used":284,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":284,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/P052DIfVaW5aIufaDbbjBvOgzucl1PJAevaLLlPr.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/P052DIfVaW5aIufaDbbjBvOgzucl1PJAevaLLlPr.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:56:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd922-4cbd\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=40trNkRUWW7%2BFV6vDYaETpHfAfpTYmxnEI91nbf2Bc47V%2Fg1H3ORMaPpgvmtE7zmn57lw8grIPJznDNwNE37c1GfPUHaiKF8\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896cbc83c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19645,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"56270ee06f7c789cf16ac8708aadfd35","sha1":"62b822707c1e480bb7f3419d5641e35fce58b1cc","sha256":"49305ae4f74552c89a04030a29dbc952f8aabc0be5bb1ab3397ee2ab235bb5af","sha512":"e71ce3856fc3921a1f627b8e6be96c84f18379824a4bb55bb9870f275aa43c935bf82df049e3b6a83b7c93ec8e0b3d4edda3ab420f3700a2032dda2b5bc1e852","ssdeep":"384:3jYPS1xVY8oKIGBnh0nnN1I5vI3JY1LTjTOdxb2qm/CoD/QZ:3jYcx7IGNynNqvIAud6TQZ","tlshash":"4f92d0f163826841fb9358a66d8585f788680ab4cbeffc99d55200f78dd3f0281a5b1f","first_seen":"2023-05-05T03:08:08Z","last_seen":"2026-04-01T20:46:11.763575Z","times_seen":1130,"resource_available":false,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/b5op7Ws83kTrrjHJmq9Po1Uci4QdUryDuJGmCyme.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:32.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/b5op7Ws83kTrrjHJmq9Po1Uci4QdUryDuJGmCyme.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:32 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Thu, 23 Oct 2025 09:18:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68f9f2e9-35df1\"\r\nexpires: Thu, 26 Mar 2026 17:03:32 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Oke%2F2E%2BAHP2iIchMnJ43yBhCWd3kOZorEtKQwD42NEhmQiVl8YTdB13tQNaWBdPB3Qdj7ALMW07zHBe7P09aSGfNdaQgaIXr\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308971baa7c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":220657,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"38f1c7944405ea693af89a0c5c64e39f","sha1":"758cf1b4b56ee5d3cbb7deef9debdff97bbf8f5d","sha256":"42d4fc297f3305272043c8ec79be939f8d9d7c80a995fd6a3afe5745e59315e9","sha512":"fd9e717bf2b8d4cb0062408133bb9f91802d87255406b4415b996ea73c2a560377a2a632f6d3ae77cee53fa195aa004a76624180532d86734143bfcc0fb6954e","ssdeep":"6144:R9hiwuEMhWM7OreXiymwXPXEPSVNeRieExn:hiwuZb7fXi1wvEPMde0n","tlshash":"61242375efa43a649e2f5c2df38ed4356da903e6cb76a11342f1e65a203c26d060bd4c","first_seen":"2026-02-18T02:57:42.480701Z","last_seen":"2026-02-24T17:04:04.005781Z","times_seen":2,"resource_available":false,"data":null}},"time_used":335,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":132,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/7vIbTDJb6D2Msxe5WvdtIfD6rddK6fZA2qVfzUo6.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:33.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/7vIbTDJb6D2Msxe5WvdtIfD6rddK6fZA2qVfzUo6.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:33 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 02 Nov 2025 03:02:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6906c9ce-ec89\"\r\nexpires: Thu, 26 Mar 2026 17:03:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SlXQXANc2rTsC1DINJSYts2ZxiEALzvYev8MQfUwjDFkdKnUtqrd9jOaO%2FuVYOUucUWY6npNA%2BaACkP%2Bb5eYNrcf%2BpZmZ2X9\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308977cc1cc3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":60553,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 430 x 430, 8-bit/color RGBA, non-interlaced","md5":"1f6416de488096f089f3136b715e6497","sha1":"0dfdfe2efea96aabbeda4e1597a34378a2c9926d","sha256":"ec46dc7b930d2f882af5b272875e81749d4a2eacfc3e09b03b45c780fec1d355","sha512":"60dabeb97c01563b942e1909741e8fbd684f258bd29886ca848176d03eacc6806ff7afe402326c6265f28cfe95e3e3eaed4916003d3a2711e9e3e17a1444077b","ssdeep":"1536:XhFqPTWJYCZI7KwrMBLye8cRMdffyIV32m+TVsAhq+Uae0pdLgKaye:XfWzoye8csf1Br2sAhqLgKH9","tlshash":"d043026225dbe3f509a84744e9ef1c8823b778dd498ccd2e512cd88a58bdc39364eb47","first_seen":"2026-02-18T02:57:42.443796Z","last_seen":"2026-02-24T17:04:04.00783Z","times_seen":2,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":192,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/chTir2b1GPgUgPGPhoHaEzsbB56PzIcLCobo4KB7.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:33.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/chTir2b1GPgUgPGPhoHaEzsbB56PzIcLCobo4KB7.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:33 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 02 Nov 2025 02:57:11 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6906c887-cd93\"\r\nexpires: Thu, 26 Mar 2026 17:03:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1fdYp43CMpmOSDMIAWLeN4Pp4FGVq3lQMe7BUQJ5ZYJRjmNBeU5pVlBcM%2FOr33vZKSGfyr6SxAvcyRmBr3SafsHgmCApvXHz\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308977cc1ec3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":52627,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 430 x 430, 8-bit/color RGBA, non-interlaced","md5":"9b3ec635de0c62b4eee5c34fc94dbf4e","sha1":"d60b09ae80ec365c68bd9b45029765d35ba1ec13","sha256":"ee60c4f73dce65916b641b76e46346c2f75ad8eff7e53d99872845c72ed58c68","sha512":"ed0f4cde6d63c989f9b2c401910614ea60948a7361bc6c73a7ec0d862d6b20fae138ab99b0c149ad16191265bcbb5f2182457a4fd9e1f53051cfa9e0b8c52e73","ssdeep":"1536:aJfKlz2M+a0yhFVIGeDKWessdgzOwCLeSfDWm7:4Slz2kZgGpdgs6SfDx7","tlshash":"7733f11a92dca279c5d1778ef0a4f4a002f17dea4bd98caf3516f486ccf9a9504e0e35","first_seen":"2026-02-18T02:57:42.444628Z","last_seen":"2026-02-24T17:04:04.009535Z","times_seen":2,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:30.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mg596.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 18 Feb 2026 08:40:55 GMT\r\nexpires: Thu, 18 Feb 2027 08:40:55 GMT\r\ncache-control: public, max-age=31536000\r\nage: 548555\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-04-05T09:48:38.647865Z","times_seen":199892,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":90,"dns":0,"connect":0,"send":0,"wait":9,"receive":12,"ssl":73},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/assets/fonts/la-brands-400.woff2","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:30.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/assets/fonts/la-brands-400.woff2 HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/public/assets/css/vendors.css\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:30 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 84772\r\nserver: cloudflare\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\netag: \"62d647f2-14b24\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l%2BOrKxo6Qis7yefdX4NH2sp1fPOCm4QdFgGAHwZgA0sck0ol1%2Bu6ipkPROdFcEpcBGTqZT70E7pVO%2FPtwEHf%2BOWoFbQhrlpK\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308966abb8c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":84772,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 84772, version 1.0","md5":"54b0b4e7de85711c3796882b2b19eb00","sha1":"89f4f0d9ee3a2bde5fa250bbe6dc4a4804e1a863","sha256":"ff70c9bc4650cf5e6b12d1feaa7af29ebf0681993fc0c5ffe3658cea0dbd5403","sha512":"38490f72deaf75fd7a82a23919fe479b5a5a0d0d7279aab96e153dfe413c1ee89f2095111dcccdc58470c17622f6bb44ea4d63a8da6208c973bfea7035a37a21","ssdeep":"1536:5W447cpQ00eKOVGTZUbT3g4SAXjZoUANGBem/V1R6WsMpEEeOWeB:5zSiVGZUwEXjOvGws/WweOhB","tlshash":"e7830284fb35e9e4718ecb30d58432a9d5e9a0f8b91a0456f1c7c07bce2d6fcb196492","first_seen":"2023-04-10T16:26:38Z","last_seen":"2026-04-05T09:19:49.138692Z","times_seen":2481,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":163,"receive":94,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/333.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:30.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/333.