{"report_id":"bfb619c8-2781-44eb-a8ce-89e58188c16b","version":6,"status":"done","tags":[],"date":"2026-04-05T13:17:05Z","url":{"schema":"https","addr":"swg-go.ru/","fqdn":"swg-go.ru","domain":"swg-go.ru","tld":"ru"},"ip":{"addr":"194.58.91.46","port":0,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"swg-go.ru/","fqdn":"swg-go.ru","domain":"swg-go.ru","tld":"ru"},"title":"SWAGA","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"swg-go.ru/","fqdn":"swg-go.ru","domain":"swg-go.ru","tld":"ru"},"ip":{"addr":"194.58.91.46","port":0,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-10T13:17:05Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"swg-go.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-03-29T22:16:18.281815Z","alert_count":0,"request_count":6,"received_data":197392,"sent_data":3272,"comment":"","tags":null,"fingerprints":null},{"fqdn":"swg-go.ru","ip":{"addr":"194.58.91.46","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"domain_registered":"2026-01-07","domain_rank":0,"first_seen":"2026-04-05T13:17:05.741724Z","last_seen":"2026-04-05T13:17:05.741724Z","alert_count":5,"request_count":5,"received_data":284617,"sent_data":2188,"comment":"","tags":null,"fingerprints":[{"name":"PHP:8.3.27","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-29T22:20:07.848058Z","alert_count":0,"request_count":1,"received_data":11856,"sent_data":461,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"swg-go.ru/","fqdn":"swg-go.ru","domain":"swg-go.ru","tld":"ru"},"ip":{"addr":"194.58.91.46","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"8857ce3600629acc50bdd91ae3357de6","sha1":"b55648881541f3ce7ef0c0a907684463a03c4aa5","sha256":"2d604f51b976c75d87505b9cf3f16b817f7b87a5885be991c3f606c13d63dbf7","sha512":"1ad9d108f65a7664f75385b3415a86d86b7a613b43b656429fdf09812fe2a892e23b2175699dcdf310229546241036c333edae42ec0d50797965aecab9a50d28","ssdeep":"","tlshash":"95419663b5d1357382fbf27b62bfe308203364194907c484aa36e8864c6056e253f99d","size":2287,"data":"","first_seen":"2026-04-05T13:17:09.116568Z","last_seen":"2026-04-05T14:25:36.022913Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://swg-go.ru/","date":"2026-04-05T13:16:44.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://swg-go.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Apr 2026 21:23:23 GMT\r\nexpires: Sat, 03 Apr 2027 21:23:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 143601\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-04-06T10:12:46.414668Z","times_seen":65544,"resource_available":false,"data":null}},"time_used":325,"timings":{"blocked":153,"dns":3,"connect":7,"send":0,"wait":12,"receive":6,"ssl":141},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://swg-go.ru/","date":"2026-04-05T13:16:44.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://swg-go.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23664\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 18:14:15 GMT\r\nexpires: Sun, 04 Apr 2027 18:14:15 GMT\r\ncache-control: public, max-age=31536000\r\nage: 68549\r\nlast-modified: Wed, 18 Feb 2026 19:51:36 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23664,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23664, version 1.0","md5":"f92ee388273b5931a1b09a41d3906a3a","sha1":"d38fbadd1b1ceccffbfb43f677698f3a7112f0b4","sha256":"481dd0c01e6bbb129fd147eb5d8571016193cba141c4627ca60ceabdb5a46ea8","sha512":"a3a042b0a845b46de4c272bca16e48d5f332386dc3d4e6e8cf4ebc63238950c265d5a1b3955d257ff12fa3ced224ff11818385256786612130bd35dbd5fe2033","ssdeep":"384:GnNWef/I43MJlQUfZZgeoBpKtbPjHdLE+igeN/T67+mFirVAfPdixSNCsugG3iMF:GsCvIOUfZaeoytbZLE+i9pT67+/rVSdO","tlshash":"96b2e012e6c8bdf6e0c1093e25317ecb298fd9eba8724c624c1ab95d339257c5819d4c","first_seen":"2026-02-19T22:49:57.285177Z","last_seen":"2026-04-06T10:16:33.261366Z","times_seen":3386,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":135,"dns":1,"connect":9,"send":0,"wait":8,"receive":5,"ssl":123},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://swg-go.ru/","date":"2026-04-05T13:16:44.