{"report_id":"9532b2e5-6d59-43bf-9eb5-3bbf8f2659b3","version":6,"status":"done","tags":[],"date":"2026-01-21T13:10:46Z","url":{"schema":"http","addr":"mg598.ru/","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"mg598.ru/","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"title":"Snowball Space | Snowball Space","dom":{"size":602799,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1753)","md5":"41095c821334e0e21aa20786cefc2396","sha1":"baf338ea0c929ceb08b227b072684a66bf95099f","sha256":"23bcb1a8a45ce6918bcbcd8cbd1d87221f9601448461f2ce6e90eea2ebbfc54c","sha512":"a8ebc77cbf02dd22e7f4262db11574357659fc0cae053517240e5364da12e2bf7e2423bee70248ee291b6cf0447b2ae33c843dbac810e2a1bac1a9dcd8f2ee9a","ssdeep":"1536:SrZjzKHviW3FXwJWNymXCitF1IU+bplxF9BAwDAwSofBYIqLNiFZNSGg+0wPCrTb:Srdr79ZD6ubSyBCwsnP4ObgHl2RA8YL+","tlshash":"ced4306168f001b700a3d9c182709f5ffad2a617db274940b7ec47e5afd7ca6990722e","dom_hash":"domhasha2a476362b90dfc883da32fe6d7955aa","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"mg598.ru/","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-25T13:10:46Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"mg598.ru","ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-13","domain_rank":0,"first_seen":"2026-01-21T13:10:49.436662Z","last_seen":"2026-01-21T13:10:49.436662Z","alert_count":134,"request_count":67,"received_data":10254212,"sent_data":36686,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-01-18T22:14:28.232245Z","alert_count":0,"request_count":4,"received_data":174892,"sent_data":2198,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-01-18T22:17:29.309663Z","alert_count":0,"request_count":1,"received_data":60971,"sent_data":494,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"mg598.ru/public/assets/js/aiz-core.js","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9a6e566915417c2103df2e69dcc44f2a","sha1":"10f7a3de4d164a6205b89c6007d0187ea38f3a3a","sha256":"11fc9c2834fabf211d1c723b438855375d502611712f618c9b0207e91e0f6c9a","sha512":"986cb542b068eeb28314d99c1a8ee413856673797a69280676cd328f6ceeafe4170a4ef1a939d56694e06bf985328dc25f44581747e61530d42be71a440270b6","ssdeep":"768:RX02O2suuKE0ypBCLCnKPFnVJ97Qntfv/2yyE:RXI0engE","tlshash":"2a833e09b0e76425647b71fe8fafb5403561d02b850adc103e8d53c89f9ac3da1b7ae9","size":82154,"data":"","first_seen":"2024-01-15T04:46:17Z","last_seen":"2026-03-24T03:59:26.512995Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6f56ea82c07879723696220f4bd392fa","sha1":"2eaf1e783bd0431b67bd0481bbbd0c124d36ed30","sha256":"0be779755c5a031a677eb3fc27ee6c2a2635f75a1a0f779b6a59b5c4a77e1cca","sha512":"58c6acf6ae3c98f417cc689fdec80adbb88394b38f09ce1ec1da8eb56879401b322ff00dbc8fe065569ff382432d0cdce6e16ad0b40b823d8facb1e35d25982a","ssdeep":"","tlshash":"1011dffd2e69949b9688b0c96f2c04d66910110b0e0272e3785ed2e4af4ce0ca4ff4e6","size":911,"data":"","first_seen":"2023-03-07T12:23:24Z","last_seen":"2026-04-05T00:00:22.521541Z","times_seen":980,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9671544997e2d02258dd4b11ac2d0ef8","sha1":"a77530b52675c3479d36244cf3ac8f29f2fc67c3","sha256":"2ff8b3986ee6e3c7e6b2279d01f7e65f797259f89578d88b1e42f2c282db7079","sha512":"b7135d2abc3ee18f830479c936d019e18ece0300ffa868c832e2df7418b99f4d021d818b215df0e1f502b96ad5eb9a5324723de9c234f6b2414605b8e7b9d825","ssdeep":"","tlshash":"5631bf1493b9b668c3c530edba57cd69013a0c19b6e5e7cc990bdc40aa44436f625aeb","size":1729,"data":"","first_seen":"2026-01-21T13:10:54.551353Z","last_seen":"2026-02-24T17:04:04.049962Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5966646a9c4f85aaae9fc3af30252771","sha1":"9758c9c9e5cff00863b8539541a1bf75672e2aaf","sha256":"45c7d025e38021b998df8092f67747fe6e5d68a394009da8b77e1832fb875382","sha512":"4ce1d662d8239cce3081fac46532de4d47d6b640b2e59d4196867f5d4ae5c802d878a0c2d45572250855ed1bf593692280b9374e770f135f2c413086cb41f844","ssdeep":"","tlshash":"23d02227269e14a70abb2c3bd2ba6ba57c8e809300000d34352df4d04f044161d2528d","size":205,"data":"","first_seen":"2023-03-07T12:23:24Z","last_seen":"2026-04-01T20:46:11.865355Z","times_seen":2425,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/assets/js/vendors.js","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e27dc1f526b607533c07a534e074551","sha1":"58740698f7e1c5e135e08e13c4cd185931f202c2","sha256":"c83923dc19565e9c97d7e8e20106f0c6effd60549cefeef3b1bfcb7d56518d6b","sha512":"6d38e9a9ca74eccefbf4aa955c9ccc741e3a418b95bc5f8232d9eaa91b3c72f82013d0410a5437575d5f9a8df95305dc08d81ecf0fdc0c96afc73bf71a0c081d","ssdeep":"24576:+B36a1J+BSzGYJJ/zUVTnV94u2hNtT5KzExOX:+B36aiBSzGYJJ/zUVTnV94u2xT5KzExe","tlshash":"4d555c89b281713247e760b5502f110bb23b6929a44e806cf679c8d57dbcd4da27bf7c","size":1343368,"data":"","first_seen":"2023-03-29T22:29:38Z","last_seen":"2026-04-01T20:46:11.862516Z","times_seen":1003,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1892a845aa81b9ddb8b6ef6920d742bb","sha1":"0075569a5a4198b9812be41eab8956188aa19e55","sha256":"6ba6c11bd8700086c8f00d11c7e22487a9c13a211f57e0cf06bb9e365fa87704","sha512":"475d9132eb4852a71e0ce58250abf7fc9470fb67a2cf8784e8d4bed9f84fd2049a2a36cf0c983b2570593f44c6255a98cfd6ac0276bde072328d7c287847e545","ssdeep":"","tlshash":"906000000000000000000000000000000000000300000000300c000003000000000000","size":13,"data":"","first_seen":"2023-03-07T01:06:23Z","last_seen":"2026-04-05T00:00:22.523833Z","times_seen":3986,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"602e2a29442b4487adef1b4a4fb8b2a2","sha1":"f6843e14348662c6519e5e9e4a216627b8469529","sha256":"5149ea0c373c5ee032f599973625683b5f2901025be57a2a50d35297f2e5360d","sha512":"35a10efba2a2be0b83c240613be4810127e95da41a98f47563147b806b2e03252da2719273098ace32733798565115739ed9f82c43116beef6de9620ab17c4c8","ssdeep":"192:scmgw7IFHE8eCFcyTNoO9PG1uoa7O1/zvTE9O1c:stCFXTa1u8c","tlshash":"e612fdaef0b3516444b73c7e4aff68443b6b221b954acc00bd9e58c40f9a558f463b1e","size":9606,"data":"","first_seen":"2026-01-21T13:10:54.553631Z","last_seen":"2026-01-21T13:10:54.553631Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e2d72da10c2d8752806eea8117405ef8","sha1":"92b7906d515e8c3c89ec8804a891a2e5f0e57674","sha256":"77daf29c4e79a6030b3e12aa36c043c2ce1f90aa7d8c96dde940e5856d42cdd5","sha512":"c7376ba24863c5e128c278a582a8964f7981c5a8f64a6a46d8400e9e40eb0aef88fa9ed20848e41e7109767ac66a2a11845244ba2aa4b8afbae897bee44d5d54","ssdeep":"","tlshash":"df21f61ef9a5b5459a733caea6f3b88c79bb25479060c40439ff5cc00f6c16a1013b5b","size":1303,"data":"","first_seen":"2026-01-21T13:10:54.554581Z","last_seen":"2026-01-21T13:10:54.554581Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"f7fef8930207b23ec9c04386f9a02c76","sha1":"146273d1c716700bb25aaa15e8595624b611ffdf","sha256":"74867c5a2cf408b090752d3cb8767bb46fdb4a0529bc959d96f51aeb2607d7e3","sha512":"e76bc0261fb13841f3fd1b6095c1193ec306312c03f189965ea8fa91818cbd3044963711d7308a29a5aa58accb87e5c8fc087ccec122cab25cf669624ce2f905","ssdeep":"","tlshash":"117000002e88c008b080388e08802eaf22aa82082080e2288008002202e00c0aa00838","size":24,"data":"","first_seen":"2023-03-07T01:02:10Z","last_seen":"2026-04-05T08:11:06.793646Z","times_seen":7332,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"mg598.ru/home/section/best_selling","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"POST /home/section/best_selling HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 47\r\nOrigin: https://mg598.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":47,"data":"_token=l85S7oBaciB9oRs1ycUxHU8mizMIFgZQY46fdF6k"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Wed, 21 Jan 2026 13:10:27 GMT\r\nset-cookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy; expires=Wed, 21-Jan-2026 15:10:27 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TKTmfZ%2F1LBqmgYN2OYRxJi16B2oTeLwTFF0hqyWRbLftDGpwr7lIKmx2M1A5%2B9mLJ8TqbTbQxlLNYlk6IRo2cFdcbkjSWz7P\"}]}\r\ncf-ray: 9c170d396f5223eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":52241,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (372), with CRLF line terminators","md5":"5cc64c805840868cc6fcbc93ea485b1f","sha1":"9f85d3e90b65ff3f6461aee4a9076406977252e8","sha256":"519c4d6f4ce71f186e0e908fc959251a497deeac1618cb60c03d9115ef09a892","sha512":"56ff48a447d56be3ee6a28ffa9cc41b9d5beb16338f6cd5a5eeca60d750146f418511864e609dc7e4ce978026f9106d17481c743854c93defdeabae86642c02a","ssdeep":"384:b7l4yiFM8DY+kOV8rV74Bv5X3eII1aWDhHqns6y:b2yiFM8DY+khN4BBX3eII1aSHU6","tlshash":"ca33fb6538e011b705b3c6d286309fadf991a207d7178849f6ec13e76ff3ca6990361a","first_seen":"2026-01-21T13:10:54.497898Z","last_seen":"2026-01-21T13:10:54.497898Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1854,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1854,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/n3HgCaj2U1rbs12p3TVUKNbCVD3Jo4r4hYOcEzH2.jpg","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/n3HgCaj2U1rbs12p3TVUKNbCVD3Jo4r4hYOcEzH2.jpg HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 31 Aug 2022 22:31:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fe158-5b8\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ODies77kA4IXHBK3bEujC2N3sQDy%2F1Dl6dQoHaZm2CbOenkItAT3466xIB%2FEc2T9nnZC%2FI%2FeChVLzE0grPuI24Si4M5n%2F1ia\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3a5f7b23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1464,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 32x32, components 3","md5":"04439ebf1e9b150965aed277b9b532b5","sha1":"67a22cd08f57f95e0873503ff65b4e8ad01a5be2","sha256":"a067809d0b0cc0d4938f0f7680dbc5a6860f681916314df474cf77fde063aa37","sha512":"cfdedc4a6408ebe76133f64328d45cd6773252c731d671a52e30a18d21ce49f8f1db527e19808bdfbebe786f3c2a2c952dcc6376e1292e86680c933a44316d19","ssdeep":"","tlshash":"4d31766f970306c17d13ace6c6341e66d7ec9a41bd52270529e197f2ca315dc445ce1d","first_seen":"2023-04-18T11:40:39Z","last_seen":"2026-04-01T20:46:11.577238Z","times_seen":1061,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/jzCntCVBfilapmbDt6amYKiHanonm7NvMFgLNTl3.jpg","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/jzCntCVBfilapmbDt6amYKiHanonm7NvMFgLNTl3.jpg HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 31 Aug 2022 21:42:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd5c4-1f21\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PHWh5IRtw%2FlgcHu%2F9lMGim4YV3WBhe5EMgl344PPStOW8gMgr55KisG1t65Rnjca83aWub8Hrqj4UW9NenAyRx0CXiFz1KSt\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3a7f8123eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7969,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 200x200, components 3","md5":"101f5b7b4838b9073f648ad1d98ec34e","sha1":"219ed72d8d0ad367447675f6b5aaf1da223f35d0","sha256":"0c9c58232b043981531c2ef5528a066bdabe029ff328ba98e32310ba9209d963","sha512":"575f646fb25e0a201528d97ea7260ac9ce5299f18bdf9d29bac09c0ef4e8b2170fa137a2e8cad75a0dcd7298c53c2618bb27fba1364147604ab8749d1802aa1c","ssdeep":"192:mm1/9oNvUZxbZsW3tyJ/KfVdd/LmG9zvZV:mWjiW32CfV59zr","tlshash":"d6f18e5f4c5157d2b81ac7f9fd050ce9bfc957e9a78a26ee25c20bc85e299060cd431c","first_seen":"2023-05-05T11:35:43Z","last_seen":"2026-04-01T20:46:11.761089Z","times_seen":1126,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-21T13:10:21.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 21 Jan 2026 13:10:23 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\nset-cookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy; expires=Wed, 21-Jan-2026 15:10:23 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yk7mXoEFk2fLw1wXFXooY8GyPU1n42a6J1RgnyISxJG7LD4LzYVh1WealdJaJRTfu1WORj%2BSmvEfZkNuNBviC2jFWPYLSzlH\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9c170d215a375a0f-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":154291,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1753), with CRLF, LF line terminators","md5":"99d4d93eb6aec5de10b9759bb1854eb7","sha1":"a8c1c19797e8fb87fea3d967631682fdc94ef361","sha256":"e9fdd18c56d22c1432dc259419d1f4be3cfe8798aed995a625f337f949739c9f","sha512":"4eeb320ccbe35d6074462a0830593c9913bac8735a56a42d157540004660f9f30a5ef7ae8dd76a55730a993180f3e450f9c09eac0790361a2eefd05db36f0d0e","ssdeep":"768:gqwZI1bKluiNnHsJdJHajr6ad3javuKauqFp1+S0BCBwuYLoCCFXTa1u88Q4lYa:TwZabKluQIdJHajrpd3javuKiYL4","tlshash":"1ce3433128f011e701b3d5d19ab1ae5efd939207d71b8504b2ed1bdaaf93c96cc1362a","first_seen":"2026-01-21T13:10:54.500248Z","last_seen":"2026-01-21T13:10:54.500248Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2548,"timings":{"blocked":103,"dns":80,"connect":1,"send":0,"wait":2340,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/assets/img/placeholder-rect.jpg","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/assets/img/placeholder-rect.jpg HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:24 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62d647f2-19bf\"\r\nexpires: Fri, 20 Feb 2026 13:10:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mHR3b2cYqURFBQzLp4Q%2FPvO34QdERlTaCOhNppLCuPqCxqlDYiQTyeVcg7uzQEyb6ndezLSTAPDWZpj5zOgor%2BylvfZ4G4xG\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d311de023eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6591,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x600, components 3","md5":"76891b0b93848682626db79b8d421b8d","sha1":"f5532d4d9fd281b513922ea75639feb284f24d63","sha256":"6ce595f5fd220331717134f243812e695141ce3c9925bd4135dae9291228e8a8","sha512":"54243374803de7823215d2390bfb0eddcb2b76be8733162b4b061f402026bcc5425d3225be33ef3811cc908606aeb68743bd8872d6c866ba4720c40acb7a6bda","ssdeep":"48:UyYVDhW133C49Qg1zoI8VLexKFKF1DIAp/3j9y/951SgeK:U5kdC49QgGIjY4lxMbogT","tlshash":"92d1b8b6c60cb150faf64cf4c52242416a2006973f75116b8b89f4bed8727c5ac22ec1","first_seen":"2023-05-04T05:57:30Z","last_seen":"2026-04-05T00:00:22.409812Z","times_seen":2324,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/home/section/auction_products","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.512Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"POST /home/section/auction_products HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 47\r\nOrigin: https://mg598.