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Mon, 17 Nov 2025 09:31:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691aeb80-d2d2\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P2WK4zY5BVnwsclp2L5utoZS9qhqhRQ1JqeW%2F4XQ1T8yLky%2F6%2FDExoK%2BvuseXiWrA11UIdhoSbX1fcooGPG9anZOm03jtVlX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896a7e7cc3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":53970,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1303, components 3","md5":"325e946af71e99637cb7feaa4a6325df","sha1":"396ef2fb1a7a6443e00670ad2307014198582e1b","sha256":"b744e12cf860b41c8849e7d5594df2a55937076b927cc07c39059951f825f5de","sha512":"67d9b2ee6ade9efcbdaaac99b6d1b6ca17e3dc5ccd5d6987c4c94ff2fc2751af789dc7c00479a5257cbebe93e27e44599c2af4ef44bf6ce1b7e6ce6df9acd4ae","ssdeep":"1536:geYSwAdrvkCODXHsJyQXnydI2FeLYs7lVGs:8AdbkB7MJheaYs7zP","tlshash":"2a33f105f3760bb7f81bc674298d0b08fb26ea61f8db9b6d852f4502d0307a35d6c56a","first_seen":"2026-01-21T13:10:54.510518Z","last_seen":"2026-02-24T17:04:04.012108Z","times_seen":3,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":197,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/XCJN6fiDmEmui3yjKeJffGROvfeIon8AryOmyQmx.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:32.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/XCJN6fiDmEmui3yjKeJffGROvfeIon8AryOmyQmx.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:32 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Thu, 23 Oct 2025 08:59:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68f9ee65-10cc3b\"\r\nexpires: Thu, 26 Mar 2026 17:03:32 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AgbhvyCcWeK2Ui4vADm5IxGojRGrHMG9h72I9%2BhGITrBF0ytu1rVoh%2FwsyC%2FKLABMrHqKqEC2rtgGNGQ5QYLOaDu0atg5m%2Fy\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308971dacec3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1100859,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1500 x 994, 8-bit/color RGBA, non-interlaced","md5":"8c52048954e5f589b4fd7d99210bb2d7","sha1":"ec9c78469e78b62bd6d7e490bba778325a56886a","sha256":"f8f10667c1a0980eb8acf6e67000b2bc11cbb99e4df1871ac35729aab3362cd7","sha512":"9bb5d7060106578b743d4d5a5f64e1d2db8f39af8b7364618064a27643dd8eb9c7545f842abdfbc08daca5fd2a853e3e7cb1888f1a1e33a22d30f51af5f410c2","ssdeep":"24576:F+NcSZBFKMyRGcwoUgdVvk95VW/V6EzYGDilNGvKopOFUgEB0tPKU:F+/KMyPwbgdVM9GDsJlwvKowxEfU","tlshash":"e8253343558f9efa5001522ca37c7c8a08b45ae88f96efde543ef1d933349c91315baa","first_seen":"2026-02-18T02:57:42.479522Z","last_seen":"2026-02-24T17:04:04.012784Z","times_seen":2,"resource_available":false,"data":null}},"time_used":479,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":241,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/w8q15Dntz1qywha8kaPxK0BIjzzXjdpNczAgOV1O.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:33.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/w8q15Dntz1qywha8kaPxK0BIjzzXjdpNczAgOV1O.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:33 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 02 Nov 2025 02:59:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6906c916-c4eb\"\r\nexpires: Thu, 26 Mar 2026 17:03:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z4ZtJz4uUT0SSdiZM7%2FJZf1rhf063BJEO5iLKSRxT%2FqRrwi1yNRp5PXLW%2BCYYhb%2FYb2uXaMBUUShhwXaFd0HgRZ9D%2BCJLusc\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308977cbfdc3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":50411,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 430 x 430, 8-bit/color RGBA, non-interlaced","md5":"4a60814952710b40591beb41c6383377","sha1":"5b876803928f1651534edb5d696bed253b176984","sha256":"aa9cd091e22b08cae0c4020e39683d5ec2f5d993ee71a3065fc02d337d86fd13","sha512":"1a0df07edfaa7c7b710c83029afc9558fa518fa02ad1bbd0b5db058d74ee6e629134f33665ff26293c942370226693a494db276edf61dec6d5a16fcb38892dec","ssdeep":"1536:JyBHPGiFYidojpyhV30QOU9znWGicA3YOJOISW:JwGizakhVEQxjlARJBSW","tlshash":"0233e083f81d864fa6b19bd46e1e040da93546d52611f07a143af02f8d7ff5d21c1b39","first_seen":"2026-02-18T02:57:42.456509Z","last_seen":"2026-02-24T17:04:04.014461Z","times_seen":2,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/home/section/featured","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"POST /home/section/featured HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 47\r\nOrigin: https://mg596.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":47,"data":"_token=nNea4jwqn38Cz5Mb6MQw0oTbKq2676BBgQrHnnvC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\nset-cookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK; expires=Tue, 24-Feb-2026 19:03:32 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pzQ6vyvbsPD%2FEjnXl8oG7Fr6xNf04adG%2FkHYRdulYCOhj08QTf6nEf%2FO5CrIfuSIU14QI019bSjLr2cYWZiaQKkjUbxCLSTg\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9d30896c9bfbc3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30177,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"1bf1a250bedebeece1348cdabf5e69e3","sha1":"28817e7773ab072e6d523555a5472ae169b1827a","sha256":"b2d0a04343defc1912152bc60f81f7de68e8dda605ad86b1a0b0ea0b04b0af2f","sha512":"aa0c77b77d8a5a08e1a82dade7b3ae2da3cf927e566f7e696fa822d8366dbd0c053ed839ec6460e6cd3bf1e829f7c9b1b278021589a74ac264defa89d640ed73","ssdeep":"192:IVH1NhvuIAighdcplhUqPkGhauyCqR5h6V60hjCkNhhDcJMKhU7EBRhPyaAhLF9X:udHO3qg6LBc87AAdIC","tlshash":"78d20d1138e101ab05b7c6c2c7309fadf9819213d7578848f6ec63e76fb7ca29903629","first_seen":"2026-02-24T17:04:04.016094Z","last_seen":"2026-02-24T17:04:04.016094Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1407,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1407,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/jzCntCVBfilapmbDt6amYKiHanonm7NvMFgLNTl3.jpg","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/jzCntCVBfilapmbDt6amYKiHanonm7NvMFgLNTl3.jpg HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:42:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd5c4-1f21\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XVhPmAZ8ZhOHcCU2gt%2FAFyySlkIGaZcK81933rsINbXw%2BuiO%2BnoqQKmKRrCEmUaSt7Hg%2FYWUkHQQtFwBLaKT%2FbINl17oRrdk\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896cbc70c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7969,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 200x200, components 3","md5":"101f5b7b4838b9073f648ad1d98ec34e","sha1":"219ed72d8d0ad367447675f6b5aaf1da223f35d0","sha256":"0c9c58232b043981531c2ef5528a066bdabe029ff328ba98e32310ba9209d963","sha512":"575f646fb25e0a201528d97ea7260ac9ce5299f18bdf9d29bac09c0ef4e8b2170fa137a2e8cad75a0dcd7298c53c2618bb27fba1364147604ab8749d1802aa1c","ssdeep":"192:mm1/9oNvUZxbZsW3tyJ/KfVdd/LmG9zvZV:mWjiW32CfV59zr","tlshash":"d6f18e5f4c5157d2b81ac7f9fd050ce9bfc957e9a78a26ee25c20bc85e299060cd431c","first_seen":"2023-05-05T11:35:43Z","last_seen":"2026-04-01T20:46:11.761089Z","times_seen":1126,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":160,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/uxhH7xhMgkGFke3iSf7CSzaNUVnyJFekGfP6DwHu.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/uxhH7xhMgkGFke3iSf7CSzaNUVnyJFekGfP6DwHu.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:53:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd850-82e4\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=StG3zJKPiRDbq5Mm%2FXM7STFAszxUTV7hfqxy%2FKAWM8lSoy4yVnWHlmEMU0WItflK44Qg9dPCa8VYYrTAAwkBNVDiffojc5IK\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896cbc7bc3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":33508,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"651eafac236237a6315149fa80ad76c2","sha1":"c87987610945bf31f063aa9f3714dcf2f409d9c8","sha256":"0c2aea111debcfc2ddc5fe5d6c8ce105848ec1632e7f8ef138af6580731f74a8","sha512":"4cb8d550b425371f79ba53a61ed02c8d9d4167700ba635423f4e91a788d6ac7bed412573707342fb0a92fe9c894f9be9e6f146e2d84add21cbcd531cf276f810","ssdeep":"768:qzojDhGWO0tXC046oFBsyG9LdDxNIvgaT+HDrkMUXhiIEhpQIMgr2p:qcxDOFIcsyG9LdFNsgaqHDIMURFEhWIg","tlshash":"c4e2f1cb9b03b4a498b4559a9b76210fac31042401fd87ff5c9aeb4b2fa5874ccd9dd8","first_seen":"2023-05-16T22:49:43Z","last_seen":"2026-04-01T20:46:11.70194Z","times_seen":822,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/TyJLIfONLEKPPwbaTeHSCwnWGXfBYtC0KJpXCS1J.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:29.