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://swg-go.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 29392\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 01:57:31 GMT\r\nexpires: Sun, 04 Apr 2027 01:57:31 GMT\r\ncache-control: public, max-age=31536000\r\nage: 127153\r\nlast-modified: Wed, 18 Feb 2026 19:51:43 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29392,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 29392, version 1.0","md5":"a6323dda0842401b2923554d0ed8945f","sha1":"6a5e89b2f9b47f5a2fb11831479c02b4eebe3089","sha256":"cedb374b05a35034cf96db185db4eeb8f8ce49e1a56197673702ff11b5533d6e","sha512":"6fe8df13c6dbc738b1cfd40c14bda19dca6114b3a4f521ff46fa7ebe25f6ce11046b7d41c1a8528d2294afea5a1c985ff43db37a2de028c1fb61b7197210dac1","ssdeep":"384:Wz9Te6aaq6lpCaascbVjmWd8NifWrHJi9grlYlMl1EfUxFvskjZAFWiMhv4K6Nb2:u9jN2bVjmWQFqgskSWiVK6NbKd","tlshash":"65d2f15cb579c636a098e4b70df5e3bf9599cb39224b9b288341c0385aa3941e442b97","first_seen":"2026-02-19T22:46:38.271285Z","last_seen":"2026-04-06T07:13:41.220651Z","times_seen":3317,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":137,"dns":0,"connect":0,"send":0,"wait":20,"receive":2,"ssl":78},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"swg-go.ru/log.php","fqdn":"swg-go.ru","domain":"swg-go.ru","tld":"ru"},"ip":{"addr":"194.58.91.46","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://swg-go.ru/","date":"2026-04-05T13:16:44.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.swg-go.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 07 Jan 2026 15:24:14 GMT","end":"Sun, 09 Aug 2026 15:24:14 GMT"},"fingerprint":{"sha1":"20:D2:F1:D4:AE:4C:11:F1:4A:F0:69:F4:ED:F6:76:2D:12:7A:70:6D","sha256":"95:48:CB:C1:9D:B2:9C:B7:B5:BB:BD:3E:61:A4:9B:A3:4D:C0:50:12:89:C0:06:4F:A1:00:B6:17:C2:37:A0:17"}}},"request":{"raw":"POST /log.php HTTP/1.1\r\nHost: swg-go.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://swg-go.ru/\r\nContent-Type: application/json\r\nContent-Length: 26\r\nOrigin: https://swg-go.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":26,"data":"{\"event\":\"visit\",\"ref\":\"\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Apr 2026 13:16:44 GMT\r\ncontent-type: application/json\r\ncontent-length: 31\r\nx-powered-by: PHP/8.3.27\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, OPTIONS\r\naccess-control-allow-headers: Content-Type\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.3.27","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"82380d1e263b6093f3c7535690fcdd75","sha1":"022d91f218046ab2e61cac1eb13d6a718f75df2b","sha256":"4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93","sha512":"180ea3cf6e7a00cb12ecff7ce095b8cef1921621de681a64e5e53e3efc0cf6053e557205f2bdb9b9d5af4de3d54c79d1c9b1c474b83897590c647b1e92d9c93a","ssdeep":"","tlshash":"2a500003000c0030c00003000300ff30000300300000000c000c3000033000c0003c03","first_seen":"2023-04-05T15:24:10Z","last_seen":"2026-04-06T08:49:10.378341Z","times_seen":6981,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"swg-go.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"swg-go.ru/favicon.ico","fqdn":"swg-go.ru","domain":"swg-go.ru","tld":"ru"},"ip":{"addr":"194.58.91.46","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://swg-go.ru/","date":"2026-04-05T13:16:44.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.swg-go.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 07 Jan 2026 15:24:14 GMT","end":"Sun, 09 Aug 2026 15:24:14 GMT"},"fingerprint":{"sha1":"20:D2:F1:D4:AE:4C:11:F1:4A:F0:69:F4:ED:F6:76:2D:12:7A:70:6D","sha256":"95:48:CB:C1:9D:B2:9C:B7:B5:BB:BD:3E:61:A4:9B:A3:4D:C0:50:12:89:C0:06:4F:A1:00:B6:17:C2:37:A0:17"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: swg-go.