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":47,"data":"_token=l85S7oBaciB9oRs1ycUxHU8mizMIFgZQY46fdF6k"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\nset-cookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy; expires=Wed, 21-Jan-2026 15:10:25 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tq0a3eQA2OE3TsjfJgoUVWGQIFpMONezTJ7NswJkAnCvtRdj%2FEYopDgfDpzKXzGHGEi9BcljaBsGbYrzARCHmNMlblYCyygP\"}]}\r\ncf-ray: 9c170d396f5323eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T09:47:05.247441Z","times_seen":13369813,"resource_available":true,"data":null}},"time_used":326,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":326,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/P052DIfVaW5aIufaDbbjBvOgzucl1PJAevaLLlPr.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/P052DIfVaW5aIufaDbbjBvOgzucl1PJAevaLLlPr.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 31 Aug 2022 21:56:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd922-4cbd\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a9s%2F93dz3mQSc%2FNvf48b%2F4IuRZbKmJmgDycaRHain4zeDYuTsb29oBqvgus3LvMUQSVHWIqOnk3P4QMkUNPNNXJ81F1dXok5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3a7f8523eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19645,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"56270ee06f7c789cf16ac8708aadfd35","sha1":"62b822707c1e480bb7f3419d5641e35fce58b1cc","sha256":"49305ae4f74552c89a04030a29dbc952f8aabc0be5bb1ab3397ee2ab235bb5af","sha512":"e71ce3856fc3921a1f627b8e6be96c84f18379824a4bb55bb9870f275aa43c935bf82df049e3b6a83b7c93ec8e0b3d4edda3ab420f3700a2032dda2b5bc1e852","ssdeep":"384:3jYPS1xVY8oKIGBnh0nnN1I5vI3JY1LTjTOdxb2qm/CoD/QZ:3jYcx7IGNynNqvIAud6TQZ","tlshash":"4f92d0f163826841fb9358a66d8585f788680ab4cbeffc99d55200f78dd3f0281a5b1f","first_seen":"2023-05-05T03:08:08Z","last_seen":"2026-04-01T20:46:11.763575Z","times_seen":1130,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/Eau6tRifw5HfyJkWnYGmHUCyqfrXO20BCGY7j0QG.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:27.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/Eau6tRifw5HfyJkWnYGmHUCyqfrXO20BCGY7j0QG.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:27 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 03:15:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6906cce7-36c0c\"\r\nexpires: Fri, 20 Feb 2026 13:10:27 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4luc0NXfnsNThXcWQsDQDlPJ7O6GL6N1cUtcWTv50B%2B6epyFds2mpzid%2F34tme7CIHr09o9MZLoxZoL7v%2Fa5mazou2RM%2Fwaj\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d43e8bd23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":224268,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced","md5":"5d6315d2663b24d9883602b2b39d6ab6","sha1":"b0c9996ea579eb8061003a80a185505eb5ccd8fb","sha256":"bd07b93572da94d02d348e1cc8f1abcf9240bc4342d753261e26bc5b2cf2700b","sha512":"a03fb845c8db4990e1c12ec04a488b4f889628be9bb7d5962803cee18a0551046b24ea1bc3d9f7bb3062b6c4f9f79d95f6abbcc18d73bef99345525bd967c00c","ssdeep":"3072:Os+z+loD5do+TLJBVL8BtpA+OZ/Uc4m3rOhzjk+fEmkNhNrxq1LEQIZPnA+:OnXrf+/pA+eUcHItfEmurxq1LEQW4+","tlshash":"8824122b7a8205890aa8ec5eeb651f3903a5925046710fbb64b8fc2237d4e54011afff","first_seen":"2026-01-21T13:10:54.503705Z","last_seen":"2026-02-24T17:04:04.04317Z","times_seen":3,"resource_available":false,"data":null}},"time_used":340,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":141,"receive":199,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/ooxN1U38kYLE8RB89DhUjxBRYCeNJ4qPZoS3J8M4.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:28.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/ooxN1U38kYLE8RB89DhUjxBRYCeNJ4qPZoS3J8M4.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 03:14:27 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6906cc93-4db0b\"\r\nexpires: Fri, 20 Feb 2026 13:10:28 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9UsxmPV%2FBYZyDG7zLvZdS8TrqVllkpxb83RwWgRb5Z8fizvvOQNMM%2FGbRGaBpZNkWp5D1h1wJe5TmrPXoMc3UkUZSXyKqN97\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d4a696a23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":318219,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced","md5":"f31927752d4c4050bebd81b0f4feec59","sha1":"6f89c79999dc9f2796eadc27c9f0214ace880c2e","sha256":"f42f7d2c5b9547612d7a08b77169444e420de4d3868e265c2797b0db40813d5b","sha512":"e99d78359097c851e5cef1b42bc690cd2803f9702a3f4fae863591daa4d0d547d0914b56c14f2a55a20588dae09525e6a05151b21ee2b4cced9947fe499cf57d","ssdeep":"6144:Ue4BumrCD9bHDy27gmn8XdCUzR9IU1ms7jXYIuaCPvRxlo3uSNvuKYDBw:IBumIDyCxgAUNaUEWLxIXRxlo3BNvuKR","tlshash":"ad6423eb516fee31b6232b52ec24ce02e0212d49b68235b21147d6cc495b6ec5ffdca1","first_seen":"2026-01-21T13:10:54.504544Z","last_seen":"2026-01-21T13:10:54.504544Z","times_seen":1,"resource_available":false,"data":null}},"time_used":430,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":250,"receive":180,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:33.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Dec 2025 17:10:12 GMT","end":"Tue, 03 Mar 2026 17:10:11 GMT"},"fingerprint":{"sha1":"FD:7E:C1:AD:46:F2:E8:6C:37:B0:63:FB:FC:4F:E1:A4:54:31:6F:25","sha256":"8F:8D:94:FF:49:11:2A:AC:98:A0:69:08:3E:D2:92:39:94:3A:45:A8:AD:44:E5:6F:7B:1E:27:32:E6:75:86:8D"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mg598.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 26596\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 21 Jan 2026 00:05:13 GMT\r\nexpires: Thu, 21 Jan 2027 00:05:13 GMT\r\ncache-control: public, max-age=31536000\r\nage: 47120\r\nlast-modified: Mon, 15 Sep 2025 16:30:32 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26596,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 26596, version 1.0","md5":"dae1850484b86d299c31bc08aaa563cf","sha1":"dca808d6d16965c40bfba4e4b3c8a819f843890d","sha256":"8f80f993e523f2e6c2d097552740fd26331658da23ffad31d26edcdd3aeec370","sha512":"69b34f2652aa731ad29fe49a8cea85ebe4ef402573a10048598667f94b7a7855e534121f22d7749b81762b3176f437de607745df82b71484c4ab7c9f8bfd40e9","ssdeep":"384:nYOl9Z/81DjYTaXQMfCMNASNEVM9mYQdpx1sLt/zEkNKxgmS8AXACAU:pJ8NY2XQk0omjdKvKxgCAXACAU","tlshash":"9ac2e13f487a2046c71227f8ee5fc9b571c360a35ab32345c26748650db0ea93f86776","first_seen":"2025-05-29T21:46:50.299968Z","last_seen":"2026-04-05T09:01:42.927163Z","times_seen":29409,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":16,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/xjmjKIo32nm4WUsDbDgpyEOyJtDNXSCqZvrclGPL.jpg","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.396Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/xjmjKIo32nm4WUsDbDgpyEOyJtDNXSCqZvrclGPL.jpg HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 31 Aug 2022 21:53:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd850-5bf\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2pkKUnVCBTeWbbEquFb128N9EMKjX4MvRNv5cy2df8ovsNREr1dNq6sgyNTYhKJo83nnI0j7OHiwmlpAI8wuAr2nNJJF7XIQ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d38af2b23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1471,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 32x32, components 3","md5":"a0ecb7e59a02eb0764387f21be234f63","sha1":"2d0b24fcb1e75b6cb96264e6b8d42354b8cf6062","sha256":"df4fc66c8dfddb9c87a6ea42549ef7b88359ae9115c2e33483b2767c1e307ec1","sha512":"fcf46878c232d155f68833bce2141cf744e4fa76af5c0d655b983fe9cf76d0a1e924ea74508c7b393065212c7220f6f74ed9d70c09d41ee473c8bb46df1acac2","ssdeep":"","tlshash":"b731965d1b9f13d0fd7781f3641d9c66e3ee9e8354802a056bf4a2a0c872fc8580ca1e","first_seen":"2023-05-04T05:57:31Z","last_seen":"2026-04-01T20:46:11.754323Z","times_seen":973,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/home/section/home_categories","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.515Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"POST /home/section/home_categories HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 47\r\nOrigin: https://mg598.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":47,"data":"_token=l85S7oBaciB9oRs1ycUxHU8mizMIFgZQY46fdF6k"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Wed, 21 Jan 2026 13:10:33 GMT\r\nset-cookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy; expires=Wed, 21-Jan-2026 15:10:33 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LmI%2F8njl%2B%2FNufAX6u3eoOezwvO7Jc9g2YscZ%2FeuaGjBt5gVl7GjQHwJuxBFtMxqRkFT%2Fg2lZ65%2FvB4IaVKw6I2gv%2BkdSlGx1\"}]}\r\ncf-ray: 9c170d396f5723eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":260511,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (569), with CRLF, LF line terminators","md5":"22afc82fe3ef1a90a292868642f4df42","sha1":"48171e75e9f743c2f1b28b41bc5563cfe36c1e69","sha256":"156223756324eb40c3de4eee5183fdc3e2d9bd931007ce9579e1ac81d5c4b72d","sha512":"e3f30ea8876cbb356af6816ebf4518aa86e0befd9ea5df1f44f59102b5e9991b0e102917eb917c3476e6a8cad16432935620256aa0bafa58c90c2f6139b70fac","ssdeep":"1536:23FmfIX/dw16TBMEF7p2G6H8wLSIvSQSfp1JAmc9Rcc7O/OSkTEmQtrfZ4xmFzGE:s/q1b2KIaX/Q","tlshash":"bb44fd6538e011ab05b3c6d283309fadf9919203d7578844f6ec63e76ff7ca6990361a","first_seen":"2026-01-21T13:10:54.50651Z","last_seen":"2026-01-21T13:10:54.50651Z","times_seen":1,"resource_available":false,"data":null}},"time_used":8277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8276,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/home/section/best_sellers","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.520Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"POST /home/section/best_sellers HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 47\r\nOrigin: https://mg598.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":47,"data":"_token=l85S7oBaciB9oRs1ycUxHU8mizMIFgZQY46fdF6k"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\nset-cookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy; expires=Wed, 21-Jan-2026 15:10:25 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Mpx16Hlq%2B4CpX4faS0TVNsYb6yES21D1oFy8bU%2BYcUDv8dAaXZ6Nl3PHRMiOIJBcipvLeI1BFoa011Z7g%2FeH79jYCkXJUP6Z\"}]}\r\ncf-ray: 9c170d397f5b23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44301,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"4635df9bedb33876fcc1e37cc0f02e7b","sha1":"77cc338c6d7461f48f166699b266f616188a9920","sha256":"f9dd5edef6234ce208ad8e30295c6f49db0bb762274cb30df350441e795e4985","sha512":"34d134278d0eee7e124babc011de85c27417231d5d8a8d4ef9737aead9a0a79623e68275abd0453f0c99b3f0128d7b5ff0149eef7c2f45485b73729c7fc375c1","ssdeep":"768:R/JcoI1ztyI8Y+O+7YUFUkFLxiXs5YvBTpeE4nQbEC/:R/JcoI1ztZ8Y+O+7YUFUkFLxiXs5YvBl","tlshash":"2d135a3528f122af0597d581a6302f2efa929653d7274d05f6ed0ac6dfd3dda8c0360a","first_seen":"2026-01-21T13:10:54.507377Z","last_seen":"2026-01-21T13:10:54.507377Z","times_seen":1,"resource_available":false,"data":null}},"time_used":435,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":435,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/vDPa1CpLBw5k2VIfpZ85gEiKIINY1HF0nBJwlbrj.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:26.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/vDPa1CpLBw5k2VIfpZ85gEiKIINY1HF0nBJwlbrj.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 05:50:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6906f10b-f0e1\"\r\nexpires: Fri, 20 Feb 2026 13:10:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IwJQc4SfIo%2BL3MZY%2FDVmk%2FZZ6tF22oY2HeXBZVi4CAn23UwxRqFuWG%2BcRgzrgW6cDCWsS%2BEsHntnXNDtTGW65WxoqKVbx%2B1R\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3f281723eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":61665,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 430 x 430, 8-bit/color RGBA, non-interlaced","md5":"b6fa85b022f36ffed374845c2248525f","sha1":"08022380b68ef941eb5c7616984af0a59277aa67","sha256":"65cb09d26022bd5100b57b4c20f62d07a1ba4268addcb47e57ba0c2f98ea4391","sha512":"77fe769e70a493d4aba2e5140f1afd70c59085912a09d783277929713d2c5fe20db2938ab896cfe704e23148c82365e485fb89339d31459a82baf51610a0675b","ssdeep":"1536:cgcbxvpQQLx2EVCokBsrMP9Zk/Z1GPR4zGCswMxRU3Af:cgyvNk6rMP9iYRkGCLMfU3Af","tlshash":"0a5302c7963ae7c286b97c79e0650f1163268dd341cbd0d50b24eee6ac71bdad82f490","first_seen":"2026-01-21T13:10:54.508238Z","last_seen":"2026-01-21T13:10:54.508238Z","times_seen":1,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/uYNLvMXQB4mmYdzBTmDepkASoqjDAlIBDTFrtWHr.