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/TyJLIfONLEKPPwbaTeHSCwnWGXfBYtC0KJpXCS1J.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:29 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 08 Oct 2025 11:56:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68e65158-286a\"\r\nexpires: Wed, 25 Mar 2026 06:46:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 123396\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TT3YFY5Bj0zTFD4d6Q41anclU7t8oJv3afM7V5mlDEfbPTFCKJ%2FUVAtsBfxChI3ZpVR%2FiStIif4XSXL6YU6WORm0xtRDEayr\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308963fb49c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10346,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 410 x 102, 8-bit/color RGBA, non-interlaced","md5":"cee5605ba7942ec495a83711c84cada4","sha1":"53c8ab1eee6f7c0173d8f4f309668494ccc6c707","sha256":"bbad6c1d21cf9835f338bd3377db63862a3a434c9b4980f9ea68d5e2a9247f23","sha512":"be6cf91a06518ecab7a80faf6aadc920ba26bd24cb88484de6b1b8385cb7e2a0758e8524a98abf0c8f2e9035401d35c630a7a7b5522b18a7361edd32983d391a","ssdeep":"192:/PI6FunqFf2iOkMTsAu44Xo5MpLJmZdROZ/p2UiqSQhmpQjjjX:/g6+62bTTXu44XoqpF4dRhUN+p4","tlshash":"7d229f61b0770de1541c0ca16d578d268bc324a91bfb8514f7d0ea997a0fb767f32861","first_seen":"2026-01-21T13:10:54.519404Z","last_seen":"2026-02-24T17:04:04.00266Z","times_seen":3,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/A4exnDZSrAXvDu3OLWe07zbp2XXmwnQXb8iHu7jE.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:29.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/A4exnDZSrAXvDu3OLWe07zbp2XXmwnQXb8iHu7jE.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:30 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:20:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd09a-bc82\"\r\nexpires: Thu, 26 Mar 2026 17:03:30 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ex872fmOhS4Elcxg2HcybkFoWWNhZnF9JsAJNUC0iMh4%2Fsw9aJ%2F4e0jTCwB9WSOrKJY3JnDqLGmsjKDMvwrYj5rUmK4l98FB\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3089640b6cc3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":48258,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 800 x 111, 8-bit/color RGBA, non-interlaced","md5":"76d2e804b13ae4a73982c3b2d75df903","sha1":"6747c9c593477ea96a3c96b808f2c93ce1a792ac","sha256":"dab6d5663f1c13413064c8e61aaa469dee17d921ff466b52380d4ecdacfcba45","sha512":"29cae41b0746fedb3641f52681cdedf6d2aae1b4cbe7c45cf5bf281da3689000fe1ecbf7daa646627925a24e084fdd4536f140ea5a287c3e3049687af770bd1c","ssdeep":"768:/lpWRpVZ/xrbiaVNCHRXvTZqYAsThs1/Y7LDPn4/FQ1jZgooky7DT2g0u+HaMYhh:/l8HZ9bdNCHxb8kTsY7LDPj1jZgD7Da+","tlshash":"a223f161f55e483740307d59ef42ed3ae1ecb1e17b7a8c2b7902ec9c94d9dd908aa40b","first_seen":"2023-05-04T05:57:30Z","last_seen":"2026-04-01T20:46:11.679131Z","times_seen":3135,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":53,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/iHOjnygPdOMIDICsimZMAMoE0b3NXYGInqETeSBo.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/iHOjnygPdOMIDICsimZMAMoE0b3NXYGInqETeSBo.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:30:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd2de-cc92\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ovaa7ht6jwEuR1Dq73mY%2FBRp0r7xeQKsadwcU1psfJmTHsNfrV6a8NTn%2BGSWYypwF%2BzycraRZN0O2VZnIZTHGbYevPGpbLcF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896cbc65c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":52370,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced","md5":"d08962c167054acb565d56968900c1fa","sha1":"4cc291ef506c6fb22a3de27f841d3ceb323ee100","sha256":"ff07f347264bcdfb55dcd9cf9de62d8046c0dfdf9f884842668d5fe1b5250936","sha512":"a934b9983fe775423960bf0c455289d53ee99c17f910077fed8726949010b793f6478f9ca0dd17043b45af75f2775103242280355b7405422fce81aacf12fe77","ssdeep":"768:f8ueIlJrC5bSVFPp3yHRq7+8p6LqSHE2JTk1EdYzX51YwzYcJgOonT8iQhB:q5bS8HWNFURAEOzJ1xYc+OImB","tlshash":"2a3301411e2cd360e33c722fd19e2b25b5f361a14e2f716a70829bc657325ea4e39d2d","first_seen":"2023-05-05T03:08:08Z","last_seen":"2026-04-01T20:46:11.63152Z","times_seen":856,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":184,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/bxlhVvN0AzEbPUw18ywPWlqB0ikeFoFRSjgWtacq.jpg","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/bxlhVvN0AzEbPUw18ywPWlqB0ikeFoFRSjgWtacq.jpg HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 22:42:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fe3c8-17ca\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q2oY%2BBGbUv20bS%2FQgjVb%2FvFxLfhSD0m3WMr10PIqV9yKr2f1PDPIJFoY%2BKJnw4w0P5vkzrNWhFG8SDlyA4bQ72ms6howe72P\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896e4884c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6090,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 200x200, components 3","md5":"2ecc6b1205f68e22291eb7351dce14e6","sha1":"3ea1323753b8307a89bf28474c9d94efd94099ca","sha256":"7dbf24942564ae07d811c4e9b33ba0d4d18fa415e98bf80db43c8ac5c2ffde07","sha512":"2bfc6b355cef54b4e9ffda17d188ace61bf8196bd0060ef65e94968d18b9494c3b7538d91f2efacca6911b17f63ee69222d5f04379727e4af573b207c348c7d5","ssdeep":"96:mEH6TXzPGqhGpBXB6q2TPXpRxvW/nksLPW93oWSxaHLUBwqSKYH2h9LTM7r6yrI:mDTXTGq6yPpLW/ksTW93oWrvH2bEvfI","tlshash":"bac118431d0d4ee7f625cba23f120e8c7be06648aca074ee01e1edc99f10e891e60547","first_seen":"2023-05-16T22:49:43Z","last_seen":"2026-04-01T20:46:11.844136Z","times_seen":555,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/AXlNH3zPDO3AIWY3TEno72Y0e4lfbX2EAARxcC24.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/AXlNH3zPDO3AIWY3TEno72Y0e4lfbX2EAARxcC24.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:16:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fcfb6-58ca7\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=41ZmGhUEt8ypSwps4w49orLio2wpR%2FGF%2BmfPtwudViX%2Bo3V%2FcPKp6mZ25WhKOmaCzIHxmlZ5h%2BzwWFBKYxJ2qULXs7Cx9q%2Bf\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896e58a2c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":363687,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 886 x 326, 8-bit/color RGBA, non-interlaced","md5":"ef8bea090425cb134eb494575ab13b56","sha1":"4c965825646abb5d6541a87a6f345e6c79ac342b","sha256":"3cb0a29341edd860b11040069b7c9f4c032d5dcc3771b03e7ce50896aed1c736","sha512":"d568d5dcc74c8e333576272bf49b842b5c02682e8b06893fb42d95c548387ad1a6e53c0785fb3c1bf14ac5040d3b3d0dd51e3723d1e9c03156d4cb553c70023a","ssdeep":"6144:jm2a5bCA6mWgpc/wmFOfv04bRHnpgk3RmZCtGd8HYjwWF1fbEWAGdZniXX+GOwai:jFamlgK/wmF2v0S1p13AZFfjw41/tnnu","tlshash":"817423ae10af573915574c3a0a8d35ef14b5aa99ffaa4283ee336e45a42f02047317c7","first_seen":"2023-05-05T03:08:08Z","last_seen":"2026-04-01T20:46:11.853026Z","times_seen":615,"resource_available":false,"data":null}},"time_used":354,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":141,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/DsLxGvOuSNq6bPjaxaiK1U2mpy1seJPA9Idguc3D.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:32.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/DsLxGvOuSNq6bPjaxaiK1U2mpy1seJPA9Idguc3D.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:32 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Thu, 23 Oct 2025 08:57:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68f9ee02-3ab27\"\r\nexpires: Thu, 26 Mar 2026 17:03:32 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QTmhHft28dOIkMP4R5g1Xt%2F%2BOaTPiOGo6siBZWcyKZj47%2Ft3HuslKczDD6jiyBQ4PhDMFph0tvZqyjbW%2BmF9HzadflNnnHW%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308971dacac3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":240423,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"c4e200cc9a5c40eba49110c0920871c0","sha1":"71a29d410ecb2a1a945180d0a9c2dbc8979fcc0b","sha256":"14d4c46c74c945fbd1d6aac7c94257930ea455286d8cf1bf371f9839b5f0d713","sha512":"21809e454ab2cf06aae0b48e134ef34411510472666e3e7ebaf39b63d7fc7518ea0fb8d40a9c6c08f0c1c05e4ff2cd6afe28dbafd64f572db365e7a0dc36e3e4","ssdeep":"6144:Whlp7Euu/lRVSMvgMl+t/HCVQbCVy7JiYYRUS8ZakP0:opo/lKMvxlMce3YRUSc0","tlshash":"7c3423f46a2107d071125e852e39788b13a563dc8ff9e418b5174ff8ad4ba703afd660","first_seen":"2026-02-18T02:57:42.471833Z","last_seen":"2026-02-24T17:04:04.022877Z","times_seen":2,"resource_available":false,"data":null}},"time_used":343,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":131,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/assets/img/app.