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://swg-go.ru/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Apr 2026 13:16:44 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\ncontent-length: 15406\r\nlast-modified: Sat, 21 Mar 2026 10:50:58 GMT\r\netag: \"3c2e-64d8693a688ef\"\r\naccept-ranges: bytes\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15406,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"59e5fc9d8df922c3c7cc3572a24f871f","sha1":"d3662302a70547a3a85e3fd6f309c2c45f1841dc","sha256":"79e530c49d91af654f19ac0251bbc435ed044b116de0bd8fc185b0b88b57194c","sha512":"f3663ea945fb67f1e4d17f010f9a9ae19e9054f960a90306ecca2181fc449ebcddca852bd4ad0f407c20ac66a897e9fd1da459f026aced3b604653375e1adc50","ssdeep":"384:e2OJ8zxnZSW5AysIm6QWHXcXx6PffjNlkhNVqKLlCAQaTR:epJ8zxZr57Yd8FPBlI8KxCwT","tlshash":"87624d3c4fa9dc16c3a60fb94df2e56ad0b8c2401d5a9502de0688db6f39f8c3e42581","first_seen":"2026-04-05T13:17:09.112568Z","last_seen":"2026-04-05T14:25:36.015792Z","times_seen":2,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"swg-go.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"swg-go.ru/","fqdn":"swg-go.ru","domain":"swg-go.ru","tld":"ru"},"ip":{"addr":"194.58.91.46","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-05T13:16:43.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.swg-go.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 07 Jan 2026 15:24:14 GMT","end":"Sun, 09 Aug 2026 15:24:14 GMT"},"fingerprint":{"sha1":"20:D2:F1:D4:AE:4C:11:F1:4A:F0:69:F4:ED:F6:76:2D:12:7A:70:6D","sha256":"95:48:CB:C1:9D:B2:9C:B7:B5:BB:BD:3E:61:A4:9B:A3:4D:C0:50:12:89:C0:06:4F:A1:00:B6:17:C2:37:A0:17"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: swg-go.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Apr 2026 13:16:44 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-powered-by: PHP/8.3.27\r\ncache-control: max-age=0\r\nexpires: Sun, 05 Apr 2026 13:16:44 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: camera=(), microphone=(), geolocation=()\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:8.3.27","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":19347,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3255)","md5":"3aa0d456c7108ac9841b0cfbeedb3931","sha1":"a21a1808cf7d7553f4497639e42c04c08d13d6d6","sha256":"997eecbefbab3d8feb3ffee670f9cee0e69b5f6d538688c180d86285e22ebec8","sha512":"88051382ac6c2c635db51bd04a7c47edf72debaa10a383d2ff7a6c5eba356a416a987c6ff3568ca4193beca371a42791abeed3c9e33c08502eab5fd503c8cc0b","ssdeep":"384:DIsPD4EvSEicmqPOqVbeE45TVxtNbGPq/w:DbdvZHbLVbqTVxtNbG1","tlshash":"1892fb63bef0f06a688bc061edbe670f3031944bdd4b06857b96a538cbd3ed5553260a","first_seen":"2026-04-05T13:17:09.11361Z","last_seen":"2026-04-05T14:25:36.019905Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1200,"timings":{"blocked":579,"dns":39,"connect":28,"send":0,"wait":38,"receive":0,"ssl":512},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"swg-go.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@400;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://swg-go.ru/","date":"2026-04-05T13:16:44.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:41 GMT","end":"Mon, 08 Jun 2026 08:38:40 GMT"},"fingerprint":{"sha1":"03:81:A0:0E:E1:9B:80:A3:BC:CD:F9:25:A5:7B:8A:43:07:22:C6:00","sha256":"73:8D:9A:B1:F0:C3:6E:8F:EE:C0:2F:99:C8:89:24:16:9A:DB:D1:9C:27:5D:8A:7A:A8:2B:0E:10:42:28:53:7F"}}},"request":{"raw":"GET /css2?family=Roboto:wght@400;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://swg-go.ru/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 05 Apr 2026 13:16:44 GMT\r\ndate: Sun, 05 Apr 2026 13:16:44 