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:26.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/uYNLvMXQB4mmYdzBTmDepkASoqjDAlIBDTFrtWHr.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 31 Aug 2022 21:17:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fcfea-43f7a\"\r\nexpires: Fri, 20 Feb 2026 13:10:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WbJjQ82jVB2uGOP4RiKi28NzC%2Fs5EwQ3OKOuqN5dBeLkW4SS440BUHBPoGJ2khoROSgUH2lEkzMnYQmWqJOeLpWz4jHPeOih\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d40b86723eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":278394,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 886 x 332, 8-bit/color RGBA, non-interlaced","md5":"7fa2d7c7240b499117bb62f0ad132b48","sha1":"eb5d3427d3f17f002486e247721ff76edfb7fc7b","sha256":"717cc037544f053ddd9593a29e852a575e4dbee0b3eba66dcedc2365187585dd","sha512":"c214103eb2733738a266f1212be4e7cbb6200a7ff9aba89753a28c5db38badc5f2f03d2b60a4b65dcd49a4a67bee8059e99ed3de1abf9377591d7d2ec813423c","ssdeep":"6144:fcF6hmoU+tiaeJVGDzmiQ4yj6/POjxeiTqLMC6Zq0kvmVAuafbq7FP4oP:kFdnUiabzmB63OteiWLNFhmq2","tlshash":"2a4423b886d818d6bb53b7f23519a3fdc6026dbc1cb35b8f425754b8a213182ae5d3c4","first_seen":"2023-05-16T15:44:22Z","last_seen":"2026-03-09T20:35:31.813657Z","times_seen":325,"resource_available":false,"data":null}},"time_used":338,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":140,"receive":198,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/assets/img/play.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/assets/img/play.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62d647f2-34ff\"\r\nexpires: Fri, 20 Feb 2026 13:10:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SwtIQcdrqzp0BU8ondaXE38mP3atfm6xLi4MtWJdqXOKi4mZZ7f8sjCs9fylS2mhYQH34wFCaCTkjz8%2FPbjBPZ1%2F1vkgcEmB\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d311de123eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13567,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 89, 8-bit/color RGBA, non-interlaced","md5":"e481cce2de3cecf9161636e7b2fe89e8","sha1":"a891dbde1af19164f4eac33da6bcaac6089e7273","sha256":"4634366a44153659e28ff1815d7d7637593149807bc642bbb0834cdbe9d3834c","sha512":"0b1f563179f594c2579383de8d59f8957705cee6b67cf9f1515ee402a2afe6731312ff64fa6e884451f81de41f23649086ad063d4acb5515ce3f5cc099a61d18","ssdeep":"384:aJnzA80UIc3XE1LRKAmMdx8cw1C6bkbgEUUedTZwTy:aJTPI0XE1LRffd0CS7vky","tlshash":"3c52a0d5e6749f2434c933093c7899fda537179043c0a5cdfc99c11b0da86f287b899a","first_seen":"2023-05-04T19:59:00Z","last_seen":"2026-04-05T00:00:22.380378Z","times_seen":814,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/333.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.254Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/333.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 17 Nov 2025 09:31:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"691aeb80-d2d2\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HqxKSQbpk8OcGtY9HE6ojzBjJxZuX7I1EHzGyPXMaqlOzWpBVNgBOKBgIJgR%2BDhplovLFf2DsEbMi2dgltyNHb0DM72hShT7\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d37df0a23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":53970,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1303, components 3","md5":"325e946af71e99637cb7feaa4a6325df","sha1":"396ef2fb1a7a6443e00670ad2307014198582e1b","sha256":"b744e12cf860b41c8849e7d5594df2a55937076b927cc07c39059951f825f5de","sha512":"67d9b2ee6ade9efcbdaaac99b6d1b6ca17e3dc5ccd5d6987c4c94ff2fc2751af789dc7c00479a5257cbebe93e27e44599c2af4ef44bf6ce1b7e6ce6df9acd4ae","ssdeep":"1536:geYSwAdrvkCODXHsJyQXnydI2FeLYs7lVGs:8AdbkB7MJheaYs7zP","tlshash":"2a33f105f3760bb7f81bc674298d0b08fb26ea61f8db9b6d852f4502d0307a35d6c56a","first_seen":"2026-01-21T13:10:54.510518Z","last_seen":"2026-02-24T17:04:04.012108Z","times_seen":3,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":266,"receive":63,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/AmrpWEDDbar3ylIjWdVvyIxHrAhcYfq9EGGY9tjh.jpg","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/AmrpWEDDbar3ylIjWdVvyIxHrAhcYfq9EGGY9tjh.jpg HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 31 Aug 2022 21:56:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd922-552\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CHIBaf9AmTsbO4qiI4rx7319mEtUNQrzv0tFTZtbDQKiFZyB%2FXQn7PHGhiDhToMprrsvcRxN%2B8yaSdq%2Bp1uKle1QHOsAJkSb\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d38af2c23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1362,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 32x32, components 3","md5":"43d7cf53fa96deb31c0827f0b04bee49","sha1":"0b635faa3172ccdbe047ebf9b7b92627c82b667f","sha256":"a6d142db9cab39711d9b043d66a83334cfb56a859d9132b0c7ff71a378a8b392","sha512":"3bbb880835d2ae57b6d2ff4310942710e2397129a42703984b4cffdd0bb2a5b0041dc71cd03a7c5e2b09c4b50e9c19883111eb623305723a598ded515ddfb68f","ssdeep":"","tlshash":"a321fb16bb0747e0f92642f60d443d80f3ee1b42b4e066072bf451f182536e44064d9d","first_seen":"2023-04-18T11:40:39Z","last_seen":"2026-04-01T20:46:11.693075Z","times_seen":1328,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/home/section/featured","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"POST /home/section/featured HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 47\r\nOrigin: https://mg598.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":47,"data":"_token=l85S7oBaciB9oRs1ycUxHU8mizMIFgZQY46fdF6k"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Wed, 21 Jan 2026 13:10:26 GMT\r\nset-cookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy; expires=Wed, 21-Jan-2026 15:10:26 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W81RJVF6tcY3HOuSlzvP8iJNHfHMYRINcfnDD0myqqbnisy%2BT7jvLsLqp7GJvFJblIq%2FxXXdthjxo0gtPNl0f6DlAFq7jCfY\"}]}\r\ncf-ray: 9c170d395f4e23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30014,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"52258845558459d020ddfc6ba26479d9","sha1":"febdd801c40d34774c0f9f97b56783ddca97b782","sha256":"177d8cc38afb97cf818de3edc08e4b901f6c84aa4eb6af3b0ebcecab0c907d6b","sha512":"a3c516e06c84e445d7dd40bd6de6cd96bee8dbe543e0b291ffb80f8fdb8dbc32187f39a12edb21f92570bd6794017a0ba97b6b3abc6a9397d4d4f27c7e464fc5","ssdeep":"192:IVEMWh5OQkShSG16Qh4vtBdnGuhJOTYGh637rho1SIhnGvk+hK7HHjhM5gChSOBm:u13GQvTO8WDGI7OlBaX","tlshash":"37d2ec5138e011a705b3cad2c6319badf991a207d7178844f6ec23eb6ff7ca6990351a","first_seen":"2026-01-21T13:10:54.512285Z","last_seen":"2026-01-21T13:10:54.512285Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1250,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/Mdqpntq74vXUac1DOSZC0chtS4jmw0BbEpSvdImp.jpg","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/Mdqpntq74vXUac1DOSZC0chtS4jmw0BbEpSvdImp.jpg HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 31 Aug 2022 22:28:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fe078-1530\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F69MT1L1oVQdLiNW5ZVBDsvP6Eeg7GX219%2Fhz0sUjHLe1BisAfuZdsEEAGb0zR9oVI5Zmrq3nCnvvDrLUAONcTqnJF%2FKt1rL\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3a8f8623eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5424,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 200x200, components 3","md5":"f5ee88fd5386827f8c3c45607df29bc6","sha1":"d0af0907d3fea172f7832319c322310037b0016e","sha256":"273bb02c1b5a3cfbfa242bcf02a393f94202b52d1c43ec9c9d329ba42b0ddbf9","sha512":"f0d8c38e6a324eeae844b19ff868eb1d161d8e85e96a0dac252ef0fb99948121dd9dac7f8477b4544cd5b9999e05b121c2688871a40d044e106228bbd12b6ba9","ssdeep":"96:mEoekke3dtp3ah5Iv4B26PPK7hBCmV5RNKiZErOsLD6TodH9QNq7:mVkYU+v4tchBCU5tZECYGToh96q7","tlshash":"e4b13957de91ead3b823d3bebe5a6e7563ed6d1410c037e316e00d92b325a809e17188","first_seen":"2023-05-04T09:04:14Z","last_seen":"2026-04-01T20:46:11.596863Z","times_seen":1071,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":200,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/assets/css/vendors.css","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/assets/css/vendors.css HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62d647f2-6d5a5\"\r\nexpires: Thu, 22 Jan 2026 01:10:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MNmPTKL1XkDEy33E7Q%2FaHLPm7sBOiI2%2FWx3BfJ0oweK0X2VA3gnnz%2Bt7c78OHZt7VSgVHL0hCR%2BZYZpSzIwf%2Bpow2Ic0bXah\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d310dd823eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":447909,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65251), with CRLF line terminators","md5":"02118fd99729f7f7f943923a4888eec2","sha1":"65795a8c4d93890045ba52ffc1c173bfd136a1db","sha256":"80788cb10255b2093da150862c8566b3b29f51f3f7c9fc6e357c8ad71cee3282","sha512":"954b57c87f030fd6cba472edcd23bfb685d9058f1393b7766da4ee261f2b6e95d3cfacf3ca910c41e4fbdf683b00abeb047d0e9feedc2edab81c31cf71460694","ssdeep":"12288:ykX1upEL+Dhh1CRchzUablNcvtKZywQ1OAPkWDL32ye5trKem0OT2:ym1upEL+Dhh1CRchzUableAZywQ1OAPA","tlshash":"619497bbe15420d8b327c516b7c07bbd151ae116e5220ee9f2472a1d8bc27c712e6f1e","first_seen":"2023-04-08T13:40:53Z","last_seen":"2026-04-01T20:46:11.668251Z","times_seen":1138,"resource_available":false,"data":null}},"time_used":354,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":285,"receive":69,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/8aEaMIXQQlL9bwvyGVo0LincSFPsvExAQHZHI0po.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/8aEaMIXQQlL9bwvyGVo0LincSFPsvExAQHZHI0po.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 31 Aug 2022 21:15:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fcf58-9cee8\"\r\nexpires: Fri, 20 Feb 2026 13:10:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8uI68JC5tly8GCjBJZ%2BQFS0mGZt47Jl8dpDNlG8suAhYwzX6NEjqU3nuVwVypL29mCUYxLOA82zAs1ehKOSjAVzJfE%2FfP9Nk\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d310ddf23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":642792,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1500 x 598, 8-bit/color RGBA, non-interlaced","md5":"ebd316d81ee129358fa0547173b56c53","sha1":"14ad464f4fcbcf0dbff32eefb23d24ee2071353c","sha256":"c05b012716dc17453326e9052015b1a6e3642c60f72a7ec1dafb52c80001c012","sha512":"17b1b969b790f214c0c3d7ca6f8dd441a4814fff66168bc2b0c934cc40b99d088912f7b9b313ce4f6a82c7caff2b4b3b57de5786a35e20cfc8d556d054ca9728","ssdeep":"12288:IEYsfTm6u8jjnpNqx0UrD+qJ0KTqe+ilIsrnsSR8eM2L0I51sJ:f9u8jzDO0UrD0KTqXd4sSR8L2T5w","tlshash":"7fd423d3c1df14a6fedf8988f952652a6340c8d9d3892c523bab84d274990f54628fec","first_seen":"2023-05-05T03:08:07Z","last_seen":"2026-04-01T20:46:11.815806Z","times_seen":212,"resource_available":false,"data":null}},"time_used":450,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":221,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/assets/img/app.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/assets/img/app.