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:29.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/assets/img/app.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:30 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62d647f2-4cd3\"\r\nexpires: Thu, 26 Mar 2026 17:03:30 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d8w3rFaM00QLgX1teZ7QR3riJFEug%2Ftj%2FZZ4imze%2F6xiRrnefg2%2Bcn%2FEaB64eIDO7T67Zy8OjZ9pfVmwLo6M%2FQc16sglHxuH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3089640b68c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19667,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 89, 8-bit/color RGBA, non-interlaced","md5":"941ffb2f3fad44788db23bf44d5957a7","sha1":"8209c9a82b3f6bc57f014c0ca52f636bf6a6c587","sha256":"fceed4855ec5bb16dcbfca29fc915c4c0dd8504b135ed9b0ee5f3f87d0515cc7","sha512":"2fa8234c95323c0a05494c7fd15177313cda2ea1c78a090b2378fb50a9582d14d8fb628446c1cc68823e5668bf82365785c87c94dc31eaac5b0822c8eae79756","ssdeep":"384:/JnO/VS4ZdzWJfgOdO7keoT+SlYIEsFbjKN1kIXyrBCqWF6AWXOWAyJFai:/JE9WJIOg7keoKdpsFbjEnF65Zzai","tlshash":"3d92d0ba74039f88ad0eeb1cb8da1119937357f48cb57604d8884a368ad63b742c8cd3","first_seen":"2023-05-04T19:59:00Z","last_seen":"2026-04-05T00:00:22.289446Z","times_seen":806,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/EF9g1my5HQIF8tGgEjNGW1vxR8JajuhSvZ1C0uBn.jpg","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.063Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/EF9g1my5HQIF8tGgEjNGW1vxR8JajuhSvZ1C0uBn.jpg HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 22:28:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fe07a-41a\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jO1sGRRMxqvrkeCxsKl1rxFSAtQnZTtXsDu5Nbv7Ym7jyxMMpwV%2B4rRyJQWT4Y2KptY7j1wUa1WL8oVY9Kq715O0Q%2B6%2BwFOh\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896b2835c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1050,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 32x32, components 3","md5":"d879d525121e7198c5c5f0b2be71c2ce","sha1":"da70f1ae56fc1834c0e16ae7dc5b9d93f18f0891","sha256":"8bdf46de0b2685634bb04ae842a892b9bcec19d9438c2b7e381b8e7b23cc2a61","sha512":"634910325de608b980d19ca3011ad0be78c329e61d0eee21a8ec6ab3e08ed3a769f67e4f9fae3664090f20175a0f74c9295fae6be72c3946ea006060facee278","ssdeep":"","tlshash":"8711a57f174313c0fc3b88f756912d65c2e8654638d003062be152d0c920ecdc4c890c","first_seen":"2023-05-04T05:57:31Z","last_seen":"2026-04-01T20:46:11.796185Z","times_seen":1306,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/N3vnccAj2nO1mipj3ErFMaf4Lt87CMOlJ5kyIVyi.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/N3vnccAj2nO1mipj3ErFMaf4Lt87CMOlJ5kyIVyi.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:50:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd7c2-616a\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zKNilfjeZMSf9TZ3R1iF3S92FNme3tkdbnbZrsYRaNvgLj2W9558Ca9HFox40wN1a4SmV24mebEdBl6%2F%2FbKHnrnGI8whBImx\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896cbc72c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24938,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"0ed838de0ab686e11756a9e577ca63b5","sha1":"a533921cf201275e0fb4e357235f43609d031101","sha256":"7576ab29dd4b98bae9df379d9529cacfc3741d0812f61e70ffa170ff4afea80c","sha512":"ce418371ad232dfa6ea3b3088b00033466be36677f21384c45327b9b9736fb413e99bc50d5f6b9332a39342d26067bf03357b19168befed7982d3f75109c9f15","ssdeep":"384:azgRCXev6L14ZVu2bFi5bSEH2tyFFfx0QXZ+fSI+siN0tqU18IpJJTLNjRCp8+Od:ZCl1GVzi5+ad50Qp+asAtUaaJ5NjR1X","tlshash":"8db2d04da3f4fe1993181e02a0bbdcf1625682368327db693d765c54b7982ca18736ce","first_seen":"2023-05-05T03:08:08Z","last_seen":"2026-04-01T20:46:11.687378Z","times_seen":1093,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/G4kHuPnMRYKNyfF7aBuirqvbbxYk5hSCDGhJ0IsL.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/G4kHuPnMRYKNyfF7aBuirqvbbxYk5hSCDGhJ0IsL.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:16:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fcfb6-79369\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C5zVblNb%2BwAeVnprjr3bsvKVNhUHKXzeAhKmoHsvZq9CYOYmfz%2B0BuOJbBCl47WDJ61eCLsySNV3u9vGSjenNpJ%2ByMaqJfKL\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896e488ac3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":496489,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 886 x 328, 8-bit/color RGBA, non-interlaced","md5":"c581a2a09ef0fd64cddd1d8af0083b96","sha1":"983ea3145ab8d895a4c916c4be21a53fc97f75e8","sha256":"aa3bb42b10ec9d2f9ff7f84d86233141f1bf022da304d2d7e54dda319d8a761c","sha512":"d5373aa3311112d1bc9c412b9d58b0cdcc8e99c07a635446adcdb6115c3c7b53d05f366ff932696f52e50d7da52df3fa56145d2d0571dfa92f4858a05fa25db4","ssdeep":"12288:5l489eHeQVSo8KlSXJQUES1y/dP+Jimk1fNZ4OQer0Tqn4t9B:396pH8KlSXJvESI/5k+fjjQy0Tq4t3","tlshash":"07b423a0d730a9c6d93b72d4127038dcf59a392df65eaa62023761e88dc0d9ec0d7f61","first_seen":"2023-05-05T03:08:08Z","last_seen":"2026-04-01T20:46:11.70835Z","times_seen":671,"resource_available":false,"data":null}},"time_used":351,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":183,"receive":168,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/xjmjKIo32nm4WUsDbDgpyEOyJtDNXSCqZvrclGPL.jpg","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/xjmjKIo32nm4WUsDbDgpyEOyJtDNXSCqZvrclGPL.jpg HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:53:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd850-5bf\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yEJj5yvvmmkbIaI4nQQMn6XPzzeqLgiSc1bpy6d6GJUfJKlr3Gm1EBMaSIlvdb5bu6vW5Bma%2Bgc0gWPRzTp4rv5NJYnF6p1v\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896b181dc3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1471,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 32x32, components 3","md5":"a0ecb7e59a02eb0764387f21be234f63","sha1":"2d0b24fcb1e75b6cb96264e6b8d42354b8cf6062","sha256":"df4fc66c8dfddb9c87a6ea42549ef7b88359ae9115c2e33483b2767c1e307ec1","sha512":"fcf46878c232d155f68833bce2141cf744e4fa76af5c0d655b983fe9cf76d0a1e924ea74508c7b393065212c7220f6f74ed9d70c09d41ee473c8bb46df1acac2","ssdeep":"","tlshash":"b731965d1b9f13d0fd7781f3641d9c66e3ee9e8354802a056bf4a2a0c872fc8580ca1e","first_seen":"2023-05-04T05:57:31Z","last_seen":"2026-04-01T20:46:11.754323Z","times_seen":973,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/862BrsDoXMV9CHChEFiD9YrvpZ8iekbeVuFh1IBz.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/862BrsDoXMV9CHChEFiD9YrvpZ8iekbeVuFh1IBz.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Thu, 23 Oct 2025 09:15:45 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68f9f241-f73fa\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M23RMTIiXaXKKNFX%2F2QNGo%2Bxsy5vbAHg8RATtWya0FthIjEw3uoLWvHiXL7PWrK4r0F0i%2BYqQGaQS90EITrunYHQhbF8zqHt\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896e58a9c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1012730,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 960 x 960, 8-bit/color RGBA, non-interlaced","md5":"7d8d5a6b10e8b3f9825f93fb9df096c1","sha1":"678dec009855efcfa00155466f090b99064bb5ae","sha256":"8a8d048ad3d9d6c118354063e1fdee021955af2129a1fc1b8b2b14eb33a610ce","sha512":"4873526d5ca119c0cf5226345acc1243f750fa5c59bd38d1fcc4b63e5a39eb268a02b4b13c90d951065ccd62f77a03229885c3006914233e414d0a2e6446381b","ssdeep":"24576:mLxhApEKaAy3Dok9JTzaNaAPwUAQ2TYWX+A4JXscpvg++3:MqgA0D39JTyAQ2TYWX+A4JXY++3","tlshash":"07252316d2a7aef72bcbe4b1dda215d639b950fba8555387068087cde53f4c30281e28","first_seen":"2026-02-18T02:57:42.470964Z","last_seen":"2026-02-24T17:04:04.027704Z","times_seen":2,"resource_available":false,"data":null}},"time_used":413,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":219,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/9QKNpflrKy9mAOPaHMiMQlUFJqI6eUmT9RgVZpYw.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:33.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/9QKNpflrKy9mAOPaHMiMQlUFJqI6eUmT9RgVZpYw.