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11170,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"261808772a38bee61a32aa80be774008","sha1":"7fef323fd8fdbb99eb6ebfd2678c73afc7e7e83b","sha256":"02277c4df3590949344a542c33081bb91aef4d64b4d68684d6679c8aa59eccf2","sha512":"e0a343fc046cfde2b059e823bb41566f1cf929b809bbc527fa2d9e33c613edd58802da4e2c4e5d8b601e1be2027ed32e34ed413671a8aa5a51bce84142f5002e","ssdeep":"192:2N9fmN9fN94N9fkN9/qbN9DbqGIwV4BN9nN9uwN9iN9fXN9uN9NN9fZN9/qqN9DK:89fM919W969yh9/qY4X9N9t949fd9k9E","tlshash":"a3321fa1041744009b838ce223cebf35fe1f52117142d0b5abfd9b6baddbca6526936d","first_seen":"2026-02-19T22:49:36.283016Z","last_seen":"2026-04-06T10:08:13.179916Z","times_seen":1656,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":88,"dns":1,"connect":7,"send":0,"wait":18,"receive":0,"ssl":78},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://swg-go.ru/","date":"2026-04-05T13:16:44.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://swg-go.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 29392\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 01:57:31 GMT\r\nexpires: Sun, 04 Apr 2027 01:57:31 GMT\r\ncache-control: public, max-age=31536000\r\nage: 127153\r\nlast-modified: Wed, 18 Feb 2026 19:51:43 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29392,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 29392, version 1.0","md5":"a6323dda0842401b2923554d0ed8945f","sha1":"6a5e89b2f9b47f5a2fb11831479c02b4eebe3089","sha256":"cedb374b05a35034cf96db185db4eeb8f8ce49e1a56197673702ff11b5533d6e","sha512":"6fe8df13c6dbc738b1cfd40c14bda19dca6114b3a4f521ff46fa7ebe25f6ce11046b7d41c1a8528d2294afea5a1c985ff43db37a2de028c1fb61b7197210dac1","ssdeep":"384:Wz9Te6aaq6lpCaascbVjmWd8NifWrHJi9grlYlMl1EfUxFvskjZAFWiMhv4K6Nb2:u9jN2bVjmWQFqgskSWiVK6NbKd","tlshash":"65d2f15cb579c636a098e4b70df5e3bf9599cb39224b9b288341c0385aa3941e442b97","first_seen":"2026-02-19T22:46:38.271285Z","last_seen":"2026-04-06T07:13:41.220651Z","times_seen":3317,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":198,"dns":0,"connect":7,"send":0,"wait":8,"receive":1,"ssl":185},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://swg-go.ru/","date":"2026-04-05T13:16:44.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://swg-go.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23664\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 18:14:15 GMT\r\nexpires: Sun, 04 Apr 2027 18:14:15 GMT\r\ncache-control: public, max-age=31536000\r\nage: 68549\r\nlast-modified: Wed, 18 Feb 2026 19:51:36 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23664,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23664, version 1.0","md5":"f92ee388273b5931a1b09a41d3906a3a","sha1":"d38fbadd1b1ceccffbfb43f677698f3a7112f0b4","sha256":"481dd0c01e6bbb129fd147eb5d8571016193cba141c4627ca60ceabdb5a46ea8","sha512":"a3a042b0a845b46de4c272bca16e48d5f332386dc3d4e6e8cf4ebc63238950c265d5a1b3955d257ff12fa3ced224ff11818385256786612130bd35dbd5fe2033","ssdeep":"384:GnNWef/I43MJlQUfZZgeoBpKtbPjHdLE+igeN/T67+mFirVAfPdixSNCsugG3iMF:GsCvIOUfZaeoytbZLE+i9pT67+/rVSdO","tlshash":"96b2e012e6c8bdf6e0c1093e25317ecb298fd9eba8724c624c1ab95d339257c5819d4c","first_seen":"2026-02-19T22:49:57.285177Z","last_seen":"2026-04-06T10:16:33.261366Z","times_seen":3386,"resource_available":false,"data":null}},"time_used":398,"timings":{"blocked":194,"dns":3,"connect":41,"send":0,"wait":9,"receive":1,"ssl":136},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"swg-go.ru/swagaplaybot.jpg","fqdn":"swg-go.ru","domain":"swg-go.ru","tld":"ru"},"ip":{"addr":"194.58.91.46","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://swg-go.ru/","date":"2026-04-05T13:16:44.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.swg-go.