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62d647f2-4cd3\"\r\nexpires: Fri, 20 Feb 2026 13:10:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m%2FaMFQHqxOkyKOIDM9Nx85ms5gCKX1q1ISIwk3CKq%2B13psj4t9znT13yom5%2BSLy%2FJrGMCHuRrPMi7HipuKUALtefHUL4wJwV\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d311de323eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19667,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 89, 8-bit/color RGBA, non-interlaced","md5":"941ffb2f3fad44788db23bf44d5957a7","sha1":"8209c9a82b3f6bc57f014c0ca52f636bf6a6c587","sha256":"fceed4855ec5bb16dcbfca29fc915c4c0dd8504b135ed9b0ee5f3f87d0515cc7","sha512":"2fa8234c95323c0a05494c7fd15177313cda2ea1c78a090b2378fb50a9582d14d8fb628446c1cc68823e5668bf82365785c87c94dc31eaac5b0822c8eae79756","ssdeep":"384:/JnO/VS4ZdzWJfgOdO7keoT+SlYIEsFbjKN1kIXyrBCqWF6AWXOWAyJFai:/JE9WJIOg7keoKdpsFbjEnF65Zzai","tlshash":"3d92d0ba74039f88ad0eeb1cb8da1119937357f48cb57604d8884a368ad63b742c8cd3","first_seen":"2023-05-04T19:59:00Z","last_seen":"2026-04-05T00:00:22.289446Z","times_seen":806,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/nAxAZ0YpF6MNwsWm9NBZxRYC7bAeP5V1PbuzYvFa.jpg","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/nAxAZ0YpF6MNwsWm9NBZxRYC7bAeP5V1PbuzYvFa.jpg HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 31 Aug 2022 21:30:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd2ec-4f7\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=R2%2FVilBsVBDNlnJdsTQgGzT2TtOiOXRrVzIDAgPh6dZvptIEUNynxBkrXFf1MEgzVcS7wHR%2BkgVNQofijECMxeCmlcYSyqNZ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d389f2623eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1271,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 32x32, components 3","md5":"2eb641f296d43ede2b5774ce3eec836e","sha1":"d14987fcf0a711420b361deb9b2121e01e5694ed","sha256":"d8f9f359c90c02cd15010237f765240d967782ab0b8ffbe1dddca8bd1335be8d","sha512":"1481ea8d56f83f6cb9285fb74e90065e42c5d792590ad61cf8ab124d3a4cc452eaf316f5a8b21bd63f4acc04f62a90d800ecb5f1b3c8f6a2834b7b6a34f31bd1","ssdeep":"","tlshash":"1021e76ea36323c1fc3b47f6ec146c42e2de8ac23d511a053ff10991d961ec8a408658","first_seen":"2023-05-04T09:04:14Z","last_seen":"2026-04-01T20:46:11.834798Z","times_seen":1017,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/EF9g1my5HQIF8tGgEjNGW1vxR8JajuhSvZ1C0uBn.jpg","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/EF9g1my5HQIF8tGgEjNGW1vxR8JajuhSvZ1C0uBn.jpg HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 31 Aug 2022 22:28:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fe07a-41a\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=prSGK%2BZ%2FADDc7PI2dTBSbviOI9lKIckYgh43IJTGCistj47vmZAqIJXX3gckgnzs6nHYFlEqUDYdPzjwes8NnYQRLavVYXBK\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d38af2d23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1050,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 32x32, components 3","md5":"d879d525121e7198c5c5f0b2be71c2ce","sha1":"da70f1ae56fc1834c0e16ae7dc5b9d93f18f0891","sha256":"8bdf46de0b2685634bb04ae842a892b9bcec19d9438c2b7e381b8e7b23cc2a61","sha512":"634910325de608b980d19ca3011ad0be78c329e61d0eee21a8ec6ab3e08ed3a769f67e4f9fae3664090f20175a0f74c9295fae6be72c3946ea006060facee278","ssdeep":"","tlshash":"8711a57f174313c0fc3b88f756912d65c2e8654638d003062be152d0c920ecdc4c890c","first_seen":"2023-05-04T05:57:31Z","last_seen":"2026-04-01T20:46:11.796185Z","times_seen":1306,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/G4kHuPnMRYKNyfF7aBuirqvbbxYk5hSCDGhJ0IsL.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/G4kHuPnMRYKNyfF7aBuirqvbbxYk5hSCDGhJ0IsL.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 31 Aug 2022 21:16:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fcfb6-79369\"\r\nexpires: Fri, 20 Feb 2026 13:10:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0obuxAF6gpDcV34exVQtvKoCx2ykmGwD%2BAzTmXpw%2FAOZ%2BcB82ghnQBeNN%2BYz8AqDRwaeb%2FyoDi5izcdGI49px374S4E0DDlM\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3c2fa723eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":496489,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 886 x 328, 8-bit/color RGBA, non-interlaced","md5":"c581a2a09ef0fd64cddd1d8af0083b96","sha1":"983ea3145ab8d895a4c916c4be21a53fc97f75e8","sha256":"aa3bb42b10ec9d2f9ff7f84d86233141f1bf022da304d2d7e54dda319d8a761c","sha512":"d5373aa3311112d1bc9c412b9d58b0cdcc8e99c07a635446adcdb6115c3c7b53d05f366ff932696f52e50d7da52df3fa56145d2d0571dfa92f4858a05fa25db4","ssdeep":"12288:5l489eHeQVSo8KlSXJQUES1y/dP+Jimk1fNZ4OQer0Tqn4t9B:396pH8KlSXJvESI/5k+fjjQy0Tq4t3","tlshash":"07b423a0d730a9c6d93b72d4127038dcf59a392df65eaa62023761e88dc0d9ec0d7f61","first_seen":"2023-05-05T03:08:08Z","last_seen":"2026-04-01T20:46:11.70835Z","times_seen":671,"resource_available":false,"data":null}},"time_used":528,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":258,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/fbGIQHGvdDs3ZmgmLuQ546o3ToOU5YKleb9kkasC.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/fbGIQHGvdDs3ZmgmLuQ546o3ToOU5YKleb9kkasC.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 31 Aug 2022 21:16:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fcfb4-2b9f3\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DOjhuGerZyaWOXm4AvgscpmPrjL%2B6c%2FBmuAwRmfUmnl0wbw9pQCVPG79ekktDneQPyYK%2FWU9z3tbkW3uIZToCR1Pxc7mNApC\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3c2fa823eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":178675,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 886 x 326, 8-bit/color RGBA, non-interlaced","md5":"ca660f7969082eb7c4bf9eb6be2fd8ee","sha1":"efebb96f17299df7f5e2aeacca66defb645cd6ee","sha256":"43aabb339ed50d165ca0929416ebfbdbca21a7e716a3b094141e22bcb133c4d7","sha512":"12dad84854a1f4b02fa755263fa35e0791ab79e070fd3979c6e4a54e8b612f59f41bd9be21fe868aed4f961bc2220cfde2185eca7e97175ae68a74b1e4323b64","ssdeep":"3072:TKcJcRxYpcyTG2LUlgR+MuOai3KyyFt9lUWBuuPT7tqQxkXZNvAC8hvjb6mhW205:TKcJHcyTG1G3vc9lRXb7AUkXZNvd8hv8","tlshash":"0204126c91c0a65dca7f040e67bd1f92784ca198b089a3dcc09dfb85b8b18bd6ce751c","first_seen":"2023-05-05T03:08:08Z","last_seen":"2026-04-01T20:46:11.721033Z","times_seen":676,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":107,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/assets/css/custom-style.css","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/assets/css/custom-style.css HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:24 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 22 Jan 2026 01:10:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"62d647f2-1d\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lQhx7hdmTZWTU%2B8TS%2BA%2BwRTsFioC7ZD%2B%2FVu9aKMwiNAGKblRFVz9yiLetZz%2BJSzNkYTVEQ28ooRhu%2FoFgouIx0KO0QwR2R%2By\"}]}\r\npriority: u=2,i=?0\r\ncf-ray: 9c170d310dda23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"2cc149a2ebd1a4253dc242d54c2dd366","sha1":"c28a715492b8decb160125ca7ba623e217c733e3","sha256":"3b6b5f14b03f97ad3a449c30657096210268c8460408a9b77a9b4bdb966e37ed","sha512":"6ff235b93b3aa0adaf92f24fd925894f461fd862238624423a14510dc05895180b38622701f677694fd08ddf373ca6b7dc101df4a936379bb8821b956c9aba11","ssdeep":"","tlshash":"a080002e002380aca8200b82300c0c30e003a20300ba82002e0820ba20b22a8000c003","first_seen":"2023-04-05T18:32:05Z","last_seen":"2026-04-01T20:46:11.751154Z","times_seen":1875,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/TyJLIfONLEKPPwbaTeHSCwnWGXfBYtC0KJpXCS1J.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/TyJLIfONLEKPPwbaTeHSCwnWGXfBYtC0KJpXCS1J.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 08 Oct 2025 11:56:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68e65158-286a\"\r\nexpires: Fri, 20 Feb 2026 13:10:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rwQI95VP1QPbthtwH7%2FAL6rIcfzrTNLXrze%2BEcF%2B2Oggxk2O6dSPwhS4vz8k6%2Fse3p0TgKiGVCCfqG7gbi80J6isdeGxsrMa\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d310ddc23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10346,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 410 x 102, 8-bit/color RGBA, non-interlaced","md5":"cee5605ba7942ec495a83711c84cada4","sha1":"53c8ab1eee6f7c0173d8f4f309668494ccc6c707","sha256":"bbad6c1d21cf9835f338bd3377db63862a3a434c9b4980f9ea68d5e2a9247f23","sha512":"be6cf91a06518ecab7a80faf6aadc920ba26bd24cb88484de6b1b8385cb7e2a0758e8524a98abf0c8f2e9035401d35c630a7a7b5522b18a7361edd32983d391a","ssdeep":"192:/PI6FunqFf2iOkMTsAu44Xo5MpLJmZdROZ/p2UiqSQhmpQjjjX:/g6+62bTTXu44XoqpF4dRhUN+p4","tlshash":"7d229f61b0770de1541c0ca16d578d268bc324a91bfb8514f7d0ea997a0fb767f32861","first_seen":"2026-01-21T13:10:54.519404Z","last_seen":"2026-02-24T17:04:04.00266Z","times_seen":3,"resource_available":false,"data":null}},"time_used":283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":282,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/assets/fonts/la-regular-400.woff2","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/assets/fonts/la-regular-400.woff2 HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/public/assets/css/vendors.css\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:24 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 12900\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\netag: \"62d647f2-3264\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kfjpyleoUPe9vumrqk0xCwuSRjFuGEJCA8pAm5J%2Birtj60ePqxxkFfZsX%2BfsjJ68fYYy0zCe%2FA6EWBv7cD1RKvmWrzaXPIH4\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9c170d33fe5523eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12900,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 12900, version 1.0","md5":"88d9d9416c58bde56378dc4439e3a144","sha1":"bebed8d7033a4df35bebba69f1fc261a78a4ee22","sha256":"51ca2c00a3e30945e52227147fed9e296dde03af3c4d7589e8e95ca5740037db","sha512":"906884d6b687dd0b583872578a107fc7264e4198b3218545c01dd2185a397015b7226e0c96ae3dea6294abf7599052d3d271b6bb8461e972c5e49149f28b95f6","ssdeep":"384:cQ/ZCDaw2Q49jW8QIkW5SepdRZS3KUWSQoppk6CMRYtPP:l/BwzojW8lB5SenCKUtDC3tPP","tlshash":"fe42e1629963cb089c9d5b38b0ee5d401792703dfd9d5bec022bfe52cd4e09e4b1a076","first_seen":"2023-04-05T18:32:05Z","last_seen":"2026-04-05T08:45:03.520624Z","times_seen":4361,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":214,"receive":67,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Dec 2025 17:10:07 GMT","end":"Tue, 03 Mar 2026 17:10:06 GMT"},"fingerprint":{"sha1":"82:59:95:33:5E:76:7F:3E:5B:45:F4:CA:83:29:7C:B2:19:B0:A5:C0","sha256":"A1:28:19:D2:C4:EA:69:3E:6D:8D:7A:20:FC:3E:A6:13:BA:59:C5:9C:DE:7D:D1:25:3D:35:68:98:FC:47:82:9D"}}},"request":{"raw":"GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 21 Jan 2026 13:10:24 GMT\r\ndate: Wed, 21 Jan 2026 13:10:24 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":60285,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"5e5b4b2e4d78154ea73b0609805cc2d5","sha1":"ceeed0d32187afdc105bd721bfbd69673a1d371e","sha256":"831b4f88e3e23e5cee5dae66d5ad1b348bd4a5dd9ecfa1d88c40938751b6f909","sha512":"a8c2cfd51edb65116da470fe1a8486154f8f9f1e09d42886633d3a92b24d4d815bb1f6111aaebc174d46dc63aca916ac8b3726925cdeb1398166d90fbfc1fc41","ssdeep":"384:+oOcL9tMTv9qY49OnL6dOhqqt5Iv0qY49HnQdXO/UQtXWvyqY49tnyTUOYnht4v2:wdBIM84eKcZd4oIp+6hFzFCuVh","tlshash":"d043fb9104171440aa435dd233de7e34ee0fa6616044c0baabfd9bdbeecad6963b435c","first_seen":"2025-09-17T04:42:01.875528Z","last_seen":"2026-04-05T08:09:20.479516Z","times_seen":11339,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":58,"dns":0,"connect":8,"send":0,"wait":24,"receive":0,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/CcGQCop2RKI8zA80TZEss7YuNRxYSREELseYODlI.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/CcGQCop2RKI8zA80TZEss7YuNRxYSREELseYODlI.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 31 Aug 2022 21:39:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd514-4fbd\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Bnpcm0%2FdJbALsUsszSsTqjIY0012NtACLMBjN1sXA2nAhzZ3ka5vD6UfnKyZZnF9uRSuv4p3RtCCBHQ1hWe1YphiMJZqBGvi\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3a7f8023eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20413,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"204f5972baab8be43721a260631d1a9f","sha1":"500cc835079eee2fd40c297e8ae9f70f146fd1fc","sha256":"a9ed99bc8a30142fc577d3c5cdda41b8e71555396c39b18dc50d39f097020efc","sha512":"35a1c79617ab931d6a66d43fcbee539db7447957ae0d421746f40d99817aca8d6c29f1f2f07550f133e66754f193cf53f488076fc0190a5f70df762914d3afe4","ssdeep":"384:qjB2buQ0wAUJSwBkNRjbMZf1JZFEnfkPJFw7f2yuNhv0p7Hk:qF2/nAASY8R8Zf3DEfkhKibYY","tlshash":"f992d09b7908c9984bac7ece98d8dd42f5d2d587907f22d7680f73db2c4c0488c58a8e","first_seen":"2023-05-05T03:08:08Z","last_seen":"2026-04-01T20:46:11.698706Z","times_seen":1046,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/YcJj45vzB0pNEJfGmFwmBqumPnUMZwy0iXMGmE4c.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:26.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/YcJj45vzB0pNEJfGmFwmBqumPnUMZwy0iXMGmE4c.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 05:52:55 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6906f1b7-945a\"\r\nexpires: Fri, 20 Feb 2026 13:10:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t96HBdKKenJ2oFZ48IuAqLhqYVxpH34wWuz6z%2BvQQQBXkUEV1K1xvqu4KnKajfK4Xat5cqjA4E7CdtJ%2BbQ5IlEbARXLCTerK\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3f281823eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":37978,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 430 x 430, 8-bit/color RGBA, non-interlaced","md5":"4ba8ee04b1af5403a6a6e6be34b752ad","sha1":"dc4ce1ece1deb9098784450edd2702d3fc7a9ec7","sha256":"9ef9c9f098ecc6b4de5e0ead13406141959ea94be55929d70d8f8a0fdca028b8","sha512":"a680dfa81d85a5d43a881ccb31d626e91d28d34b793a5a051ae8d7d369aa121e242cd37eaa00d8420836f312facff240130e93dc5cea12fb4a4c99139fae5b4c","ssdeep":"768:+t3uJXIijUi8cZgodo4lhQ10sF9jz/z39Ra0aUocI:+t3uJXIiAi8K9tlIzLjNw0q","tlshash":"9303f18ed21debe8b06979044e7b904ccce8f57e7e59bad8407bb0127401a94f8f53a5","first_seen":"2026-01-21T13:10:54.522119Z","last_seen":"2026-01-21T13:10:54.522119Z","times_seen":1,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":132,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/JZFkoh2DdpJ7t3a1PPUN5IVmJkJb27IzwMKPzTvK.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:26.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/JZFkoh2DdpJ7t3a1PPUN5IVmJkJb27IzwMKPzTvK.