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:33 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 02 Nov 2025 03:16:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6906cd28-24b54\"\r\nexpires: Thu, 26 Mar 2026 17:03:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Nbo6FGFhvtA%2FwS5TuePWkG5iQ96QobtESDhpQaf4irOeXW68Y%2Bo13GMEPeK%2Bzbca2xtFrTRo1UW90z70Ia7kHpytR3bWLuh4\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308977cbf9c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":150356,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced","md5":"ff1c1c694dff7b8ec740a614ddc48d4f","sha1":"206a72a558390a839fcefbe5457c1454cf5c6382","sha256":"9f63ab71fdf838d63aa78b9c80ee09867862f3392b6ca4f265d718da8e9cd0bd","sha512":"46848f43f76ea3c6c23ab601e023060324fa1d4662edb4ac182ad1e678115bd93a19f961cf06b8dbbf0213ba202439ef69ad1a74804b78c5b60ec040b54576f0","ssdeep":"3072:pUJuyYujEfhsWxnfY2HhqOTT+jzocgFnIjjwLUTpRNqrs:yJulujEfhbxhqO/+XPgFIwwTlus","tlshash":"cae3125af3f440bf54a7966cde5107124b3068c104edbba85288ff9b0e147bf02a6a99","first_seen":"2026-02-18T02:57:42.434742Z","last_seen":"2026-02-24T17:04:04.029227Z","times_seen":2,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":85,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/iJl1XiTXV6IG79gHvebKcU7p3ryEhv5e4TBVEd9k.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:33.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/iJl1XiTXV6IG79gHvebKcU7p3ryEhv5e4TBVEd9k.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:33 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 02 Nov 2025 03:03:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6906ca0a-13cb5\"\r\nexpires: Thu, 26 Mar 2026 17:03:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bXaZsgkmRsuQ1B9ahOLj4RC2frd6s1z26UN485LPpedNKXnuNGVFl2hwTG8Eh0x%2Bz97myVwZCsVuSVTnGJA3wI1YS7m5S2xa\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308977cc08c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":81077,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 430 x 430, 8-bit/color RGBA, non-interlaced","md5":"4f25139e82ea9299febb1509906408ea","sha1":"bb5d86a612f08ef639aa5374d51d3ed516a5d11f","sha256":"19b9fc04ab4e5b12638653b6c02fa7da70c1d4e104f811e05f35c31dbff672c9","sha512":"e2acc47dc150f25237184e2190ba2d1e524aa5dba55cc25541452e16bffaac1ed3258cd552dc8fc01cea81d2ddb7670114750045bec22f721f3dad5b9aa9bb6d","ssdeep":"1536:FzoyjnfmBZdHE+2O6w7Yx/qJ/bmZeeSAWg3h/t4kwRyAX:xoy0RBMMqv1BxCyAX","tlshash":"c283f1b69f80c86a20e79909054332747fa6f3545a3431cc7687fef36a284f81696fa5","first_seen":"2026-02-18T02:57:42.467935Z","last_seen":"2026-02-24T17:04:04.031195Z","times_seen":2,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":47,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/assets/img/avatar-place.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:29.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/assets/img/avatar-place.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:30 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62d647f2-891\"\r\nexpires: Thu, 26 Mar 2026 17:03:30 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zXuhjyFZniLTerZahx2mLz2POdFFZ3n7JMcJQrXq1AW74S7pQRLMxfuqQG4aIuyyHUXMBitf22qjeit8ihHVBk4XCNCQB27e\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3089640b6fc3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2193,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit colormap, non-interlaced","md5":"ef7330479dbe02e220ad6dee9998df64","sha1":"c433e1915c00ba4693a76958b9f1cc45df4a0bbe","sha256":"54efe0671051e55fa2622b0bdfdf959389a82840f6a42c06acf99b7f8eb97da8","sha512":"65af67af6f5bea168f6e26162fc439adbfd4a3972759db3f21c426249150acb4a648f920fafbf4ecda9f36a6f8b2628ff1edb81218b9dfeef437741127609cba","ssdeep":"","tlshash":"d24107cf65193f4dd1e5163aa0acea3176c0c01a42fb56040c8868e92c73e54ee39fbb","first_seen":"2023-05-04T05:57:30Z","last_seen":"2026-04-01T20:46:11.61251Z","times_seen":1889,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/FwZlWQdDtdap6FDGukabtPR9nGISL2SINWeDUlLV.jpg","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/FwZlWQdDtdap6FDGukabtPR9nGISL2SINWeDUlLV.jpg HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:50:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd7c2-57f\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=92j1gET2o9WCwSZOdxkc5DqCCaba0OjceRoA1EE6rLHCjwfTOeqUggwn%2BsqKBQ2XNAdqqA9nS7HxU4B9VNY1jSxaYn2HEQx6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896b1815c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1407,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 32x32, components 3","md5":"5b29995f74195e646abe742f826a586b","sha1":"52b226843eb0050eece321b5b84fc06e3d7f407a","sha256":"b01d56794c1ee32c4ab6b186a8758edf129ba93be2b73117c523726cba08f1f7","sha512":"aeb93900addfc47a7439ea5b67a51b090f830b65dd70636ffc130b094614235f3f1c414c3bf38bbec3dddcf3f459a666b77cbfac857a1d69e39dde88da95e1b5","ssdeep":"","tlshash":"0c21b67a374207f4f51a83b78c111ca9c2ef6291368116e736ed8652c1726c0dcaca99","first_seen":"2023-04-18T11:40:39Z","last_seen":"2026-04-01T20:46:11.773172Z","times_seen":1375,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/8xVHBPsspUb0Kue8JNBWLleqZE4VGBUR1PVBIEqQ.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:32.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/8xVHBPsspUb0Kue8JNBWLleqZE4VGBUR1PVBIEqQ.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:32 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Thu, 23 Oct 2025 09:23:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68f9f42a-23b7a\"\r\nexpires: Thu, 26 Mar 2026 17:03:32 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=J5L838WLAQ48y06wyURa8tioDqX8kBqtVRIhwnuSeHPQjGvEnEUtCTjqEWuk9DVmEPL57i4Y4dy%2Bf50H2cTW0Cna7XUYDpUF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308971cabac3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146298,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"c3739ef7fec920cd88c874c44cad4f7a","sha1":"501e2bed27ee5c248716aacd148b8dae8b3881b2","sha256":"6cae3ec30047fae41c71167b736d145b28a37c8ace248662ea2b204454f5cab0","sha512":"3c47d760a2a073349e90f601a63284ae2aa9bd222723cceae004faa6894595ad3ed9dd23082b50abf80665753e10306824e2bb3d87d8d04fa4faff58f7e5eae4","ssdeep":"3072:TBxaTFwMfzH2tluNDpcWcrfARpywQQV/6ALLgNhku7IPHQ:T+BwMfK7WcWcWpzBROhpIPw","tlshash":"2be312d404490c82d7d61bd0a347c36bb6b0ab9806ff735316f0a5e5105ae7890dabaf","first_seen":"2026-02-18T02:57:42.468822Z","last_seen":"2026-02-24T17:04:04.033927Z","times_seen":2,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":186,"receive":84,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/uYNLvMXQB4mmYdzBTmDepkASoqjDAlIBDTFrtWHr.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:32.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/uYNLvMXQB4mmYdzBTmDepkASoqjDAlIBDTFrtWHr.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:32 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:17:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fcfea-43f7a\"\r\nexpires: Thu, 26 Mar 2026 17:03:32 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FK5qL7dZ8R1TgMKtvMZkUaus9aNGm%2FvUuUloDbpVYPtk8e3e82Tsn%2FXKN31Gzad8fgOm0eg%2FN5ouEuqTc6zDn2bVNu8AW8gx\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308971dad7c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":278394,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 886 x 332, 8-bit/color RGBA, non-interlaced","md5":"7fa2d7c7240b499117bb62f0ad132b48","sha1":"eb5d3427d3f17f002486e247721ff76edfb7fc7b","sha256":"717cc037544f053ddd9593a29e852a575e4dbee0b3eba66dcedc2365187585dd","sha512":"c214103eb2733738a266f1212be4e7cbb6200a7ff9aba89753a28c5db38badc5f2f03d2b60a4b65dcd49a4a67bee8059e99ed3de1abf9377591d7d2ec813423c","ssdeep":"6144:fcF6hmoU+tiaeJVGDzmiQ4yj6/POjxeiTqLMC6Zq0kvmVAuafbq7FP4oP:kFdnUiabzmB63OteiWLNFhmq2","tlshash":"2a4423b886d818d6bb53b7f23519a3fdc6026dbc1cb35b8f425754b8a213182ae5d3c4","first_seen":"2023-05-16T15:44:22Z","last_seen":"2026-03-09T20:35:31.813657Z","times_seen":325,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":131,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:29.