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 07 Jan 2026 15:24:14 GMT","end":"Sun, 09 Aug 2026 15:24:14 GMT"},"fingerprint":{"sha1":"20:D2:F1:D4:AE:4C:11:F1:4A:F0:69:F4:ED:F6:76:2D:12:7A:70:6D","sha256":"95:48:CB:C1:9D:B2:9C:B7:B5:BB:BD:3E:61:A4:9B:A3:4D:C0:50:12:89:C0:06:4F:A1:00:B6:17:C2:37:A0:17"}}},"request":{"raw":"GET /swagaplaybot.jpg HTTP/1.1\r\nHost: swg-go.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://swg-go.ru/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Apr 2026 13:16:44 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 16065\r\nlast-modified: Sat, 21 Mar 2026 12:55:40 GMT\r\netag: \"69be954c-3ec1\"\r\nexpires: Wed, 20 May 2026 13:16:44 GMT\r\ncache-control: max-age=3888000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16065,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 320x320, components 3","md5":"3f2f875e9e93f1a4bee9617ca55cea46","sha1":"cbc431cad9ecbba70855d3798726b7f5b46d94d5","sha256":"b50a9d234cbb48787e35d66d22c9d9fed117b5d78c84e60a841c7f3cfb1ec931","sha512":"e683d03ee5caf44b04edf0316898a70ad5cc2633c04a540be6d8cd8f1ef0c12f7c26c293c4d11a4c28dbb5ac836305428ef7cfe03184ab34c8a063ca8f849984","ssdeep":"192:UjYr3r2+1fBKaD4S3gedQNX2s7tDACwzw/GhyHXZXAhFBIwNBpt7WZovZfPfmssU:UcfBLues/JDQE1JAnNBaZYG9EN1","tlshash":"eb72c0f339a243abbab40690cf637f555f695f11e672d5ed33c5608afc43a148419e08","first_seen":"2026-04-05T13:17:09.115167Z","last_seen":"2026-04-05T14:25:36.016975Z","times_seen":2,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"swg-go.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"swg-go.ru/pattern.svg","fqdn":"swg-go.ru","domain":"swg-go.ru","tld":"ru"},"ip":{"addr":"194.58.91.46","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://swg-go.ru/","date":"2026-04-05T13:16:44.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.swg-go.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 07 Jan 2026 15:24:14 GMT","end":"Sun, 09 Aug 2026 15:24:14 GMT"},"fingerprint":{"sha1":"20:D2:F1:D4:AE:4C:11:F1:4A:F0:69:F4:ED:F6:76:2D:12:7A:70:6D","sha256":"95:48:CB:C1:9D:B2:9C:B7:B5:BB:BD:3E:61:A4:9B:A3:4D:C0:50:12:89:C0:06:4F:A1:00:B6:17:C2:37:A0:17"}}},"request":{"raw":"GET /pattern.svg HTTP/1.1\r\nHost: swg-go.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://swg-go.ru/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 05 Apr 2026 13:16:44 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sat, 21 Mar 2026 10:50:57 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69be7811-3891a\"\r\nexpires: Wed, 20 May 2026 13:16:44 GMT\r\ncache-control: max-age=3888000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":231706,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d0c22c6a97023d85ba6e644a41c44a5d","sha1":"4284efb616c182da4450c123174ce0e81a322845","sha256":"118add53487c02aaf5b5ab9f69380fa06717deb10492e14aaa487e3c62806ad4","sha512":"da96462f4f999bb65509d32e4d5d2e1fd74555ce78d43e5f80fc350155bce59250337cd1796b17d2132f39429b5e3fd95d05101ee9f9b29bce2bb7b44b6e4eb8","ssdeep":"1536:XVU9J794HJ4E7mwNUiRPt5jmU7LxmMS2S1J7g8tEqcqMWKB5v:Xew7ePc","tlshash":"0a34c1834304f7fbada582589b3814e971c29debd430e1d475bb2d52da0ccd8598cbea","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T09:45:32.469835Z","times_seen":63371,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-05","alert":"Sinkholed","trigger":"swg-go.ru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://swg-go.ru/","date":"2026-04-05T13:16:44.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://swg-go.ru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Apr 2026 21:23:23 GMT\r\nexpires: Sat, 03 Apr 2027 21:23:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 143601\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-04-06T10:12:46.414668Z","times_seen":65544,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":150,"dns":0,"connect":8,"send":0,"wait":18,"receive":4,"ssl":138},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}