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 31 Aug 2022 21:17:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fcfea-6df0c\"\r\nexpires: Fri, 20 Feb 2026 13:10:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BgAcQuo1XhGdYa%2Fm1%2F5G7I9rO4bnyeXzeT13er2BY24AwFX1q69MJu0PMfZOl3eZJVQKZ2WQCam5KCPNBxoWEBLu5A%2Fpal2f\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3f281b23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":450316,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 886 x 326, 8-bit/color RGBA, non-interlaced","md5":"63374a59586d1d44b66ec651117cc946","sha1":"99945288da227b5b91afc664ad8327ad48b20140","sha256":"79ef7859e41f52825b2d33fefb430166f9c1cc644f25314f25f8ac8bb22f3844","sha512":"22cc984eced6b0ab179e877e29237e3ef0a32ebb1a2fad7a2183c36079ca805fa740fca0bd07e0fd9cd5e313fbd3edae7068fb21d27821213b2b56b3e5a405e2","ssdeep":"6144:x/eU8vCtoKuVF616jPVM/fvVWWM3E6msMo29H+W/kUMJax1Mu8u1WI0VeLgpmvT4:qq6JYnVWW2E9BdeW/ZMBZd6BvT2D1","tlshash":"b4a4239247bcc06ee07db5e9e4c256d4a1f2663cead945ff1e0db0c9bc4538ab522d80","first_seen":"2023-05-16T15:44:22Z","last_seen":"2026-03-19T01:42:33.229158Z","times_seen":338,"resource_available":false,"data":null}},"time_used":469,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":241,"receive":228,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/cJxfU7v3KPBN2FqzyJdhheajgkZvv8yJBiqxmUE4.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:26.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/cJxfU7v3KPBN2FqzyJdhheajgkZvv8yJBiqxmUE4.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 31 Aug 2022 21:17:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fcfe8-22ae5\"\r\nexpires: Fri, 20 Feb 2026 13:10:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tAKBmretBx4fTsYDazcsbCmgg3UA4xREiOVO4pKRVE8piut5pjDICmCHlWpjypx9CknVjEYI0klijXSMFmFwQrVC2jF8z0W9\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d40b86623eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":142053,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 886 x 326, 8-bit/color RGBA, non-interlaced","md5":"685055a86010edd61edccdf8145597a0","sha1":"e518030e76f7ebe3e8cfae58b9594d6eea33df99","sha256":"209aec9626d02c4f6b9a2364ea509c7d6d495ba066147ca7910fb291207fa747","sha512":"f7e79b925567d0e2de2e8e7ca111a64dd4695f0c8be7d828722e8a26392b839b9ffbaa3cb0cbb701d29aa0bf32448a99b30daa4405c8c6b6d360829e7c1c46b9","ssdeep":"3072:ERev3MSU0OS2j+aMrjmBgpn73uRdTh21+WQIBxT1Uro53EVYq:EReETc2dM3ygp7I21nT1go53EVYq","tlshash":"a2d3127ed2888c87cca8ce11b5b15f983f9c65794d61bc4a8bbf256b1b584834e21d0b","first_seen":"2023-05-16T15:44:22Z","last_seen":"2026-03-05T06:39:05.572884Z","times_seen":335,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":112,"receive":105,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/assets/img/placeholder.jpg","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/assets/img/placeholder.jpg HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:24 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62d647f2-9d5\"\r\nexpires: Fri, 20 Feb 2026 13:10:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aWPb6nzS5n3Ho0p%2BpcbGcw23Sjd%2BtTeSWXCgsAqa3uwzIgD0W6CJjeJR4olisxEekoJ9AosO9sDEjVLZ6jHqF62v90v2AJci\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d310ddb23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2517,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"5632598c913a4107afee98e7ce1f9e4a","sha1":"17398b1ef500f3c736420927da819ec69cd08d5e","sha256":"b993c5624a17777a296e58d275a775899e72f320f73c254db952dbaa970739ee","sha512":"9dc93d3bb0ac4da02a5a5426a36d3685addbe1abd28c6ff295495ac748fbd6bc4c4fefd36c9c54932d96c75cbfc1bd0b49c03f01f1a95955636048526734b4a1","ssdeep":"","tlshash":"985154a31244a082c4d92bb445e64b56238ed66a86d89fc57e4977b455a33860e8c098","first_seen":"2023-05-04T05:57:30Z","last_seen":"2026-04-05T00:00:22.305745Z","times_seen":2813,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Dec 2025 17:10:12 GMT","end":"Tue, 03 Mar 2026 17:10:11 GMT"},"fingerprint":{"sha1":"FD:7E:C1:AD:46:F2:E8:6C:37:B0:63:FB:FC:4F:E1:A4:54:31:6F:25","sha256":"8F:8D:94:FF:49:11:2A:AC:98:A0:69:08:3E:D2:92:39:94:3A:45:A8:AD:44:E5:6F:7B:1E:27:32:E6:75:86:8D"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mg598.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 21 Jan 2026 00:01:19 GMT\r\nexpires: Thu, 21 Jan 2027 00:01:19 GMT\r\ncache-control: public, max-age=31536000\r\nage: 47345\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-04-05T09:48:38.647865Z","times_seen":199892,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":81,"dns":8,"connect":14,"send":0,"wait":24,"receive":12,"ssl":53},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/TyJLIfONLEKPPwbaTeHSCwnWGXfBYtC0KJpXCS1J.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/TyJLIfONLEKPPwbaTeHSCwnWGXfBYtC0KJpXCS1J.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 08 Oct 2025 11:56:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68e65158-286a\"\r\nexpires: Fri, 20 Feb 2026 13:10:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=6,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OVXpUbe58neq0IV0Z7M%2BYULxJ5qjXjNRO0olJoxl4z1uHQloH4D9FInsiiQcQSQbD%2B%2FWCIoj%2BFidQ28TF76Q%2F3BUK2DvcgtU\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d37bf0623eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10346,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 410 x 102, 8-bit/color RGBA, non-interlaced","md5":"cee5605ba7942ec495a83711c84cada4","sha1":"53c8ab1eee6f7c0173d8f4f309668494ccc6c707","sha256":"bbad6c1d21cf9835f338bd3377db63862a3a434c9b4980f9ea68d5e2a9247f23","sha512":"be6cf91a06518ecab7a80faf6aadc920ba26bd24cb88484de6b1b8385cb7e2a0758e8524a98abf0c8f2e9035401d35c630a7a7b5522b18a7361edd32983d391a","ssdeep":"192:/PI6FunqFf2iOkMTsAu44Xo5MpLJmZdROZ/p2UiqSQhmpQjjjX:/g6+62bTTXu44XoqpF4dRhUN+p4","tlshash":"7d229f61b0770de1541c0ca16d578d268bc324a91bfb8514f7d0ea997a0fb767f32861","first_seen":"2026-01-21T13:10:54.519404Z","last_seen":"2026-02-24T17:04:04.00266Z","times_seen":3,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/uxhH7xhMgkGFke3iSf7CSzaNUVnyJFekGfP6DwHu.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/uxhH7xhMgkGFke3iSf7CSzaNUVnyJFekGfP6DwHu.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 31 Aug 2022 21:53:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd850-82e4\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lSwD%2BtS8g336aVECXkOhS5XS9BhCx%2BOeWiTPy1Sa0EZQEN5da3cPJxXQm5m6mwn5V2LmqMRna8H%2FQ1ZdaLnb4Ty9pm%2FUVV6v\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3a7f8423eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33508,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"651eafac236237a6315149fa80ad76c2","sha1":"c87987610945bf31f063aa9f3714dcf2f409d9c8","sha256":"0c2aea111debcfc2ddc5fe5d6c8ce105848ec1632e7f8ef138af6580731f74a8","sha512":"4cb8d550b425371f79ba53a61ed02c8d9d4167700ba635423f4e91a788d6ac7bed412573707342fb0a92fe9c894f9be9e6f146e2d84add21cbcd531cf276f810","ssdeep":"768:qzojDhGWO0tXC046oFBsyG9LdDxNIvgaT+HDrkMUXhiIEhpQIMgr2p:qcxDOFIcsyG9LdFNsgaqHDIMURFEhWIg","tlshash":"c4e2f1cb9b03b4a498b4559a9b76210fac31042401fd87ff5c9aeb4b2fa5874ccd9dd8","first_seen":"2023-05-16T22:49:43Z","last_seen":"2026-04-01T20:46:11.70194Z","times_seen":822,"resource_available":false,"data":null}},"time_used":279,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/Uf2an5rtjhEAa7tLLoJ3zIViOrgfSNrGoyw13lVd.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/Uf2an5rtjhEAa7tLLoJ3zIViOrgfSNrGoyw13lVd.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 31 Aug 2022 22:35:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fe234-4b31\"\r\nexpires: Fri, 20 Feb 2026 13:10:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=54fUi%2BPPda2TeYikOsRr%2FYGEOEhGDrG%2FrLPUcbOs7MlIH%2BnMw%2BNusiYLO9GYDqqOlNoEggApWsgdNr2Gn05JQKTP0cN%2BTlaI\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3c1fa523eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19249,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"3182a7a17fa69c0193dac2d2bd18ff48","sha1":"4edad27447cbb0701678c3c33bccc243430095aa","sha256":"d64301440e08abf71b2b77e61605d8698e38a7187636217da579867f22aee5f8","sha512":"b72dd5afc02143551c5ada8a4f123ee0b03ce05e936a2d0e537e974fadb96fc1557cce28acffe97a87152d3efce255ba95f13751d8317390df34ee3555313f63","ssdeep":"384:vyYS5h/rqCLIy0f+Q3iF6ampLheGwx4752IwcLf:vzE/FLIyO9yYheBxA520Lf","tlshash":"d582f106a53b8a34d79214efbd22321ec4f1b37c19362b44271f67d2a075e8b9e13672","first_seen":"2023-05-05T03:08:08Z","last_seen":"2026-04-01T20:46:11.76797Z","times_seen":773,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/omjR6KY8oejYSFFKSyMOfEopYqsvlsKJL907KfhM.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/omjR6KY8oejYSFFKSyMOfEopYqsvlsKJL907KfhM.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 31 Aug 2022 21:15:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fcf5a-e7280\"\r\nexpires: Fri, 20 Feb 2026 13:10:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2SCD0tkMDyt%2FPcZgE37Kr6i2peMRkKXhRZa6irFEzX84m5zQ%2Ftwn1v35opFEhasj1kT9mm3%2BZ18u7fyQp%2BBxzYWzteQk5b%2BX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d310dde23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":946816,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1500 x 598, 8-bit/color RGBA, non-interlaced","md5":"9813961294173b088c6fc6e6df6bbc11","sha1":"db80a76f2716f9aea7bf07f0997c294bfd609607","sha256":"99f17b0fd7def171bba471e20495f514387c6e1389d1ef81b2b2fc70629c5d1f","sha512":"848ac1ba3b0a0a882129abc258e440431b64821a8106e46df7fa5f724cf847386d3f921ec4d6f443967a11f4ecc6f67f20424c1a9eef564fdb759cd20297e59d","ssdeep":"24576:rA2q5bAbwNDJ/BGIDxyk4Mv1GQ5XXGKK3Gh1phBKp479okeWnVj:rAEw15DuMv1GQ5XXGV2rbBKp4R5eWnN","tlshash":"0115333d82ecb2c8df7fd06a05a412493a62558fa6548108740f689b9bc8c87ff9c6dd","first_seen":"2023-05-05T03:08:07Z","last_seen":"2026-04-01T20:46:11.651313Z","times_seen":163,"resource_available":false,"data":null}},"time_used":611,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":279,"receive":332,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/A4exnDZSrAXvDu3OLWe07zbp2XXmwnQXb8iHu7jE.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/A4exnDZSrAXvDu3OLWe07zbp2XXmwnQXb8iHu7jE.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 31 Aug 2022 21:20:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd09a-bc82\"\r\nexpires: Fri, 20 Feb 2026 13:10:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EXC9t9caIxi8d5tNxVweht7AINPKiZTO1ag7AgDjost9LlmSEE4TJYGwhHB3UKG2TIEmlXTQpIep2Zpt3wmbLhD8MkxDXEZD\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d311de423eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":48258,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 800 x 111, 8-bit/color RGBA, non-interlaced","md5":"76d2e804b13ae4a73982c3b2d75df903","sha1":"6747c9c593477ea96a3c96b808f2c93ce1a792ac","sha256":"dab6d5663f1c13413064c8e61aaa469dee17d921ff466b52380d4ecdacfcba45","sha512":"29cae41b0746fedb3641f52681cdedf6d2aae1b4cbe7c45cf5bf281da3689000fe1ecbf7daa646627925a24e084fdd4536f140ea5a287c3e3049687af770bd1c","ssdeep":"768:/lpWRpVZ/xrbiaVNCHRXvTZqYAsThs1/Y7LDPn4/FQ1jZgooky7DT2g0u+HaMYhh:/l8HZ9bdNCHxb8kTsY7LDPj1jZgD7Da+","tlshash":"a223f161f55e483740307d59ef42ed3ae1ecb1e17b7a8c2b7902ec9c94d9dd908aa40b","first_seen":"2023-05-04T05:57:30Z","last_seen":"2026-04-01T20:46:11.679131Z","times_seen":3135,"resource_available":false,"data":null}},"time_used":368,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":300,"receive":68,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/assets/fonts/la-brands-400.woff2","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/assets/fonts/la-brands-400.woff2 HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/public/assets/css/vendors.css\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:24 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 84772\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\netag: \"62d647f2-14b24\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ia9X7LwN4lHBg0cziQ93OFLOsYwNwQIMMGSOGVCF4g5sy6EOU3sMf94OYABYsOuX6nOKxl0WUDx%2FwmHsXpbNAJyFpvRwytq9\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9c170d345e5b23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":84772,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 84772, version 1.0","md5":"54b0b4e7de85711c3796882b2b19eb00","sha1":"89f4f0d9ee3a2bde5fa250bbe6dc4a4804e1a863","sha256":"ff70c9bc4650cf5e6b12d1feaa7af29ebf0681993fc0c5ffe3658cea0dbd5403","sha512":"38490f72deaf75fd7a82a23919fe479b5a5a0d0d7279aab96e153dfe413c1ee89f2095111dcccdc58470c17622f6bb44ea4d63a8da6208c973bfea7035a37a21","ssdeep":"1536:5W447cpQ00eKOVGTZUbT3g4SAXjZoUANGBem/V1R6WsMpEEeOWeB:5zSiVGZUwEXjOvGws/WweOhB","tlshash":"e7830284fb35e9e4718ecb30d58432a9d5e9a0f8b91a0456f1c7c07bce2d6fcb196492","first_seen":"2023-04-10T16:26:38Z","last_seen":"2026-04-05T09:19:49.138692Z","times_seen":2481,"resource_available":false,"data":null}},"time_used":325,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":193,"receive":131,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/YTrXmHPHEBAeW73ffIhMuvOkpDsDbd1IbHVGDaZh.jpg","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/YTrXmHPHEBAeW73ffIhMuvOkpDsDbd1IbHVGDaZh.jpg HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 31 Aug 2022 21:32:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd36e-556\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9fNrJe9V7CuDXoVr7A867f3PiIyiZTGdmMPeWSb1ecMp%2Bdl%2FQiu4yjrPDyurFYqUQu2MVadwvJ%2FR%2F5vJciDoeq5g06YEYsmn\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d389f2723eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1366,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 32x32, components 3","md5":"b9d5b478cf1ccf4b63c4c4f309c57672","sha1":"cf135870f4e958ae16622897add5e44b9a661039","sha256":"393f0153f4308fa263f01711192bcb12054c99454799b7b36c2382c7a95582ef","sha512":"518b3a718575a8c9ab14bd4aa7bc01e94b2301434da55e7ee8aab9d91320457976a019191f7038565b29c839d0b44f88d0d4b93febff12d779d8aa93ea2eff0a","ssdeep":"","tlshash":"dd21fb274b5303d0f5bac4b340d97dd962da59aa30e95352e8e181e1d990be8c1c4d0c","first_seen":"2023-04-18T11:40:39Z","last_seen":"2026-04-01T20:46:11.791884Z","times_seen":1452,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/haE2D6jYCLyblTY889YdN88mBXHLhHjf4Qa4JsNi.