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"09:4B:1C:B6:64:C5:97:5E:E3:CF:D9:FF:1A:01:C4:D8:D7:10:82:7A","sha256":"2F:A7:09:04:89:72:33:DE:1D:F8:A7:A6:EC:9F:0C:74:15:D5:B0:87:85:BE:25:63:1A:0E:73:0C:72:E3:CD:C8"}}},"request":{"raw":"GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 24 Feb 2026 17:03:29 GMT\r\ndate: Tue, 24 Feb 2026 17:03:29 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":60285,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"5e5b4b2e4d78154ea73b0609805cc2d5","sha1":"ceeed0d32187afdc105bd721bfbd69673a1d371e","sha256":"831b4f88e3e23e5cee5dae66d5ad1b348bd4a5dd9ecfa1d88c40938751b6f909","sha512":"a8c2cfd51edb65116da470fe1a8486154f8f9f1e09d42886633d3a92b24d4d815bb1f6111aaebc174d46dc63aca916ac8b3726925cdeb1398166d90fbfc1fc41","ssdeep":"384:+oOcL9tMTv9qY49OnL6dOhqqt5Iv0qY49HnQdXO/UQtXWvyqY49tnyTUOYnht4v2:wdBIM84eKcZd4oIp+6hFzFCuVh","tlshash":"d043fb9104171440aa435dd233de7e34ee0fa6616044c0baabfd9bdbeecad6963b435c","first_seen":"2025-09-17T04:42:01.875528Z","last_seen":"2026-04-05T09:46:07.240833Z","times_seen":11340,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":58,"dns":1,"connect":8,"send":0,"wait":20,"receive":0,"ssl":63},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/assets/js/aiz-core.js","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:29.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/assets/js/aiz-core.js HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:30 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 11 Nov 2023 10:33:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"654f586c-140ea\"\r\nexpires: Wed, 25 Feb 2026 05:03:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=viTuZ52Bx86bm%2B89OMokzvEPGCzOJZ1RfXVLVZK2iMnAIoiRBDYEcQmQoYFA1POwW2eeLBEozVTVyUme%2BkXNxQ6gNE1TpQoi\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3089640b79c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":82154,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"9a6e566915417c2103df2e69dcc44f2a","sha1":"10f7a3de4d164a6205b89c6007d0187ea38f3a3a","sha256":"11fc9c2834fabf211d1c723b438855375d502611712f618c9b0207e91e0f6c9a","sha512":"986cb542b068eeb28314d99c1a8ee413856673797a69280676cd328f6ceeafe4170a4ef1a939d56694e06bf985328dc25f44581747e61530d42be71a440270b6","ssdeep":"768:RX02O2suuKE0ypBCLCnKPFnVJ97Qntfv/2yyE:RXI0engE","tlshash":"2a833e09b0e76425647b71fe8fafb5403561d02b850adc103e8d53c89f9ac3da1b7ae9","first_seen":"2024-01-15T04:46:17Z","last_seen":"2026-03-24T03:59:26.512995Z","times_seen":49,"resource_available":true,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/assets/img/flags/en.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/assets/img/flags/en.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/png\r\ncontent-length: 609\r\nserver: cloudflare\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\netag: \"62d647f2-261\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eWpTIE%2FSOEwNadSl3%2Fl39ZriEPLI1HbNmU2cST8yqG4ir21cuhIvgGIgBxVY77Y2cAf6nyUR6ZfxoUnV%2F6lG8tquoOaX2Hp%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896affcdc3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":609,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced","md5":"968591e0050981be9fa94bd2597afb48","sha1":"dd9e149e2b5ad59dd8b4b262f5fdeb5cc10ecf43","sha256":"36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585","sha512":"ba8e09654cff264d428b1b3cf6df764699c6a754f2db329643881fb75cc8647a9c2777f05bb8c0d81b9d648d345796ffdb14fd231e2bb1caf71530098d12f219","ssdeep":"","tlshash":"9cf002c1fb856ae9e16a52610d7a16701c07c3a4217640a46c26ded41929f0dc2d8221","first_seen":"2023-04-07T17:29:43Z","last_seen":"2026-04-05T07:00:37.485666Z","times_seen":6431,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/cJxfU7v3KPBN2FqzyJdhheajgkZvv8yJBiqxmUE4.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:32.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/cJxfU7v3KPBN2FqzyJdhheajgkZvv8yJBiqxmUE4.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:32 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:17:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fcfe8-22ae5\"\r\nexpires: Thu, 26 Mar 2026 17:03:32 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z1wfQiac%2FH9O0mkbfFcS%2BymkvwbQ00wKGLmWAXWIfEVGnLFjBlXzq1o85eaFuYiN355HRNNaRla9%2Bm7Gt55TxKKmYzLIuVfx\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308971dad6c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":142053,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 886 x 326, 8-bit/color RGBA, non-interlaced","md5":"685055a86010edd61edccdf8145597a0","sha1":"e518030e76f7ebe3e8cfae58b9594d6eea33df99","sha256":"209aec9626d02c4f6b9a2364ea509c7d6d495ba066147ca7910fb291207fa747","sha512":"f7e79b925567d0e2de2e8e7ca111a64dd4695f0c8be7d828722e8a26392b839b9ffbaa3cb0cbb701d29aa0bf32448a99b30daa4405c8c6b6d360829e7c1c46b9","ssdeep":"3072:ERev3MSU0OS2j+aMrjmBgpn73uRdTh21+WQIBxT1Uro53EVYq:EReETc2dM3ygp7I21nT1go53EVYq","tlshash":"a2d3127ed2888c87cca8ce11b5b15f983f9c65794d61bc4a8bbf256b1b584834e21d0b","first_seen":"2023-05-16T15:44:22Z","last_seen":"2026-03-05T06:39:05.572884Z","times_seen":335,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":86,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/YocWwPF4fUUGLleFmcYVLWE0Olhs1Lanpit8k4Cl.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:32.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/YocWwPF4fUUGLleFmcYVLWE0Olhs1Lanpit8k4Cl.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:32 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:18:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd020-706fb\"\r\nexpires: Thu, 26 Mar 2026 17:03:32 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bahtVBi9Z0ABiPH1mLcNZJeGHHm7oABUpOy1%2F7GR992K03omMucL%2Be1LHNyoDHuIu6KhwUYIIU%2FKC5lqFAydH%2FQJMHjRkZQF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3089750c41c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":460539,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 886 x 442, 8-bit/color RGBA, non-interlaced","md5":"c2a3794c8279bc2d4f4c296ddec7b67d","sha1":"0673701f35d48dad6df6f0d3a18fef673f1fa42d","sha256":"712472c5b1465e7696a86bea7a826e571f7a9b8381273868bcbbaab6b521a86a","sha512":"4495c8adc5697095f10739e32882e99fb526e05b7a37aea03e4afe4b5781cdfe247ef8e5068cadf567c17bf7459de8a72accc3fafe4aaca6e860c0bb61f83a35","ssdeep":"6144:LaTtiQ9M00fsFHsbi6IQ/1HnI/VEdnF/qvBorar8+NVrXy7js99xkdjN4tcV3B:IM00fsNDwI/VEz/+cS8QyK7NOB","tlshash":"77a4236056dd697fd88e62d43ab30ee08aff2d9122dfbf22613d0095bc2c1785814a7d","first_seen":"2023-05-16T15:44:22Z","last_seen":"2026-02-24T17:04:04.038479Z","times_seen":170,"resource_available":false,"data":null}},"time_used":369,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":195,"receive":174,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/IDrlIUQlZoeM7KXJlJ8NfQzOCTrnU7q0WlwPBvub.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:29.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/IDrlIUQlZoeM7KXJlJ8NfQzOCTrnU7q0WlwPBvub.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:30 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:15:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fcf78-f1fec\"\r\nexpires: Thu, 26 Mar 2026 17:03:30 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8cKchmOFrAdGes4L6HjKpsTi%2B109uOBI4LLjAZm8kz7ED0HZWeqKm%2BtpvnLAY8%2Bi%2FOo9tT8jCU9Ka2mnh3QsEKPTpE8LmBJy\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308963fb4dc3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":991212,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1500 x 598, 8-bit/color RGBA, non-interlaced","md5":"b14b014ded752325cd7815b992260bb8","sha1":"7ca0ae9e304914bbe0490df4ff4814b975ab684a","sha256":"276940c221371907ae03157ca90dd04033beb71d6defa0de3792aeee976a3b92","sha512":"adcf40171e541cb506a6bee648f9d49cf0667f584b11644c40b54ba7962e6d7a96c21df91891bbaaffd78eed0e8605f93c4199dda8599d4ba1436e40c4a86e72","ssdeep":"24576:NzYrtv9QFy+/ldXTNaypK8jxYxC+nOp1vtCWh:mGR7XMyOTOpNtXh","tlshash":"f125337e369e30ffb916c226df8a5d669facf697171f1a23493186eec040c549b02b40","first_seen":"2023-05-05T03:08:07Z","last_seen":"2026-04-01T20:46:11.676015Z","times_seen":219,"resource_available":false,"data":null}},"time_used":422,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":195,"receive":227,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/DgkmdoOnXoABkLpCYiQ0uMqiCEBWsLV0gDMhfKu3.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:29.935Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/DgkmdoOnXoABkLpCYiQ0uMqiCEBWsLV0gDMhfKu3.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:30 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:15:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fcf5c-149f27\"\r\nexpires: Thu, 26 Mar 2026 17:03:30 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1d7udryqKYLyJvQMcPddySz%2Fe8fpafBVxD8YBf9c7c1jVFRl7C%2F8aLqaUbbJL%2FQR%2FG02%2BnbYfwUTlz1XlA8ZCkAwaGF3U0QZ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3089640b61c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1351463,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1500 x 598, 8-bit/color RGBA, non-interlaced","md5":"f19daec54b5468d4bc01288dbd2eadc7","sha1":"256da978cfb636c4fb07439d9e9a9521d6b87cc6","sha256":"4968b981e47aaef45f11df59acda32fdbd19b78d86418bd3b26a3cb635503731","sha512":"1a8766731e8f6057ac090b1d0019e4ec5830a87fd89821fe9f18147017c5e8bc790d9db13a28fef81fc941815157903dc4679e87bf34c63c4bdbf5cf76390d2c","ssdeep":"24576:wucXsUbdeiN4nIee30BecOC2yM/kHO/qF:MXsUN4ICecblHOSF","tlshash":"a2253331fede6d6867735e55b72b2c2369ea85d2c930715c0081a0e9605fac82cf9fb1","first_seen":"2024-01-15T04:46:18Z","last_seen":"2026-04-01T20:46:11.610126Z","times_seen":54,"resource_available":false,"data":null}},"time_used":457,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":247,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/assets/fonts/la-solid-900.woff2","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:30.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/assets/fonts/la-solid-900.woff2 HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/public/assets/css/vendors.css\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:30 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 96752\r\nserver: cloudflare\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\netag: \"62d647f2-179f0\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YrKub95TsfmjZDHr2lCQpkucL71Mvemm3%2B9DHdP9EVdX%2BWae6i2uzhM7l0fZ%2BBBsHlFsiVG%2B%2BfM2LGizZFbSEWJJ4xdfFNVL\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3089666b04c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":96752,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 96752, version 1.0","md5":"36fc297902c9a2e857858baa6ac25f2c","sha1":"89d9531c0c70a8751dff83c1917baab1f16a2071","sha256":"10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb","sha512":"c5711d5027762fbc8d352dfdf64094958348b873671c891e8c5cf701a569c3bad672a380db7fad76692bf79dc9235b37f76b6f42f73698c9f85d2c7a23aa62fd","ssdeep":"1536:H8wZeXMjWqtJeAAHBX6ANib7HTYJv+Nr1ScHQjn6t/k5LBNCMAG35y:H8hXMjWeeVHtA7evKr1Xwelk51N4Gw","tlshash":"1f930257f0921be097c688990e189035cd39fd71397fe9f4e603ae4cc361927e52a4b6","first_seen":"2023-04-05T18:32:05Z","last_seen":"2026-04-05T09:19:49.136421Z","times_seen":10920,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":10,"dns":0,"connect":0,"send":0,"wait":158,"receive":132,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/sC6ULeGDfqVbu1b3LcqrTOL5pm4UGQedv0kbHDIv.jpg","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/sC6ULeGDfqVbu1b3LcqrTOL5pm4UGQedv0kbHDIv.jpg HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:42:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd5c4-4d5\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K3X%2BHUQ3KkBOw1Ty%2Fud8bDiADs0l2LY1lICW71kMhflDnuDpAmLnvXrnY9xYykNkF3osCAK7yzultTeO%2BmlJFJUCnBB51Way\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896b1809c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1237,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 32x32, components 3","md5":"96298d43684ffd02a2a79da4b3fe249f","sha1":"2e79300fc21bcf3999a341bd76cac97f114b4382","sha256":"bcae7635b12fb44a84dce7e6bed9be6a709ceba04fee1385094506de6be5eb4f","sha512":"b039c7cf285ad4d1cb3e5bd760a8a2eced17497fc4db53d22e279d8f650e0c35be7f7ce8f78ddbebaa4d1fc425c93a197ae3e3c25625c21809c54edf96d0de37","ssdeep":"","tlshash":"9a21b72e32d207d0ba3784b3103a5ca2a2d87d82b0a413862ee85231c412dcb8508a1c","first_seen":"2023-05-04T05:57:31Z","last_seen":"2026-04-01T20:46:11.639332Z","times_seen":1348,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/daVWMYg729HjSPlKmknmYwhj2r9PNUSZdRxdwTSo.jpg","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/daVWMYg729HjSPlKmknmYwhj2r9PNUSZdRxdwTSo.jpg HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 22:35:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fe234-4f1\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OzTl2WIeZzThLxIMW9IMgYkpuRiZisx6EdHLQFZte%2Brw1A%2Fms49fHqPwTHuMyjdmQPMNO%2FQp4yZW1TWbqZ1kUOZ5vIeF3xB1\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896cbc57c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1265,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 32x32, components 3","md5":"2ee9653ca564329d4ab6771a802741e4","sha1":"f39633c5e4b51e23a3085b29f9482e21a5c204d7","sha256":"a197c7c913627e639aaf3a4ab155eaa119f846e1fd810cdd8e0e9aa58c5be14c","sha512":"aca893b869cffb0411803ec543105858b6e597a4aeb911fe062273fe97f45f0f56abaf9618c32905b5e3fc947a406b4627769847b4440a92c31e1c16aade4a73","ssdeep":"","tlshash":"1f21843b57520bd0793588b644057fd1e6ccdd45b1d0566a2fd4daa18961f81c08c90d","first_seen":"2023-05-04T05:57:31Z","last_seen":"2026-04-01T20:46:11.629118Z","times_seen":942,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/Eau6tRifw5HfyJkWnYGmHUCyqfrXO20BCGY7j0QG.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:33.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/Eau6tRifw5HfyJkWnYGmHUCyqfrXO20BCGY7j0QG.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:33 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sun, 02 Nov 2025 03:15:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6906cce7-36c0c\"\r\nexpires: Thu, 26 Mar 2026 17:03:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VjUY5qT621yLIFnpgymvyvh%2BjnfQCMo7XkdcX6PcQHe0QYj2k24A3BTAKZPRT7Sw5l62ziFLPtrdgh2m4OZ3fzwbntBZ0BPq\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308977cc28c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":224268,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced","md5":"5d6315d2663b24d9883602b2b39d6ab6","sha1":"b0c9996ea579eb8061003a80a185505eb5ccd8fb","sha256":"bd07b93572da94d02d348e1cc8f1abcf9240bc4342d753261e26bc5b2cf2700b","sha512":"a03fb845c8db4990e1c12ec04a488b4f889628be9bb7d5962803cee18a0551046b24ea1bc3d9f7bb3062b6c4f9f79d95f6abbcc18d73bef99345525bd967c00c","ssdeep":"3072:Os+z+loD5do+TLJBVL8BtpA+OZ/Uc4m3rOhzjk+fEmkNhNrxq1LEQIZPnA+:OnXrf+/pA+eUcHItfEmurxq1LEQW4+","tlshash":"8824122b7a8205890aa8ec5eeb651f3903a5925046710fbb64b8fc2237d4e54011afff","first_seen":"2026-01-21T13:10:54.503705Z","last_seen":"2026-02-24T17:04:04.04317Z","times_seen":3,"resource_available":false,"data":null}},"time_used":339,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":202,"receive":137,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/home/section/best_selling","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"POST /home/section/best_selling HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 47\r\nOrigin: https://mg596.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":47,"data":"_token=nNea4jwqn38Cz5Mb6MQw0oTbKq2676BBgQrHnnvC"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:33 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\nset-cookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK; expires=Tue, 24-Feb-2026 19:03:33 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4qbNoogSKUAfFBK9Z2wMARdkBZI9vG6RCZE%2BnlrxkVoXzyE0Xa0sRDvEfpq8Laxhvj%2BY0%2BAoTOOccc%2F7FMUL3gQMLrtSyate\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9d30896c9c08c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":52231,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (372), with CRLF line terminators","md5":"f67ca67c67dc3c277ff23b4656fade25","sha1":"7179d19921d7946ac29d1b63b03b81fb841083a8","sha256":"7276cdf6834069fcb0d0b8d94585dcc3f4eaa6b619c2564f923bb6da4c0df4f3","sha512":"71cd689f5cef9e588278d57537c8c00fd3e3e88b7ce5ea77c10890776826c3d300fb0661f53f521da52cbf7b07e1406194cd979272d60051f84dbf535971fe12","ssdeep":"384:bxT4EMNbgeeuah/CEo1aDhgV05V7ZJtfSAvlfidO:bmEMNbgeeuah/CEo1ij/btfSmlKdO","tlshash":"7333eb5538e011a705b3c6d2c6309fadf981a207d7578849f6ec17eb6ff3ca2990361a","first_seen":"2026-02-24T17:04:04.043851Z","last_seen":"2026-02-24T17:04:04.043851Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/lFVNQ7RXF6s7h12doUlnV2rOZmNi43Zx762LGZAY.