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.944Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/haE2D6jYCLyblTY889YdN88mBXHLhHjf4Qa4JsNi.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 31 Aug 2022 22:31:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fe15a-42a1\"\r\nexpires: Fri, 20 Feb 2026 13:10:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7vJ1RFkA2cSRP0t4F75igbLPbQlkjGutrmOBjZrlfO8M18zsNO9YfKM1UU6zYNPj2t7YgjaBHAg9rD5w%2BgJTNjmKjjPE%2FnNF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3c1fa423eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17057,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"c8644f70aa738a911c1d2a7ce1f6d8b3","sha1":"8e39cff7e880d77e5d832b625e75b80c660f941e","sha256":"61c838b3c598bd9daeb9ffe3cd357d4a048df9ad46805c6523c7ac032957348a","sha512":"067cdf4884591cc79ee09036a306b94c86ee843258586d6fbb2d67225b9bd5d5504a90060e030ce04ccf4966ac163537d54ef44b7cd9226d85511ea86df94b74","ssdeep":"384:J+EELilwdV+SuZdS44tBzA+OxbL/cv0Ce9oHzDxAwOW7uc:J+ZilXTZ6GvxbLS0pqzOP+uc","tlshash":"bc72ae83a73474f9402a27f4b1ca1bff59892631c6391fed98722ed081169ee4cf0b95","first_seen":"2023-05-05T03:08:08Z","last_seen":"2026-04-01T20:46:11.739286Z","times_seen":730,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/bxlhVvN0AzEbPUw18ywPWlqB0ikeFoFRSjgWtacq.jpg","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/bxlhVvN0AzEbPUw18ywPWlqB0ikeFoFRSjgWtacq.jpg HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:26 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 31 Aug 2022 22:42:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fe3c8-17ca\"\r\nexpires: Fri, 20 Feb 2026 13:10:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TvBtjnqoNthCb74iZIYXyNNyZrsiUwB8%2FbJjgL2Mra50UaKKOYdKypJJe5AAhyEac4ObVDfW1zJtNDuT%2BhPQFRpp3n0SNmDf\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3c2fa623eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6090,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 200x200, components 3","md5":"2ecc6b1205f68e22291eb7351dce14e6","sha1":"3ea1323753b8307a89bf28474c9d94efd94099ca","sha256":"7dbf24942564ae07d811c4e9b33ba0d4d18fa415e98bf80db43c8ac5c2ffde07","sha512":"2bfc6b355cef54b4e9ffda17d188ace61bf8196bd0060ef65e94968d18b9494c3b7538d91f2efacca6911b17f63ee69222d5f04379727e4af573b207c348c7d5","ssdeep":"96:mEH6TXzPGqhGpBXB6q2TPXpRxvW/nksLPW93oWSxaHLUBwqSKYH2h9LTM7r6yrI:mDTXTGq6yPpLW/ksTW93oWrvH2bEvfI","tlshash":"bac118431d0d4ee7f625cba23f120e8c7be06648aca074ee01e1edc99f10e891e60547","first_seen":"2023-05-16T22:49:43Z","last_seen":"2026-04-01T20:46:11.844136Z","times_seen":555,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/BSvBgTFtCnEMrX8Ky3nKOG4ESOeGbNPBjDHErehg.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:27.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/BSvBgTFtCnEMrX8Ky3nKOG4ESOeGbNPBjDHErehg.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:27 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 03:05:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6906ca6d-8403\"\r\nexpires: Fri, 20 Feb 2026 13:10:27 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0ybbG9ej3F8cmCZdw3BvJSyF5at8XyAe9vVuivfk%2BAzbRpkahfqsSNrYlZt%2F3%2BxhU19d5%2BhOYx8%2BWfSXvHOfVbxRe%2Bj8qeMT\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d43e8bc23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33795,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 430 x 430, 8-bit/color RGBA, non-interlaced","md5":"0f9c8ae216fe65f88433e4ccc705223d","sha1":"01f750bf39ec383f4d1a25bec676920ec893854d","sha256":"269e9642e14cb2709064b50642e61d893a14fcb955252e241074eefb33117cdf","sha512":"07b111963b65ca2c96b2ef807a2625139dce7248c9d30f166a4fd12308ad661c9597ce0054950577e38f2cdccfd21cc1b50150a44fa9446a738eb11a72687c95","ssdeep":"768:8cHX2WHBG/6D4LWpRhqJ+/GAGRF4LrW7mu85VONyL56XYfgYd/mlx:VHXJEWp7qPAGRGvWShVOAL5uOgYglx","tlshash":"a6e2becbb39e4fdf028451cdd8182e8d9da950906776777dc285a446c2df3888b9cbb2","first_seen":"2026-01-21T13:10:54.531414Z","last_seen":"2026-02-24T17:04:04.00113Z","times_seen":3,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/IDrlIUQlZoeM7KXJlJ8NfQzOCTrnU7q0WlwPBvub.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/IDrlIUQlZoeM7KXJlJ8NfQzOCTrnU7q0WlwPBvub.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 31 Aug 2022 21:15:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fcf78-f1fec\"\r\nexpires: Fri, 20 Feb 2026 13:10:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lF%2BR3Us0VkIVElK3rt9r8Mv8%2FFY2vjWJF89T9uD0i3E6Sz1KsFby7Qdq%2Fx%2BMhG122uS1bsyFxfYefAv2O39F6tiPEbhRmEG8\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d310ddd23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":991212,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1500 x 598, 8-bit/color RGBA, non-interlaced","md5":"b14b014ded752325cd7815b992260bb8","sha1":"7ca0ae9e304914bbe0490df4ff4814b975ab684a","sha256":"276940c221371907ae03157ca90dd04033beb71d6defa0de3792aeee976a3b92","sha512":"adcf40171e541cb506a6bee648f9d49cf0667f584b11644c40b54ba7962e6d7a96c21df91891bbaaffd78eed0e8605f93c4199dda8599d4ba1436e40c4a86e72","ssdeep":"24576:NzYrtv9QFy+/ldXTNaypK8jxYxC+nOp1vtCWh:mGR7XMyOTOpNtXh","tlshash":"f125337e369e30ffb916c226df8a5d669facf697171f1a23493186eec040c549b02b40","first_seen":"2023-05-05T03:08:07Z","last_seen":"2026-04-01T20:46:11.676015Z","times_seen":219,"resource_available":false,"data":null}},"time_used":631,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":297,"receive":334,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/aZrKPk8DiOV4C5wAMt5ObBC3Jk5dSpnWUuLHP8xe.jpg","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/aZrKPk8DiOV4C5wAMt5ObBC3Jk5dSpnWUuLHP8xe.jpg HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 31 Aug 2022 21:39:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd526-4e1\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fo6yKh7IKH3av0FQzz4EOaxa0ndHRHa2y5Iu2%2BnDM2s0zzNkFCJCtqOP0Iq9A4xGXcjWK3XSqDFumIWti7UdtwY3kQtRimkO\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d389f2823eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1249,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 32x32, components 3","md5":"e1580854a56cf8efce3da98b6f6b2244","sha1":"5b0bf6176fcda86dde1fb62d523e521b03b84dc7","sha256":"4e30079f56d5ba1bbf4199b3aad170c591e4c554a74131bc213474ede0e5824f","sha512":"a2c68d29babda68c59816f4e2607614d2a7ded8dbea7e8238d4cf6ed4525201258f241db5e9f77c762efcddd9aadbc79c29c830bd98284fe0d73149d061f44f6","ssdeep":"","tlshash":"c921743a568347e0b92388f7cd622da6a3ddcf50349046492af05ae0d261ed591d891a","first_seen":"2023-04-18T11:40:39Z","last_seen":"2026-04-01T20:46:11.681702Z","times_seen":1282,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/AXlNH3zPDO3AIWY3TEno72Y0e4lfbX2EAARxcC24.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/AXlNH3zPDO3AIWY3TEno72Y0e4lfbX2EAARxcC24.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 31 Aug 2022 21:16:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fcfb6-58ca7\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S0WZ%2FFGg8mpo2AuozhI7UHV9kPEk8EYff3Fti7TOnVPlTVmlCNBGLsasHAoIjQOinvDK7bHEXD2O15FY29rQppy7LX4AzHNY\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3c2fab23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":363687,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 886 x 326, 8-bit/color RGBA, non-interlaced","md5":"ef8bea090425cb134eb494575ab13b56","sha1":"4c965825646abb5d6541a87a6f345e6c79ac342b","sha256":"3cb0a29341edd860b11040069b7c9f4c032d5dcc3771b03e7ce50896aed1c736","sha512":"d568d5dcc74c8e333576272bf49b842b5c02682e8b06893fb42d95c548387ad1a6e53c0785fb3c1bf14ac5040d3b3d0dd51e3723d1e9c03156d4cb553c70023a","ssdeep":"6144:jm2a5bCA6mWgpc/wmFOfv04bRHnpgk3RmZCtGd8HYjwWF1fbEWAGdZniXX+GOwai:jFamlgK/wmF2v0S1p13AZFfjw41/tnnu","tlshash":"817423ae10af573915574c3a0a8d35ef14b5aa99ffaa4283ee336e45a42f02047317c7","first_seen":"2023-05-05T03:08:08Z","last_seen":"2026-04-01T20:46:11.853026Z","times_seen":615,"resource_available":false,"data":null}},"time_used":274,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":162,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Dec 2025 17:10:12 GMT","end":"Tue, 03 Mar 2026 17:10:11 GMT"},"fingerprint":{"sha1":"FD:7E:C1:AD:46:F2:E8:6C:37:B0:63:FB:FC:4F:E1:A4:54:31:6F:25","sha256":"8F:8D:94:FF:49:11:2A:AC:98:A0:69:08:3E:D2:92:39:94:3A:45:A8:AD:44:E5:6F:7B:1E:27:32:E6:75:86:8D"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mg598.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 21 Jan 2026 00:01:19 GMT\r\nexpires: Thu, 21 Jan 2027 00:01:19 GMT\r\ncache-control: public, max-age=31536000\r\nage: 47345\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-04-05T09:48:38.647865Z","times_seen":199892,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":126,"dns":1,"connect":16,"send":0,"wait":16,"receive":21,"ssl":104},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/sC6ULeGDfqVbu1b3LcqrTOL5pm4UGQedv0kbHDIv.jpg","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.393Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/sC6ULeGDfqVbu1b3LcqrTOL5pm4UGQedv0kbHDIv.jpg HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 31 Aug 2022 21:42:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd5c4-4d5\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ruXZqQ%2FrFsm%2FfHjthMYK5SftVv0yEZhf62aNfELX8GO5VRTyXOb%2FD0FvjmFGNiriBw0ApLRTzJ5uGFbF%2FY2JFoD%2FUnLBp5cl\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d38af2923eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1237,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 32x32, components 3","md5":"96298d43684ffd02a2a79da4b3fe249f","sha1":"2e79300fc21bcf3999a341bd76cac97f114b4382","sha256":"bcae7635b12fb44a84dce7e6bed9be6a709ceba04fee1385094506de6be5eb4f","sha512":"b039c7cf285ad4d1cb3e5bd760a8a2eced17497fc4db53d22e279d8f650e0c35be7f7ce8f78ddbebaa4d1fc425c93a197ae3e3c25625c21809c54edf96d0de37","ssdeep":"","tlshash":"9a21b72e32d207d0ba3784b3103a5ca2a2d87d82b0a413862ee85231c412dcb8508a1c","first_seen":"2023-05-04T05:57:31Z","last_seen":"2026-04-01T20:46:11.639332Z","times_seen":1348,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/daVWMYg729HjSPlKmknmYwhj2r9PNUSZdRxdwTSo.jpg","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/daVWMYg729HjSPlKmknmYwhj2r9PNUSZdRxdwTSo.jpg HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 31 Aug 2022 22:35:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fe234-4f1\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S2HRR%2BetQM9OQVwBUmHirZ8UK7vkc5cOSiveFxwZ%2FosSDHivqCS%2BkTFOy%2FjS7MAM18Vv4EqSD8Nxy9WSuj8u7WC9OB2ZgBgr\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3a6f7c23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1265,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 32x32, components 3","md5":"2ee9653ca564329d4ab6771a802741e4","sha1":"f39633c5e4b51e23a3085b29f9482e21a5c204d7","sha256":"a197c7c913627e639aaf3a4ab155eaa119f846e1fd810cdd8e0e9aa58c5be14c","sha512":"aca893b869cffb0411803ec543105858b6e597a4aeb911fe062273fe97f45f0f56abaf9618c32905b5e3fc947a406b4627769847b4440a92c31e1c16aade4a73","ssdeep":"","tlshash":"1f21843b57520bd0793588b644057fd1e6ccdd45b1d0566a2fd4daa18961f81c08c90d","first_seen":"2023-05-04T05:57:31Z","last_seen":"2026-04-01T20:46:11.629118Z","times_seen":942,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/nFHQqm6mn8srQHwRE4qlonGOWAM7eK4oz2qkG7ly.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:26.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/nFHQqm6mn8srQHwRE4qlonGOWAM7eK4oz2qkG7ly.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 05:42:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6906ef34-cb63\"\r\nexpires: Fri, 20 Feb 2026 13:10:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9R4bzV%2FLWMSUtP1rw74WYh41oaUUoxsY5FSq6Y3i9YO9Ba2IxUMFIUqiBpYsxWq2p7rIqHJOkHpp3gryzZCGlyQ%2BVvagW5kI\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3f081223eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":52067,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 430 x 430, 8-bit/color RGBA, non-interlaced","md5":"b5af3c33ceef9fd043a4a07e8172f548","sha1":"d0a4ed6f3829e0e83ecb2e0700959117edda7d0b","sha256":"23fa78c776c9509d599c2696f76082b2782fe4cfb71bd65d9ff97ea251a9f652","sha512":"0a82c9cd65fe26df485445690868cbfc1d5f058f0fea11e5886ca7521ec8c3bcf23481fd71d926e34393126df7628d668a5821e6c50d1200f0c39460aedc2af9","ssdeep":"1536:TbR03oznMpsoxkMZ3dfHRPq22HQlX58/G2:TbS3tFBfHRCVQlp8/G2","tlshash":"4d33f170bbc50baafd96fc647d4fda784e975405a54e1ba42834b5530f03c806eca0ed","first_seen":"2026-01-21T13:10:54.536505Z","last_seen":"2026-01-21T13:10:54.536505Z","times_seen":1,"resource_available":false,"data":null}},"time_used":342,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":276,"receive":66,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/1rg97Nq4o4c7tqhEoqzvwsA30UCifW4qIo1IWxh3.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:26.431Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/1rg97Nq4o4c7tqhEoqzvwsA30UCifW4qIo1IWxh3.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 05:56:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6906f288-1f786\"\r\nexpires: Fri, 20 Feb 2026 13:10:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w59jKUsYszH7prl3v0Fb67F9hegwvzvZGKQGs1GVbUTAc0wgyprRC%2FyZo6Z3vaGClHcT45UhM9TsrB3bqh83yMk19E1lTvSl\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3f281a23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":128902,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 430 x 430, 8-bit/color RGBA, non-interlaced","md5":"93aeee55800f571a849c9e41a8044c39","sha1":"3aa12eaf983da58f1d5ada8f11ae093a461bb9e7","sha256":"7cd0e4462c22e4a461be9962f908c370eb807f79f43dfd31196d572b7be2d399","sha512":"d0f289a0c4714ce3746b859ef3680b987854ceaee5811bb32131fc3ae7b8fed93f2cdfadcf46bde29e542a6283e240e71a64e27ba8c336cd652e5a440885f8ac","ssdeep":"3072:ltwv2ZGV/0ug6gU6pAu/Q1N/lMUhuO27mYxjsSm:Qumg6h6pAGkNn0ByYBE","tlshash":"a2c3027a1cce92e6df170e93058024a4e2f5fd3cced05c359c5deea11a2b2f9846e54a","first_seen":"2026-01-21T13:10:54.537401Z","last_seen":"2026-01-21T13:10:54.537401Z","times_seen":1,"resource_available":false,"data":null}},"time_used":286,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":136,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/assets/css/aiz-core.css","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/assets/css/aiz-core.css HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 29 Sep 2025 20:52:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68daf180-2adb7\"\r\nexpires: Thu, 22 Jan 2026 01:10:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d%2BnDzLC3cBK2uI7p7xiOjop1KAYPN8hSvieD4CWsycysKXhLjtCskul031jF8gHtv55G27TClUNVlibUOJ0cYr1Xu1k7UF15\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d310dd923eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":175543,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text","md5":"999571119be46afc3f69483aa70f3819","sha1":"25f127895a6956e9531655089f92e1843ed872c9","sha256":"9a42c11214326b77399d9cf4125f59947ab906e874e41f3791dbdba9552d555f","sha512":"511adf9294d9c1e39e4c96e2ac72fe0360cb246ae3c99254151472acb05f2182fec4ce6de996cb39eff516215c8858675524d887f5aaf840598cc85d40ce103d","ssdeep":"3072:0O2aWV8UUxD1p7szMux/uCfQXsY+lLcQR+/s8YBbtVTsfcHFnNDsNv4lUujmSE8a:0O2aWV8UUxD1p7szMux/uCfQXsY+lLLI","tlshash":"98049493957315483c67936ca7ed2568233d6007fe06dcb87bcc260acf885e4dda3a99","first_seen":"2023-04-05T18:32:05Z","last_seen":"2026-02-24T17:04:04.047311Z","times_seen":60,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/6r6jbJuTHTu2Uj7A1NHkNEf0EFVQMz328jxoXFL4.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:26.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/6r6jbJuTHTu2Uj7A1NHkNEf0EFVQMz328jxoXFL4.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 05:44:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6906efb2-a6aa\"\r\nexpires: Fri, 20 Feb 2026 13:10:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1Z%2Bp8EqzVqY4xckcNhOGp4dc4sja%2BmdFYYJ5UoVEn317aoSyie5Ep8zuwkeIXBerey2RjCYu5NlC2ixdos%2FmUl%2FSqcrkFMeR\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3f081123eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":42666,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 430 x 430, 8-bit/color RGBA, non-interlaced","md5":"315ea6b913f93983c1f4b2cd7c4a6744","sha1":"1e27599a06d8dd0eee7a13900dcf1c74f9d74be0","sha256":"1ead0a74b8355ef15cce26e32ec131056d4e5c479b630f1de3e1a33c551d41d4","sha512":"77b53c8a3937acb6d5057bb62dbb83c6dd79f7567b101b72cbe2aa232743e54c5d5dc15707e8b057a71954f3a56d76995543604f3f077f812e5177f33171c1b5","ssdeep":"768:Okak+65u52ulwgmlLxY6LmnU2xnmLaYuVWbGGN4u7rej:OW+65uYulvyLzLfGRu7rej","tlshash":"4113f1cf300d36ac7ddfaafce94968a058105942b0e4e58689dfd1b8f74ed6d3279206","first_seen":"2026-01-21T13:10:54.539177Z","last_seen":"2026-01-21T13:10:54.539177Z","times_seen":1,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/ZrsbEGt63B7Rd8Bt6WmBV1YYPaopxwc30GiB7hKq.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:26.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/ZrsbEGt63B7Rd8Bt6WmBV1YYPaopxwc30GiB7hKq.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 05:48:39 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6906f0b7-13399\"\r\nexpires: Fri, 20 Feb 2026 13:10:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GDUUJRqLyMaYqho7%2FWleqsbb6%2BFMemV2Ps8g7ZWiEH%2BhhWEwDDavhH7RBFi7qnZ5HtGIqq554VPjQjOxeSMIAZmZHW3u38dF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3f181523eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78745,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 430 x 430, 8-bit/color RGBA, non-interlaced","md5":"6df583b48eaebdf4f7df68708d842dde","sha1":"973aff338fe30e4f2ee535aa7eb1390b1e7b9f77","sha256":"4985195823aa4b098f3e65652941069f9e95614b697e9ac4b616b5c9b8bee9e1","sha512":"409132294da676ceaceebb47b88ed34b4706603643ad74ecef56aa22b5a95b985dae8c72290ea6b41896aea723eafebfd09abd7ac872890f357748c5d9426f53","ssdeep":"1536:48F5IdZ09Fk0oM6akfdePezK1ONQzkSmzH4n:BIdZuk0B6akgGzK1H0H+","tlshash":"e173f1ed722a1d735ba0bf456f0837657f7f01d6299436f684a59680fb2894f081e8f0","first_seen":"2026-01-21T13:10:54.539971Z","last_seen":"2026-01-21T13:10:54.539971Z","times_seen":1,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":68,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/B5rsw7hTKvZAgejBqJKYJbSv4FOihHjJKGcCY7Wc.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:26.425Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/B5rsw7hTKvZAgejBqJKYJbSv4FOihHjJKGcCY7Wc.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 05:46:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6906f03c-9123\"\r\nexpires: Fri, 20 Feb 2026 13:10:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XCnxU6Wtw9AGygu8U7MNKaVj470kFi1j4HeRykm8gH9s%2Fcq%2FqedSfvKT%2FP1wa8ZhIwt5b4HgzOSkYNOPt1XmYGoRfC7Zkttj\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3f281623eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37155,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 430 x 430, 8-bit/color RGBA, non-interlaced","md5":"0f082188f604826cbd27c0ce4f44070d","sha1":"e302cae68f23a7e6746ff3b7890807e45d267c5c","sha256":"076ee57301154e5104af57e7bbe0bd73ab9ccd9fb186d18c95e7cfc15b0ab7f4","sha512":"1fbfe6c9dc88af20cbe286132312d3425202358b6ba1334ac2df8d415f08ad9bf7910a81d1c0c14239de4a5bea8a0b83e62cc48eb88e51c8940a69369481a8da","ssdeep":"768:u9klClbYMvS2IurGWVdu6ArCDosKQAaobSEdh7kOjbbRsRoWoGv/wbuL:u9k2YM6ulu6ArCDobt1SagOXKWGvYSL","tlshash":"b1f2e176422d0febd1cb6f785005013e58b01a956b0ba161b037a87358dfab65cf4daf","first_seen":"2026-01-21T13:10:54.540775Z","last_seen":"2026-01-21T13:10:54.540775Z","times_seen":1,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/assets/js/vendors.js","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/assets/js/vendors.js HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:24 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 04 Sep 2022 10:36:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63147fc8-147f88\"\r\nexpires: Thu, 22 Jan 2026 01:10:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WySUwKVdk2%2BMgDMk7TW3LOEMlI7WoHJolRpoO2KwPtFtGxGZewDB2vb8dd4EMGolcUyTSRjtvafe5mQFldWTUXE%2FSvsvNXbb\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d311de623eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1343368,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65446), with CRLF line terminators","md5":"892778359170727f61a5c126de22bbc4","sha1":"3c96b1c22b2ac0910da4fd907b6b9dcfccdbf249","sha256":"8af4d6ddad6778ef6e6f3ce0365db8566f02848c24dfd63555fe1d6b4b3ff9d2","sha512":"f94b550e36e5fb3a8b68f738d62490c5f56d6375bf32ab77ee6640fe2919efe55015345007d27429f5cf9823910765c08fde0da511aeb6e943606ed467bf0961","ssdeep":"12288:eywRuI36a1J+HhjynEs+tYdLnx7/zUVTnVMmbS5M3u68:+B36a1J+BSzGYJJ/zUVTnV98","tlshash":"e6254bc9b291b03247d760b5502f110bb23a6929a44d806cf639d8e97dbcd4da27bf7c","first_seen":"2025-07-28T13:06:06.60703Z","last_seen":"2026-04-01T20:46:11.710962Z","times_seen":188,"resource_available":false,"data":null}},"time_used":486,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":282,"receive":204,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/assets/js/aiz-core.js","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/assets/js/aiz-core.js HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:24 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 11 Nov 2023 10:33:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"654f586c-140ea\"\r\nexpires: Thu, 22 Jan 2026 01:10:24 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D6suvOuldQSUhZf6muRyd3SxcrlVcM0UzyoGv%2B1GemUig1YGG4xpCQcdJ%2BjJCrkahoxmu7jzhMXc%2B5ImRdF7FjdBnCnJ70Fg\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d311de723eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":82154,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"9a6e566915417c2103df2e69dcc44f2a","sha1":"10f7a3de4d164a6205b89c6007d0187ea38f3a3a","sha256":"11fc9c2834fabf211d1c723b438855375d502611712f618c9b0207e91e0f6c9a","sha512":"986cb542b068eeb28314d99c1a8ee413856673797a69280676cd328f6ceeafe4170a4ef1a939d56694e06bf985328dc25f44581747e61530d42be71a440270b6","ssdeep":"768:RX02O2suuKE0ypBCLCnKPFnVJ97Qntfv/2yyE:RXI0engE","tlshash":"2a833e09b0e76425647b71fe8fafb5403561d02b850adc103e8d53c89f9ac3da1b7ae9","first_seen":"2024-01-15T04:46:17Z","last_seen":"2026-03-24T03:59:26.512995Z","times_seen":49,"resource_available":true,"data":null}},"time_used":279,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":279,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/assets/fonts/la-solid-900.woff2","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/assets/fonts/la-solid-900.woff2 HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/public/assets/css/vendors.css\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:24 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 96752\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\netag: \"62d647f2-179f0\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FFtv2WaTr8DbS0vCsr1L6cTO2f1ZtVvpcHuA%2FR4v1No1Ia2embMpXEPzfylghuI3hFj4KfgAXZlln8FWuwUq4TOlBZly356Z\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9c170d33fe5223eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":96752,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 96752, version 1.0","md5":"36fc297902c9a2e857858baa6ac25f2c","sha1":"89d9531c0c70a8751dff83c1917baab1f16a2071","sha256":"10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb","sha512":"c5711d5027762fbc8d352dfdf64094958348b873671c891e8c5cf701a569c3bad672a380db7fad76692bf79dc9235b37f76b6f42f73698c9f85d2c7a23aa62fd","ssdeep":"1536:H8wZeXMjWqtJeAAHBX6ANib7HTYJv+Nr1ScHQjn6t/k5LBNCMAG35y:H8hXMjWeeVHtA7evKr1Xwelk51N4Gw","tlshash":"1f930257f0921be097c688990e189035cd39fd71397fe9f4e603ae4cc361927e52a4b6","first_seen":"2023-04-05T18:32:05Z","last_seen":"2026-04-05T08:45:03.561181Z","times_seen":10919,"resource_available":false,"data":null}},"time_used":393,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":200,"receive":193,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/FwZlWQdDtdap6FDGukabtPR9nGISL2SINWeDUlLV.jpg","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.395Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/FwZlWQdDtdap6FDGukabtPR9nGISL2SINWeDUlLV.jpg HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 31 Aug 2022 21:50:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd7c2-57f\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CR6EhnBUPx8RjgK2ZBrONQ2Z%2BKNOJNnVN%2F76tDzM8W4D4XncOny7o7ZIfIUXfzEn%2FMLZdJvovN2cAsW%2B9bfv%2BuvUTaIisyoU\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d38af2a23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1407,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 32x32, components 3","md5":"5b29995f74195e646abe742f826a586b","sha1":"52b226843eb0050eece321b5b84fc06e3d7f407a","sha256":"b01d56794c1ee32c4ab6b186a8758edf129ba93be2b73117c523726cba08f1f7","sha512":"aeb93900addfc47a7439ea5b67a51b090f830b65dd70636ffc130b094614235f3f1c414c3bf38bbec3dddcf3f459a666b77cbfac857a1d69e39dde88da95e1b5","ssdeep":"","tlshash":"0c21b67a374207f4f51a83b78c111ca9c2ef6291368116e736ed8652c1726c0dcaca99","first_seen":"2023-04-18T11:40:39Z","last_seen":"2026-04-01T20:46:11.773172Z","times_seen":1375,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/N3vnccAj2nO1mipj3ErFMaf4Lt87CMOlJ5kyIVyi.