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.574Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/lFVNQ7RXF6s7h12doUlnV2rOZmNi43Zx762LGZAY.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Thu, 23 Oct 2025 09:17:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68f9f2a2-341ee\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BVUTbfGQ2HuLofBOQ2GkewP0bbZS7jWEwPizWhsXeNz47BuXrn8nIKdAnVoZ0h4TgUW9QHLN14jFnKRqTO9S9v5Q2%2FmDc0UA\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896e58bac3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":213486,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 393 x 400, 8-bit/color RGBA, non-interlaced","md5":"75ebd4c5bdae742ffd909df59b9e0e97","sha1":"20d174192890319b52ba0fdd03dd16a61f1cb938","sha256":"c3f282fa104d440288033fa3d395dc80bf4eebbf2b676ebd6a54de0068e63e13","sha512":"5e155b60d7535edc479192050b96792d4b2d63120cb70f0ec65550634a48cb6e4f480ba575bc7b3a152eee7b5412e4dc45428a75b3735cbc90226bf3625e54f7","ssdeep":"6144:jZGV/n7/jVDCp3soMXrL7y8YrZoVqxozZ6GH7:gV/DBDCpEBYrKqOQS7","tlshash":"b12423116d7b4bd8c5a50a88e038bcf45151b8c6f42e8cb6c6c6312797191fdab22b6f","first_seen":"2026-02-18T02:57:42.425566Z","last_seen":"2026-02-24T17:04:04.045208Z","times_seen":2,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":85,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/4jQOAwYDppta27E3rfI1Zhzq1iSgrygw4WYZbo6c.png","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:32.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/4jQOAwYDppta27E3rfI1Zhzq1iSgrygw4WYZbo6c.png HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:32 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:18:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd022-8e649\"\r\nexpires: Thu, 26 Mar 2026 17:03:32 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aFjno6B2xomIQrhyWCD5KwH9Ed2GKVO7myEmNPtZaF9US94OR4gG5bc%2Frr6YVH02mgElleU2FSIgkPmlOzKB9xN2GDA%2Bfc0Z\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3089750c4bc3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":583241,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 886 x 442, 8-bit/color RGBA, non-interlaced","md5":"0e52f19176f1b9df4b5ef82b381922a4","sha1":"3630eb6889047501970a0ebeda1708663385d06b","sha256":"b714ee2c6a0fd39e04071206625346e0072b5f6faa92d645bb2e63581a860cba","sha512":"6f6635a1e0e4f759d495e7aadde1ca338205881b51df2f7d1211191aaab30efca9a777bd2c8319daeea9560ae31b5b69fb38b90ed0f73b1d8251e15dad46aaa5","ssdeep":"12288:M0i5BbCntisxB50ST4uQNKFLALgvmXPYovonAHOSCHemxvAygMHGhVlAO:4hCntZiyF80qYLnMABxoyrH4lAO","tlshash":"1fc423029bacad15c092be45f13e914a43e7ed5a9b338304f558fae130858879ed87e7","first_seen":"2023-07-18T00:54:50Z","last_seen":"2026-02-24T17:04:04.04667Z","times_seen":153,"resource_available":false,"data":null}},"time_used":404,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":192,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/assets/css/aiz-core.css","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:29.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/assets/css/aiz-core.css HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:30 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Mon, 29 Sep 2025 20:52:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68daf180-2adb7\"\r\nexpires: Wed, 25 Feb 2026 05:03:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AFovD9NkZOYb72AVGLktZ4PzL7e3GC3eMUdGpHRBGUrgN4%2Btz4c5RI%2FOWHxOFGRstsjM3vyItpZa0m87vgUvRxB5VrLzl1Qr\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d308963fb3bc3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":175543,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text","md5":"999571119be46afc3f69483aa70f3819","sha1":"25f127895a6956e9531655089f92e1843ed872c9","sha256":"9a42c11214326b77399d9cf4125f59947ab906e874e41f3791dbdba9552d555f","sha512":"511adf9294d9c1e39e4c96e2ac72fe0360cb246ae3c99254151472acb05f2182fec4ce6de996cb39eff516215c8858675524d887f5aaf840598cc85d40ce103d","ssdeep":"3072:0O2aWV8UUxD1p7szMux/uCfQXsY+lLcQR+/s8YBbtVTsfcHFnNDsNv4lUujmSE8a:0O2aWV8UUxD1p7szMux/uCfQXsY+lLLI","tlshash":"98049493957315483c67936ca7ed2568233d6007fe06dcb87bcc260acf885e4dda3a99","first_seen":"2023-04-05T18:32:05Z","last_seen":"2026-02-24T17:04:04.047311Z","times_seen":60,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/assets/img/placeholder-rect.jpg","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:29.937Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/assets/img/placeholder-rect.jpg HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:30 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62d647f2-19bf\"\r\nexpires: Thu, 26 Mar 2026 17:03:30 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wdzIxWcG6UVX%2Bc%2FowzOwWdAVF8YsN8yPCV%2BJiWek0sbO8FBxdIijkGFrYYqnqgfx1GtG7Zrqx834BUnCPL5XMSOdg7RrwJib\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3089640b64c3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6591,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x600, components 3","md5":"76891b0b93848682626db79b8d421b8d","sha1":"f5532d4d9fd281b513922ea75639feb284f24d63","sha256":"6ce595f5fd220331717134f243812e695141ce3c9925bd4135dae9291228e8a8","sha512":"54243374803de7823215d2390bfb0eddcb2b76be8733162b4b061f402026bcc5425d3225be33ef3811cc908606aeb68743bd8872d6c866ba4720c40acb7a6bda","ssdeep":"48:UyYVDhW133C49Qg1zoI8VLexKFKF1DIAp/3j9y/951SgeK:U5kdC49QgGIjY4lxMbogT","tlshash":"92d1b8b6c60cb150faf64cf4c52242416a2006973f75116b8b89f4bed8727c5ac22ec1","first_seen":"2023-05-04T05:57:30Z","last_seen":"2026-04-05T00:00:22.409812Z","times_seen":2324,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg596.ru/public/uploads/all/nAxAZ0YpF6MNwsWm9NBZxRYC7bAeP5V1PbuzYvFa.jpg","fqdn":"mg596.ru","domain":"mg596.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg596.ru/","date":"2026-02-24T17:03:31.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg596.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Feb 2026 10:49:43 GMT","end":"Tue, 05 May 2026 11:48:09 GMT"},"fingerprint":{"sha1":"86:B9:B2:BD:BE:8F:53:C1:B2:E1:E9:CB:AC:25:10:37:23:B6:7D:05","sha256":"A8:C9:FF:57:F4:82:58:7B:5D:15:66:98:05:16:5D:3B:23:42:D0:77:40:6D:2A:C9:9D:20:77:5C:5F:70:5B:92"}}},"request":{"raw":"GET /public/uploads/all/nAxAZ0YpF6MNwsWm9NBZxRYC7bAeP5V1PbuzYvFa.jpg HTTP/1.1\r\nHost: mg596.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg596.ru/\r\nCookie: snowball_space_session=jNTTb9ddpGIkoC8Z00YMkNhrU9Vl101v7sCuX6oK\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 17:03:31 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Wed, 31 Aug 2022 21:30:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd2ec-4f7\"\r\nexpires: Thu, 26 Mar 2026 17:03:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dHpQoyQNxV57tzk3ip7%2Fx8BrEIZKu4yJNr8y8Dc8XN4dHWnBZBoIeYSzUaZGTLM3vVKC4SRSqggYTRoDxW6hnXq3J1Plp5zW\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30896b0fefc3b8-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1271,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 32x32, components 3","md5":"2eb641f296d43ede2b5774ce3eec836e","sha1":"d14987fcf0a711420b361deb9b2121e01e5694ed","sha256":"d8f9f359c90c02cd15010237f765240d967782ab0b8ffbe1dddca8bd1335be8d","sha512":"1481ea8d56f83f6cb9285fb74e90065e42c5d792590ad61cf8ab124d3a4cc452eaf316f5a8b21bd63f4acc04f62a90d800ecb5f1b3c8f6a2834b7b6a34f31bd1","ssdeep":"","tlshash":"1021e76ea36323c1fc3b47f6ec146c42e2de8ac23d511a053ff10991d961ec8a408658","first_seen":"2023-05-04T09:04:14Z","last_seen":"2026-04-01T20:46:11.834798Z","times_seen":1017,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"mg596.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}