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/N3vnccAj2nO1mipj3ErFMaf4Lt87CMOlJ5kyIVyi.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 31 Aug 2022 21:50:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd7c2-616a\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qRhzz%2FYMRoAWfMuVRA%2FdcMZ2i65uLI7jJnkjEem4fvmywP4eyAHr6hdvOtHj%2F%2F9x%2BdCodoCnU8MaTnidtnDY7EG%2BUBzmhg7J\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3a7f8223eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":24938,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"0ed838de0ab686e11756a9e577ca63b5","sha1":"a533921cf201275e0fb4e357235f43609d031101","sha256":"7576ab29dd4b98bae9df379d9529cacfc3741d0812f61e70ffa170ff4afea80c","sha512":"ce418371ad232dfa6ea3b3088b00033466be36677f21384c45327b9b9736fb413e99bc50d5f6b9332a39342d26067bf03357b19168befed7982d3f75109c9f15","ssdeep":"384:azgRCXev6L14ZVu2bFi5bSEH2tyFFfx0QXZ+fSI+siN0tqU18IpJJTLNjRCp8+Od:ZCl1GVzi5+ad50Qp+asAtUaaJ5NjR1X","tlshash":"8db2d04da3f4fe1993181e02a0bbdcf1625682368327db693d765c54b7982ca18736ce","first_seen":"2023-05-05T03:08:08Z","last_seen":"2026-04-01T20:46:11.687378Z","times_seen":1093,"resource_available":false,"data":null}},"time_used":286,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":285,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Dec 2025 17:10:12 GMT","end":"Tue, 03 Mar 2026 17:10:11 GMT"},"fingerprint":{"sha1":"FD:7E:C1:AD:46:F2:E8:6C:37:B0:63:FB:FC:4F:E1:A4:54:31:6F:25","sha256":"8F:8D:94:FF:49:11:2A:AC:98:A0:69:08:3E:D2:92:39:94:3A:45:A8:AD:44:E5:6F:7B:1E:27:32:E6:75:86:8D"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mg598.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 21 Jan 2026 00:01:19 GMT\r\nexpires: Thu, 21 Jan 2027 00:01:19 GMT\r\ncache-control: public, max-age=31536000\r\nage: 47345\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-04-05T09:48:38.647865Z","times_seen":199892,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":82,"dns":7,"connect":20,"send":0,"wait":32,"receive":10,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/assets/img/flags/en.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/assets/img/flags/en.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\ncontent-type: image/png\r\ncontent-length: 609\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\netag: \"62d647f2-261\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nQpJaRvz%2FesWgcyvtJKlv9VOHekj%2BsIgsqDe%2FGpIwBHoeIHXGGS5e4DA3Eg9R1ScIK2DE%2FAJMqOlzMfEJmSA9HGe2YMBNq73\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9c170d389f2523eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":609,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced","md5":"968591e0050981be9fa94bd2597afb48","sha1":"dd9e149e2b5ad59dd8b4b262f5fdeb5cc10ecf43","sha256":"36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585","sha512":"ba8e09654cff264d428b1b3cf6df764699c6a754f2db329643881fb75cc8647a9c2777f05bb8c0d81b9d648d345796ffdb14fd231e2bb1caf71530098d12f219","ssdeep":"","tlshash":"9cf002c1fb856ae9e16a52610d7a16701c07c3a4217640a46c26ded41929f0dc2d8221","first_seen":"2023-04-07T17:29:43Z","last_seen":"2026-04-05T07:00:37.485666Z","times_seen":6431,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/iHOjnygPdOMIDICsimZMAMoE0b3NXYGInqETeSBo.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/iHOjnygPdOMIDICsimZMAMoE0b3NXYGInqETeSBo.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 31 Aug 2022 21:30:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd2de-cc92\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OUKwmEqhdZp%2BQnlGsdG5nFLXMY%2Byj2QRUHCMuxehheiubta7IqqNy5PHvhXFhzguAZ92%2BYQYt%2BEDRbqVrqbA8akWjoeTK0OS\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3a6f7e23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":52370,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced","md5":"d08962c167054acb565d56968900c1fa","sha1":"4cc291ef506c6fb22a3de27f841d3ceb323ee100","sha256":"ff07f347264bcdfb55dcd9cf9de62d8046c0dfdf9f884842668d5fe1b5250936","sha512":"a934b9983fe775423960bf0c455289d53ee99c17f910077fed8726949010b793f6478f9ca0dd17043b45af75f2775103242280355b7405422fce81aacf12fe77","ssdeep":"768:f8ueIlJrC5bSVFPp3yHRq7+8p6LqSHE2JTk1EdYzX51YwzYcJgOonT8iQhB:q5bS8HWNFURAEOzJ1xYc+OImB","tlshash":"2a3301411e2cd360e33c722fd19e2b25b5f361a14e2f716a70829bc657325ea4e39d2d","first_seen":"2023-05-05T03:08:08Z","last_seen":"2026-04-01T20:46:11.63152Z","times_seen":856,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":69,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/assets/img/avatar-place.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/assets/img/avatar-place.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 19 Jul 2022 05:58:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62d647f2-891\"\r\nexpires: Fri, 20 Feb 2026 13:10:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SmccjkdCGV1QUAED%2BL1fWKSevIks5JROey7wmOUDrPY7iebwekon3bOnSf4aTAzwsrs8Y6zEE7VhKOkYiJUfMZlL2wqyy20z\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d311de523eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2193,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit colormap, non-interlaced","md5":"ef7330479dbe02e220ad6dee9998df64","sha1":"c433e1915c00ba4693a76958b9f1cc45df4a0bbe","sha256":"54efe0671051e55fa2622b0bdfdf959389a82840f6a42c06acf99b7f8eb97da8","sha512":"65af67af6f5bea168f6e26162fc439adbfd4a3972759db3f21c426249150acb4a648f920fafbf4ecda9f36a6f8b2628ff1edb81218b9dfeef437741127609cba","ssdeep":"","tlshash":"d24107cf65193f4dd1e5163aa0acea3176c0c01a42fb56040c8868e92c73e54ee39fbb","first_seen":"2023-05-04T05:57:30Z","last_seen":"2026-04-01T20:46:11.61251Z","times_seen":1889,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/dKDjrCqQs5L8XembeZk3oENQe3sHOckPagdtzwL6.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:25.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/dKDjrCqQs5L8XembeZk3oENQe3sHOckPagdtzwL6.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:25 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 31 Aug 2022 21:32:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fd356-11576\"\r\nexpires: Fri, 20 Feb 2026 13:10:25 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mU7PGpMHLbKiGLoBntd%2F2N5XvNXfKdwcUcRbF23cIQ4MUHVEIPCwP%2BU3vD89zaJwcZHPV%2B2aU7pvBgHfxSAIxwA%2FQ%2FNIii2I\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3a7f7f23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":71030,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"e67671da06e2c7eb39def44488dd6d75","sha1":"4ba20a1a65734bdb200838132f7b532feb3842f8","sha256":"caa02494b7d4bbd47c3a2b6c4e7d0ef6d046bead252f4f832eb420bb05d304d7","sha512":"890fe4d1f80e3f04f87a4c16db634b55b830b2f42550cae947e9bd872ab481a29f7c2e4541c58877635febd6977feb69086b1087d79a9bdc9ab3d99bceb9bca6","ssdeep":"1536:9Fn3SwMP6uVgZfbFgJP+ZIxqxy+FzJfsV4lJBGA:Hn3vMPzMFgJP3qx1FzJfZJBGA","tlshash":"016302b2c76da1bc04a572ba3f61d4ab41c360c94c59b80e897d39389b657c858f7bc3","first_seen":"2023-05-05T03:08:08Z","last_seen":"2026-04-01T20:46:11.642151Z","times_seen":1191,"resource_available":false,"data":null}},"time_used":320,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":258,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/ua1iQnKRsvfTWiLqjKPqeBChw7dYUjFRFT0z3HTO.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:26.430Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/ua1iQnKRsvfTWiLqjKPqeBChw7dYUjFRFT0z3HTO.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 05:55:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6906f245-ef6f\"\r\nexpires: Fri, 20 Feb 2026 13:10:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WstThb6jq%2FdGc%2Fb08h7iGanHrYI9gZjD0Cxmvm7FcLAR%2Bmn7w8Z7BA62HfmYnyWmeLCbzSNGLNcGScoJ3NgQOhpmXCQKbs%2Br\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d3f281923eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":61295,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 430 x 430, 8-bit/color RGBA, non-interlaced","md5":"2872d6d5fae3d0c4f37b817b94cdd88b","sha1":"219d9ac236162ca7d1d72d2e214eadf6cbf7e16d","sha256":"41b9674b25a0c622d85b70e779eec97546e1803099247fe7ad183fb8fc21deb4","sha512":"9533e0f3e40ed774f7909f5a866e233b50f4f7754f30d3aa691b37c52be7bba48186458a1ab577620288d9ddc899d926487c66fa057819990acd26cc8450e76b","ssdeep":"1536:5rayK2LJyUThF5nzaV4823irAjcxHdNRWLjOi//fMBF:5uyKKkS352482SLxHdNcd/fC","tlshash":"9853f1835d5bc5e8a2522b8eb0f725041ad0fed40e81067f2b4725c1bfa62f45de12ae","first_seen":"2026-01-21T13:10:54.547486Z","last_seen":"2026-01-21T13:10:54.547486Z","times_seen":1,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":53,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/GGZ5wZNeadq270zJPPPxaX0seHazU9wa1jSfwENC.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:27.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/GGZ5wZNeadq270zJPPPxaX0seHazU9wa1jSfwENC.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:27 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 02 Nov 2025 05:57:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6906f2d4-a1ac\"\r\nexpires: Fri, 20 Feb 2026 13:10:27 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IyqyQaYMRVl0ka8pmbx%2FOMUZvuaTFblU%2B50GI7XsZjw%2FNyGWErfRlVmiEJIstdTw2FcqG6DNtx0p45%2BPzDGRdDC5HSAz8f0z\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d4308ab23eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":41388,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 430 x 430, 8-bit/color RGBA, non-interlaced","md5":"5b6f2616576db4c4f6f10d4aa80865fc","sha1":"c10c70c3cd539b88f0e461446027856d9fa1f2e2","sha256":"c5c91f0e26c35cbb3fe8b34c46bea31f5f012a34c77ff913e657f07a63ca1941","sha512":"dea5392bab82ce8086210cc49d157d45d927bbbd726afb8be33e6420952798d0e0caf3adbc3123c14a3ef73a1b4af847b322f5f69f6364659dd095f00831c5ea","ssdeep":"768:Q+YvQkJV5woUc1xkTMv+aYZl2jNoFrf7jPln1zJZItXbOvLmBeQX+scE:Q+YdV5woRkGoA6Frf751QtUi8y","tlshash":"6203f25d001e097c40eb3ec8099a92d1aaa2d278dbf4a7d81960df76e4f4235dc93b57","first_seen":"2026-01-21T13:10:54.548391Z","last_seen":"2026-01-21T13:10:54.548391Z","times_seen":1,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":131,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mg598.ru/public/uploads/all/DgkmdoOnXoABkLpCYiQ0uMqiCEBWsLV0gDMhfKu3.png","fqdn":"mg598.ru","domain":"mg598.ru","tld":"ru"},"ip":{"addr":"172.67.155.193","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mg598.ru/","date":"2026-01-21T13:10:24.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mg598.ru","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 19:43:12 GMT","end":"Sat, 07 Mar 2026 20:41:47 GMT"},"fingerprint":{"sha1":"07:A7:C2:5E:5E:80:DC:DB:69:2E:C1:4D:99:F8:94:97:B0:8F:80:49","sha256":"67:0E:E9:F6:E7:C5:D1:F3:4E:81:A6:C3:93:FC:05:C5:EF:0E:79:68:BB:7E:94:97:4E:D9:F3:EC:84:6E:6D:6C"}}},"request":{"raw":"GET /public/uploads/all/DgkmdoOnXoABkLpCYiQ0uMqiCEBWsLV0gDMhfKu3.png HTTP/1.1\r\nHost: mg598.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mg598.ru/\r\nCookie: snowball_space_session=1pKf1FbLgqoQ8Pm2xXb9QZRMClcekRl7YhM9bvLy\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 21 Jan 2026 13:10:24 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 31 Aug 2022 21:15:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630fcf5c-149f27\"\r\nexpires: Fri, 20 Feb 2026 13:10:24 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5xY8%2F8jaOoJV%2B8vaUfGkXnp0JT62ADjDtjxJIuvYFoZ8FdKbEsf0oqLrEkcE%2FypWSbVff1cAhEpEKjU2Bl5AtmUsSN9J37bF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c170d311de223eb-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1351463,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1500 x 598, 8-bit/color RGBA, non-interlaced","md5":"f19daec54b5468d4bc01288dbd2eadc7","sha1":"256da978cfb636c4fb07439d9e9a9521d6b87cc6","sha256":"4968b981e47aaef45f11df59acda32fdbd19b78d86418bd3b26a3cb635503731","sha512":"1a8766731e8f6057ac090b1d0019e4ec5830a87fd89821fe9f18147017c5e8bc790d9db13a28fef81fc941815157903dc4679e87bf34c63c4bdbf5cf76390d2c","ssdeep":"24576:wucXsUbdeiN4nIee30BecOC2yM/kHO/qF:MXsUN4ICecblHOSF","tlshash":"a2253331fede6d6867735e55b72b2c2369ea85d2c930715c0081a0e9605fac82cf9fb1","first_seen":"2024-01-15T04:46:18Z","last_seen":"2026-04-01T20:46:11.610126Z","times_seen":54,"resource_available":false,"data":null}},"time_used":598,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":263,"receive":335,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-21","alert":"Sinkholed","trigger":"mg598.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}